Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v2ruRPxSRTXZDw_3uQbgacsEWyk.roa
File: v2ruRPxSRTXZDw_3uQbgacsEWyk.roa (raw, json)
Hash identifier: 5ANE0gKclUZ7rddpxKWC4ioTREUMd8CPleWSBHe+q0s=
Subject key identifier: BF:6A:EE:44:FC:52:45:35:D9:0F:0F:F7:B9:06:E0:69:CB:04:5B:29
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA90BE5086645608DD938AC5326A9C7F2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v2ruRPxSRTXZDw_3uQbgacsEWyk.roa
Signing time: Wed 27 Dec 2023 02:12:58 +0000
ROA not before: Wed 27 Dec 2023 02:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a9:0b:e5:08:66:45:60:8d:d9:38:ac:53:26:a9:c7:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 27 02:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf6aee44fc524535d90f0ff7b906e069cb045b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b1:5f:c8:a0:c5:62:3b:27:cb:4b:b3:87:63:
19:d8:79:16:d9:4d:dd:ec:fd:51:0d:f6:4e:0e:c2:
a4:ca:f2:a7:15:3c:43:b6:41:25:51:04:6b:c7:30:
cc:ef:0a:2c:48:91:a7:c1:6a:ac:ab:28:fc:54:5a:
ba:de:2c:29:df:ae:3d:fc:0f:60:c2:96:a5:38:b0:
97:fc:04:e3:5a:ec:a2:18:5b:6d:a6:e7:ec:62:b4:
2d:50:fb:a8:bc:5d:c8:08:eb:fb:ad:74:ca:4d:29:
ae:a8:90:18:9e:51:ca:96:bc:fb:d7:af:25:62:e4:
8d:f0:f0:a2:c4:82:12:63:ec:90:89:dc:85:7e:4e:
10:17:2e:9a:b7:7b:16:a0:b2:46:43:0e:2a:1e:ca:
f3:b0:2f:a2:16:d7:1d:e1:7a:3d:65:64:3f:f9:81:
79:75:92:6d:99:6b:61:e5:f2:76:14:2e:8d:33:22:
4a:0b:33:0d:c0:54:7f:1e:23:11:bb:24:9e:de:23:
03:32:ed:3a:08:56:af:99:2a:c5:bd:8b:e9:2d:79:
51:fa:b0:ab:7e:5a:a2:04:22:cd:5f:59:28:73:40:
0a:d6:67:95:e8:6e:53:8a:2d:7b:7f:d9:82:eb:81:
a4:91:4d:01:63:18:9f:f0:25:c9:e0:2d:27:49:76:
07:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:6A:EE:44:FC:52:45:35:D9:0F:0F:F7:B9:06:E0:69:CB:04:5B:29
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v2ruRPxSRTXZDw_3uQbgacsEWyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:aa:d1:a6:4d:ec:5b:2e:98:f9:cd:90:fd:e3:09:61:ad:6e:
4b:35:26:a8:3d:42:71:87:a2:e6:ac:72:ad:3d:51:32:da:5e:
55:4d:b9:59:e7:0c:f3:46:f9:3b:3a:3b:d4:42:96:e7:ce:82:
8d:72:7d:26:54:00:86:f6:4f:e9:66:b5:da:c4:c4:33:5d:46:
62:d3:95:9b:55:06:6e:79:2b:b7:33:d3:10:90:ba:9a:75:d5:
80:86:3c:45:67:cc:4a:ec:f0:1d:3d:d8:b2:a2:7d:d1:ff:a6:
d3:e5:15:a6:48:cd:97:b8:6b:0c:6f:2b:72:21:29:c3:62:69:
0c:05:3b:41:10:74:cc:de:b5:6e:d6:c5:0e:dc:4e:3f:d9:26:
f9:83:7c:75:6b:03:fa:7c:e6:a2:b3:03:71:9d:3b:27:dc:ec:
8d:c6:b0:ec:74:cb:a2:71:a3:88:b3:66:e4:71:21:f9:5c:56:
a9:de:ce:b9:8b:ac:e1:19:c2:e7:f0:5d:88:ac:f1:b4:3e:98:
89:40:8c:53:24:b9:85:2f:70:bf:c3:fe:cb:f3:80:f6:25:a4:
20:b4:b8:bf:b8:b4:0b:61:ec:b7:f3:d5:c1:56:5d:df:de:33:
41:e6:0b:5c:6b:c0:a4:60:9e:8a:df:c5:32:71:71:3f:77:8c:
20:e7:1e:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYypC+UIZkVgjdk4rFMmqcfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI3MDIxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjZhZWU0NGZjNTI0NTM1ZDkwZjBmZjdiOTA2ZTA2OWNiMDQ1YjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbFfyKDFYjsny0uzh2MZ2HkW2U3d
7P1RDfZODsKkyvKnFTxDtkElUQRrxzDM7wosSJGnwWqsqyj8VFq63iwp3649/A9g
wpalOLCX/ATjWuyiGFttpufsYrQtUPuovF3ICOv7rXTKTSmuqJAYnlHKlrz7168l
YuSN8PCixIISY+yQidyFfk4QFy6at3sWoLJGQw4qHsrzsC+iFtcd4Xo9ZWQ/+YF5
dZJtmWth5fJ2FC6NMyJKCzMNwFR/HiMRuySe3iMDMu06CFavmSrFvYvpLXlR+rCr
flqiBCLNX1koc0AK1meV6G5Tii17f9mC64GkkU0BYxif8CXJ4C0nSXYHnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL9q7kT8UkU12Q8P97kG4GnLBFspMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdjJydVJQeFNSVFhaRHdfM3VRYmdhY3NFV3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAaq0aZN7FsumPnNkP3j
CWGtbks1Jqg9QnGHouascq09UTLaXlVNuVnnDPNG+Ts6O9RClufOgo1yfSZUAIb2
T+lmtdrExDNdRmLTlZtVBm55K7cz0xCQupp11YCGPEVnzErs8B092LKifdH/ptPl
FaZIzZe4awxvK3IhKcNiaQwFO0EQdMzetW7WxQ7cTj/ZJvmDfHVrA/p85qKzA3Gd
Oyfc7I3GsOx0y6Jxo4izZuRxIflcVqnezrmLrOEZwufwXYis8bQ+mIlAjFMkuYUv
cL/D/svzgPYlpCC0uL+4tAth7Lfz1cFWXd/eM0HmC1xrwKRgnorfxTJxcT93jCDn
HpI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:58 2025 by rpki-client