Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uuORGUSi3cjou21KvBmnoNgdD7U.roa
File: uuORGUSi3cjou21KvBmnoNgdD7U.roa (raw, json)
Hash identifier: AFVDmBnsE5BtGAcQ/qDpaO8ZUe+79c9y3f0dimW6hoo=
Subject key identifier: BA:E3:91:19:44:A2:DD:C8:E8:BB:6D:4A:BC:19:A7:A0:D8:1D:0F:B5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EB3F753389D2B2BDABC75D8D41FB879CE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uuORGUSi3cjou21KvBmnoNgdD7U.roa
Signing time: Sat 06 Apr 2024 15:11:54 +0000
ROA not before: Sat 06 Apr 2024 15:11:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b3:f7:53:38:9d:2b:2b:da:bc:75:d8:d4:1f:b8:79:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 6 15:11:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bae3911944a2ddc8e8bb6d4abc19a7a0d81d0fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:11:96:ea:a2:72:1e:d8:90:7b:dd:5a:63:2a:
33:29:76:e6:15:78:b9:ac:e8:4a:6e:b7:ea:6e:ff:
87:e7:77:cc:32:57:e5:12:bc:21:f9:2b:a3:77:bb:
8d:2b:98:08:32:51:d8:b3:9d:13:a0:eb:2d:80:57:
a5:02:1d:33:ae:a5:b1:bd:4a:52:2c:e4:4e:f5:6e:
ab:1c:28:09:df:0f:50:a2:8f:a6:2d:02:18:81:fb:
f8:5e:8b:a9:fe:9d:6e:bf:fe:fd:9d:7d:0b:fe:a9:
4a:f5:06:81:9f:36:a0:63:3a:51:63:02:a0:2f:63:
ef:dd:c9:71:25:34:02:2c:dc:8c:52:10:8a:52:14:
95:25:11:77:b2:ac:4d:cd:c5:7d:84:46:01:89:32:
75:ba:4d:bc:a3:0e:df:2d:1e:f1:29:51:f3:a0:07:
12:fa:e4:19:f9:0d:bc:a9:b2:1e:30:e9:33:f0:64:
8e:89:bf:49:a0:87:e1:ce:51:9f:f4:b7:3d:a1:06:
d0:e7:8d:1a:f2:e8:70:d4:a3:74:89:d8:a0:40:4a:
d8:e1:83:70:9a:d8:78:a2:90:f6:88:22:4d:6e:87:
99:a9:e1:85:cb:bd:7e:36:ab:3a:e9:e1:70:d3:e2:
a9:27:ee:c9:86:ca:93:1c:a4:10:6b:dd:15:4d:53:
8a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E3:91:19:44:A2:DD:C8:E8:BB:6D:4A:BC:19:A7:A0:D8:1D:0F:B5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uuORGUSi3cjou21KvBmnoNgdD7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:6e:d8:db:08:aa:a9:12:6a:b4:10:e0:18:63:b6:b8:bd:d1:
25:ba:5b:6b:fb:3c:3d:4d:d5:fe:23:73:b7:29:20:50:df:35:
66:e0:af:52:b1:bd:79:67:29:91:ef:17:d3:d5:86:93:dc:0d:
fd:3e:b1:a0:15:1c:e0:47:a5:c5:f6:47:66:cd:c0:2d:02:c6:
2a:66:00:1b:85:63:57:5a:6f:b3:5e:f5:32:b2:a2:69:a1:1e:
be:e8:c3:6e:44:c6:df:49:f1:f3:a7:d7:bb:7d:86:b3:06:04:
5f:67:0b:b5:26:54:05:12:0f:0a:a6:a0:04:7d:2f:92:56:67:
09:8b:d8:39:73:af:b7:ca:63:58:17:6a:8c:6f:64:5e:df:4b:
1f:ff:fc:84:dd:b5:b7:95:8d:31:47:71:b2:6a:41:4c:c1:81:
fd:49:0e:10:1c:63:e6:4b:a3:2c:d9:d7:87:6e:9f:7e:51:5c:
c0:6b:c8:5c:2e:d0:d4:f8:bb:ce:e7:81:dd:66:a0:b3:98:5e:
4e:10:16:39:fd:40:80:b6:21:ca:40:08:d6:4f:c0:6f:33:b5:
e6:c9:b8:f7:ea:3d:8a:30:61:a2:9a:3a:ef:9b:4b:e6:18:76:
4a:f3:ef:55:ba:82:98:7c:99:12:63:2c:b1:82:fb:b9:86:dd:
68:5f:ca:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6z91M4nSsr2rx12NQfuHnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA2MTUxMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWUzOTExOTQ0YTJkZGM4ZThiYjZkNGFiYzE5YTdhMGQ4MWQwZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBGW6qJyHtiQe91aYyozKXbmFXi5
rOhKbrfqbv+H53fMMlflErwh+Sujd7uNK5gIMlHYs50ToOstgFelAh0zrqWxvUpS
LORO9W6rHCgJ3w9Qoo+mLQIYgfv4Xoup/p1uv/79nX0L/qlK9QaBnzagYzpRYwKg
L2Pv3clxJTQCLNyMUhCKUhSVJRF3sqxNzcV9hEYBiTJ1uk28ow7fLR7xKVHzoAcS
+uQZ+Q28qbIeMOkz8GSOib9JoIfhzlGf9Lc9oQbQ540a8uhw1KN0idigQErY4YNw
mth4opD2iCJNboeZqeGFy71+Nqs66eFw0+KpJ+7JhsqTHKQQa90VTVOKNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLrjkRlEot3I6LttSrwZp6DYHQ+1MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdXVPUkdVU2kzY2pvdTIxS3ZCbW5vTmdkRDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF1u2NsIqqkSarQQ4Bhj
tri90SW6W2v7PD1N1f4jc7cpIFDfNWbgr1KxvXlnKZHvF9PVhpPcDf0+saAVHOBH
pcX2R2bNwC0CxipmABuFY1dab7Ne9TKyommhHr7ow25Ext9J8fOn17t9hrMGBF9n
C7UmVAUSDwqmoAR9L5JWZwmL2Dlzr7fKY1gXaoxvZF7fSx///ITdtbeVjTFHcbJq
QUzBgf1JDhAcY+ZLoyzZ14dun35RXMBryFwu0NT4u87ngd1moLOYXk4QFjn9QIC2
IcpACNZPwG8ztebJuPfqPYowYaKaOu+bS+YYdkrz71W6gph8mRJjLLGC+7mG3Whf
yv4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:39 2025 by rpki-client