Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uLA0wicVppibuYPi8C_PuqgvZ7k.roa
File: uLA0wicVppibuYPi8C_PuqgvZ7k.roa (raw, json)
Hash identifier: brp+QkKhX5qe3zhkOwPddswn6XKTaf7fj4mZIvrFZss=
Subject key identifier: B8:B0:34:C2:27:15:A6:98:9B:B9:83:E2:F0:2F:CF:BA:A8:2F:67:B9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D48B0C188543C39D074F3BFBE534C4FA8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uLA0wicVppibuYPi8C_PuqgvZ7k.roa
Signing time: Sat 27 Jan 2024 02:12:39 +0000
ROA not before: Sat 27 Jan 2024 02:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:48:b0:c1:88:54:3c:39:d0:74:f3:bf:be:53:4c:4f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 27 02:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8b034c22715a6989bb983e2f02fcfbaa82f67b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b9:97:fd:01:b5:87:db:f7:f9:44:47:45:d1:
31:ac:08:cc:75:89:71:bf:07:0e:7b:49:e3:e1:45:
4a:90:0d:b3:f6:cc:c9:67:93:55:00:fb:27:4c:ce:
ab:e6:5c:5b:24:dc:39:e5:f8:da:0a:77:25:fa:2b:
fd:cb:e8:ed:76:5c:50:84:99:70:ff:99:79:ab:03:
c6:b1:17:2b:1c:02:6f:b5:65:3f:51:9e:45:36:bc:
ed:04:8c:a2:23:ef:27:f7:5a:37:4d:ee:ca:0e:5e:
58:0b:57:9c:da:84:84:cd:98:62:36:d5:56:0a:c8:
a3:b4:62:02:43:cd:29:e4:bf:ac:ee:ac:25:2d:a6:
e9:0a:67:a0:89:9d:1b:0b:cb:f9:0d:f7:03:17:77:
da:4a:53:fc:34:c3:60:ee:55:d8:04:a1:d8:95:b8:
90:eb:2e:20:54:64:7a:53:c6:d8:65:bf:8f:03:ae:
bc:65:ac:04:05:32:6b:b7:0e:86:3b:eb:30:cb:38:
12:da:3f:ff:75:4c:35:2d:dc:2b:2b:c2:0b:35:b2:
47:5c:75:c2:43:0c:4d:58:ba:03:3b:24:fd:ba:52:
b7:8c:c2:eb:1e:3f:71:83:b4:a9:66:9c:67:71:c6:
09:03:7b:2e:4c:15:6c:ee:fe:0b:24:a5:1a:b2:4f:
75:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B0:34:C2:27:15:A6:98:9B:B9:83:E2:F0:2F:CF:BA:A8:2F:67:B9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uLA0wicVppibuYPi8C_PuqgvZ7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:4d:8f:f8:58:d8:52:0d:9a:4c:fd:49:c3:29:cb:51:d1:c3:
bf:59:de:27:41:d9:33:8d:bd:c4:0e:13:8e:50:9e:17:3e:a6:
aa:8d:c5:9d:27:12:56:87:fa:e8:9b:4c:f0:ca:0f:6a:a8:a7:
2f:8c:2a:e9:37:60:1e:4a:44:ac:82:c8:46:ed:1b:85:44:2b:
85:2d:d0:72:6b:45:82:ea:9f:10:b0:5d:ae:f1:e9:c0:e9:90:
f0:40:df:f9:3a:90:13:3b:8b:df:bf:28:99:2e:75:f2:23:9c:
f1:b7:5f:04:a7:2b:8d:7e:07:7e:35:35:97:d1:0a:e6:f1:6c:
73:c1:8e:fb:c7:e3:b1:e9:9c:0a:52:2b:67:af:65:bd:1f:66:
04:f5:6d:73:9e:f5:eb:14:8b:34:36:79:40:8b:40:62:77:1e:
cf:13:f1:f3:8e:bf:4c:d9:65:ee:38:c1:66:ac:dc:a6:b1:d9:
75:b1:a6:1d:0c:49:cc:b6:75:a8:8e:6c:d1:9b:a6:de:81:6d:
35:be:a6:68:b5:a8:5f:5d:65:6e:dd:8c:59:b0:88:7a:15:85:
0d:b4:7f:7c:4f:01:12:39:33:08:f2:f8:f8:99:9f:0c:09:1e:
03:17:f9:46:2b:17:3a:4c:80:6a:6e:a2:67:5a:ba:41:57:91:
e6:c3:26:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1IsMGIVDw50HTzv75TTE+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI3MDIxMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGIwMzRjMjI3MTVhNjk4OWJiOTgzZTJmMDJmY2ZiYWE4MmY2N2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrmX/QG1h9v3+URHRdExrAjMdYlx
vwcOe0nj4UVKkA2z9szJZ5NVAPsnTM6r5lxbJNw55fjaCncl+iv9y+jtdlxQhJlw
/5l5qwPGsRcrHAJvtWU/UZ5FNrztBIyiI+8n91o3Te7KDl5YC1ec2oSEzZhiNtVW
CsijtGICQ80p5L+s7qwlLabpCmegiZ0bC8v5DfcDF3faSlP8NMNg7lXYBKHYlbiQ
6y4gVGR6U8bYZb+PA668ZawEBTJrtw6GO+swyzgS2j//dUw1LdwrK8ILNbJHXHXC
QwxNWLoDOyT9ulK3jMLrHj9xg7SpZpxnccYJA3suTBVs7v4LJKUask914QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLiwNMInFaaYm7mD4vAvz7qoL2e5MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdUxBMHdpY1ZwcGlidVlQaThDX1B1cWd2WjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEJNj/hY2FINmkz9ScMp
y1HRw79Z3idB2TONvcQOE45Qnhc+pqqNxZ0nElaH+uibTPDKD2qopy+MKuk3YB5K
RKyCyEbtG4VEK4Ut0HJrRYLqnxCwXa7x6cDpkPBA3/k6kBM7i9+/KJkudfIjnPG3
XwSnK41+B341NZfRCubxbHPBjvvH47HpnApSK2evZb0fZgT1bXOe9esUizQ2eUCL
QGJ3Hs8T8fOOv0zZZe44wWas3Kax2XWxph0MScy2daiObNGbpt6BbTW+pmi1qF9d
ZW7djFmwiHoVhQ20f3xPARI5Mwjy+PiZnwwJHgMX+UYrFzpMgGpuomdaukFXkebD
JmE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:28 2025 by rpki-client