Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uliPkQdcwUL3IqGWEJniW9eF2yo.roa
File: uliPkQdcwUL3IqGWEJniW9eF2yo.roa (raw, json)
Hash identifier: j8PvCj9x79v/+6II8b7Wmtu9FrlFeHdeA0X5C/5hcbk=
Subject key identifier: BA:58:8F:91:07:5C:C1:42:F7:22:A1:96:10:99:E2:5B:D7:85:DB:2A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D0D7D52A4E3A3178CD0449EB3ACBD3DBD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uliPkQdcwUL3IqGWEJniW9eF2yo.roa
Signing time: Mon 15 Jan 2024 14:18:53 +0000
ROA not before: Mon 15 Jan 2024 14:18:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0d:7d:52:a4:e3:a3:17:8c:d0:44:9e:b3:ac:bd:3d:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 15 14:18:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba588f91075cc142f722a1961099e25bd785db2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:16:2b:76:83:06:80:e5:c7:ce:c8:52:85:ee:
4b:5c:14:50:c9:1a:38:61:5c:0b:cc:87:41:64:ae:
b3:b4:5f:48:f8:47:24:61:e6:f9:00:a5:f0:33:04:
2b:7f:25:34:78:65:48:ed:04:ef:a9:0b:d5:76:8c:
41:d7:5b:08:59:8a:d1:53:2e:d7:08:46:c9:69:f8:
76:cc:82:72:c6:ff:cd:76:c3:b6:d1:c0:89:c8:0c:
c9:c4:2a:de:95:53:45:8d:65:43:49:57:2b:1e:d2:
48:5a:d2:ca:25:f2:97:66:99:2d:51:ad:c1:4c:8d:
e5:45:e4:a9:6f:55:27:b0:24:82:41:7d:37:19:ed:
f7:95:78:69:d7:58:75:59:c1:5d:c3:2a:fa:91:7b:
a4:a3:fe:90:23:14:b0:23:59:2a:49:75:ef:0f:ed:
3d:8f:d6:27:4b:83:14:59:79:33:a8:e0:08:e9:f1:
2b:3f:b2:5a:0d:bd:38:1d:79:02:a4:2e:4d:dc:e4:
b6:4e:88:5d:4f:8d:f0:d2:27:d4:d0:12:e8:c0:9e:
b1:7f:ec:a4:8c:8e:4e:94:3e:ac:7c:f1:76:c8:5f:
a1:2f:28:d3:d2:d5:19:b4:af:cb:a4:2e:a4:9d:24:
1c:58:9c:80:45:30:82:92:a7:fc:8c:82:5a:f6:15:
c7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:58:8F:91:07:5C:C1:42:F7:22:A1:96:10:99:E2:5B:D7:85:DB:2A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uliPkQdcwUL3IqGWEJniW9eF2yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:c3:d0:24:df:e3:cf:8d:18:02:1d:fb:9f:ac:12:dd:d9:1d:
5f:43:4a:c7:20:14:2c:8b:3a:ec:72:90:0b:ce:57:ae:62:ac:
eb:6a:aa:52:63:54:f5:70:41:d8:e8:fa:95:6e:91:d9:15:39:
0d:86:bd:86:51:22:b3:f2:38:e7:72:82:ee:98:83:17:ac:52:
1f:91:b7:ac:eb:8b:cd:fc:d9:d3:7c:c2:a7:15:39:9b:b3:d8:
9d:d1:1c:be:90:58:2d:9f:7c:24:dc:02:18:76:04:d8:ed:91:
21:17:87:38:cb:e6:9c:4e:f3:cb:f8:49:3b:11:4a:2a:33:4d:
3f:9d:dc:59:61:71:e8:b4:b5:e3:1c:9e:d5:6a:5b:78:eb:07:
34:66:8f:10:f4:07:8a:c4:05:06:bd:86:7b:f8:d7:9f:4e:e1:
13:ed:bb:51:f7:f5:43:12:85:3c:e1:52:f2:a2:88:03:97:07:
17:48:27:e6:9f:43:b1:a2:52:76:11:55:d2:ca:05:60:bb:5a:
d6:8b:16:cc:65:be:ea:e9:a9:fa:aa:f3:5f:2a:ae:d1:83:72:
75:e0:f0:87:58:d0:f0:19:2f:59:68:4e:f2:bc:17:c0:c1:4a:
6f:96:06:e0:ed:c3:9d:dd:17:29:d6:51:61:47:2d:52:f6:8c:
be:92:6f:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0NfVKk46MXjNBEnrOsvT29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE1MTQxODUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTU4OGY5MTA3NWNjMTQyZjcyMmExOTYxMDk5ZTI1YmQ3ODVkYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhYrdoMGgOXHzshShe5LXBRQyRo4
YVwLzIdBZK6ztF9I+EckYeb5AKXwMwQrfyU0eGVI7QTvqQvVdoxB11sIWYrRUy7X
CEbJafh2zIJyxv/NdsO20cCJyAzJxCrelVNFjWVDSVcrHtJIWtLKJfKXZpktUa3B
TI3lReSpb1UnsCSCQX03Ge33lXhp11h1WcFdwyr6kXuko/6QIxSwI1kqSXXvD+09
j9YnS4MUWXkzqOAI6fErP7JaDb04HXkCpC5N3OS2TohdT43w0ifU0BLowJ6xf+yk
jI5OlD6sfPF2yF+hLyjT0tUZtK/LpC6knSQcWJyARTCCkqf8jIJa9hXHFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLpYj5EHXMFC9yKhlhCZ4lvXhdsqMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdWxpUGtRZGN3VUwzSXFHV0VKbmlXOWVGMnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF3D0CTf48+NGAId+5+s
Et3ZHV9DSscgFCyLOuxykAvOV65irOtqqlJjVPVwQdjo+pVukdkVOQ2GvYZRIrPy
OOdygu6YgxesUh+Rt6zri8382dN8wqcVOZuz2J3RHL6QWC2ffCTcAhh2BNjtkSEX
hzjL5pxO88v4STsRSiozTT+d3Flhcei0teMcntVqW3jrBzRmjxD0B4rEBQa9hnv4
159O4RPtu1H39UMShTzhUvKiiAOXBxdIJ+afQ7GiUnYRVdLKBWC7WtaLFsxlvurp
qfqq818qrtGDcnXg8IdY0PAZL1loTvK8F8DBSm+WBuDtw53dFynWUWFHLVL2jL6S
bxo=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:19:02 2025 by rpki-client