Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v9JLiCs5ZOzFkN1gXi3GHDNxy6k.roa
File: v9JLiCs5ZOzFkN1gXi3GHDNxy6k.roa (raw, json)
Hash identifier: SNTT8ifk76SeRYa0j8DNrez6yaUfpzoo8vsWyMBBWww=
Subject key identifier: BF:D2:4B:88:2B:39:64:EC:C5:90:DD:60:5E:2D:C6:1C:33:71:CB:A9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EB0F73255D77855557DE6D0CC12E5EED2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v9JLiCs5ZOzFkN1gXi3GHDNxy6k.roa
Signing time: Sat 06 Apr 2024 01:12:54 +0000
ROA not before: Sat 06 Apr 2024 01:12:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b0:f7:32:55:d7:78:55:55:7d:e6:d0:cc:12:e5:ee:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 6 01:12:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfd24b882b3964ecc590dd605e2dc61c3371cba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:49:ba:e1:ca:38:e2:e6:36:c9:81:97:55:79:
52:8c:f6:93:4b:c0:1d:0e:c8:11:f2:cc:26:bf:9e:
cc:82:3c:3d:9f:a7:36:03:40:35:b6:80:f2:02:07:
63:bf:70:4b:03:14:7e:d4:9f:5e:4a:9f:51:02:1f:
4a:e3:90:55:78:b2:19:b3:66:73:0b:94:fc:9a:0e:
a4:45:2c:e3:75:e7:44:35:73:41:06:48:48:8f:4c:
a2:92:4c:32:a4:28:01:1d:dc:56:09:17:a2:22:d9:
3b:07:b4:10:79:c1:b2:db:d8:85:64:99:c9:ea:74:
7a:77:84:00:d8:c8:ff:18:d9:47:80:0f:f8:7c:1f:
32:36:47:e2:a6:49:ac:07:c3:fe:57:16:f7:f4:4a:
7e:0a:51:05:50:86:f9:02:ba:9e:b1:a1:d2:58:0f:
0a:2c:c9:12:62:1b:c6:a9:67:44:d1:21:5a:81:bc:
35:d5:6d:80:b0:df:41:4a:c5:b8:00:1e:b4:f8:b5:
36:f3:4d:ac:38:1e:aa:fb:94:c0:7e:80:29:e4:9f:
8d:48:08:fd:68:b9:07:2f:aa:bd:79:c6:12:c0:f6:
18:2d:66:ac:b6:45:0c:c6:50:c0:ac:06:a0:5f:4e:
23:0f:38:68:cb:96:29:53:3c:8c:51:1e:aa:5c:67:
8a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D2:4B:88:2B:39:64:EC:C5:90:DD:60:5E:2D:C6:1C:33:71:CB:A9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/v9JLiCs5ZOzFkN1gXi3GHDNxy6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:8a:77:7c:4f:72:ac:60:bb:41:5f:f4:e5:5b:df:a5:0d:8d:
fe:f4:8b:4c:00:21:8c:29:7a:7d:b4:46:b2:b8:3f:40:d7:3f:
12:88:77:5b:41:f7:a7:79:29:de:16:42:90:3e:16:10:d5:c3:
97:49:bd:2f:4d:17:53:df:11:2e:9d:1b:23:3a:56:37:9e:f3:
7d:4e:c2:aa:36:b0:85:5a:28:0b:ca:64:d5:bd:c1:79:e3:a3:
a8:22:ff:73:51:1f:37:ed:b1:5a:72:c1:e7:2e:1d:a0:ee:95:
db:fa:eb:f8:64:ce:7c:7e:8c:e4:15:55:13:ae:b7:43:44:5e:
90:fb:52:10:f7:73:ea:fc:5d:63:75:c0:84:d4:ef:0a:1b:2e:
b7:dc:0b:80:22:e2:33:22:4f:53:f5:d9:09:d0:3a:8c:8e:52:
c0:bf:03:36:b2:42:53:8f:39:b2:fe:39:f7:6c:18:f0:82:c4:
22:19:43:31:36:10:3c:e8:3a:0e:a7:95:db:e4:fd:62:57:78:
de:e1:b9:7b:b0:a1:96:4b:2f:1f:ed:c3:f4:78:a7:a2:30:c4:
35:77:41:15:7d:54:c9:53:72:bf:ab:35:4d:9b:89:cb:ac:13:
b7:9f:19:ef:93:f6:26:6f:5f:9c:dd:b7:72:0c:02:94:8a:09:
46:ae:e7:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6w9zJV13hVVX3m0MwS5e7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA2MDExMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmQyNGI4ODJiMzk2NGVjYzU5MGRkNjA1ZTJkYzYxYzMzNzFjYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUm64co44uY2yYGXVXlSjPaTS8Ad
DsgR8swmv57Mgjw9n6c2A0A1toDyAgdjv3BLAxR+1J9eSp9RAh9K45BVeLIZs2Zz
C5T8mg6kRSzjdedENXNBBkhIj0yikkwypCgBHdxWCReiItk7B7QQecGy29iFZJnJ
6nR6d4QA2Mj/GNlHgA/4fB8yNkfipkmsB8P+Vxb39Ep+ClEFUIb5ArqesaHSWA8K
LMkSYhvGqWdE0SFagbw11W2AsN9BSsW4AB60+LU2802sOB6q+5TAfoAp5J+NSAj9
aLkHL6q9ecYSwPYYLWastkUMxlDArAagX04jDzhoy5YpUzyMUR6qXGeKtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL/SS4grOWTsxZDdYF4txhwzccupMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdjlKTGlDczVaT3pGa04xZ1hpM0dIRE54eTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACKKd3xPcqxgu0Ff9OVb
36UNjf70i0wAIYwpen20RrK4P0DXPxKId1tB96d5Kd4WQpA+FhDVw5dJvS9NF1Pf
ES6dGyM6Vjee831Owqo2sIVaKAvKZNW9wXnjo6gi/3NRHzftsVpywecuHaDuldv6
6/hkznx+jOQVVROut0NEXpD7UhD3c+r8XWN1wITU7wobLrfcC4Ai4jMiT1P12QnQ
OoyOUsC/AzayQlOPObL+OfdsGPCCxCIZQzE2EDzoOg6nldvk/WJXeN7huXuwoZZL
Lx/tw/R4p6IwxDV3QRV9VMlTcr+rNU2bicusE7efGe+T9iZvX5zdt3IMApSKCUau
5zU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:23 2025 by rpki-client