Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vRfdjNqlUFLFNHRj1Jwazb7FYQQ.roa
File: vRfdjNqlUFLFNHRj1Jwazb7FYQQ.roa (raw, json)
Hash identifier: FC/astwJlv8f5VUI3RS45sOjlCsCmz4rAkaaq3YZzoY=
Subject key identifier: BD:17:DD:8C:DA:A5:50:52:C5:34:74:63:D4:9C:1A:CD:BE:C5:61:04
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E7FD1E1E6CE8681EA9C81319B461CD3E7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vRfdjNqlUFLFNHRj1Jwazb7FYQQ.roa
Signing time: Wed 27 Mar 2024 12:10:45 +0000
ROA not before: Wed 27 Mar 2024 12:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:d1:e1:e6:ce:86:81:ea:9c:81:31:9b:46:1c:d3:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 27 12:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd17dd8cdaa55052c5347463d49c1acdbec56104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e0:f0:da:29:07:6d:c6:bf:e1:46:58:2d:0c:
02:b9:91:54:ea:b0:09:67:d1:ea:31:dc:7b:0c:ed:
11:be:c8:b1:e8:c9:c0:a0:e6:f8:1f:27:d2:37:31:
29:db:4b:09:ba:66:a4:a2:5f:d9:c3:e2:00:b3:27:
dc:cb:e1:91:38:e5:25:ea:ec:7f:50:88:17:09:23:
27:b7:cb:d1:68:f0:68:1c:c1:20:9a:cd:5d:05:f0:
56:9b:5d:9b:6d:37:44:26:bd:34:28:49:4e:94:fe:
5b:78:f8:98:12:e5:78:7d:04:29:c6:c8:a6:f4:6a:
a7:90:e9:ed:34:c4:12:f3:76:a4:41:df:9d:52:d0:
99:a2:3b:15:61:d8:f8:17:a5:19:3b:67:a7:29:0c:
e2:c8:ae:eb:38:d7:60:48:8f:a3:df:3d:c5:db:54:
4d:32:3d:c7:9c:64:98:39:6b:2f:e8:a0:73:45:d3:
70:1c:67:11:4c:65:d9:9b:c2:17:44:8c:ad:1a:df:
67:9b:fa:03:4d:49:db:c5:fe:0d:00:fc:c7:16:74:
13:ab:77:27:ce:8e:c3:a8:d4:ee:f3:2c:da:04:82:
d3:3a:2f:b6:80:0b:ae:57:a3:8d:be:af:02:88:4f:
97:ae:a0:76:e0:81:13:a9:68:05:4d:6c:61:a5:ba:
6e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:17:DD:8C:DA:A5:50:52:C5:34:74:63:D4:9C:1A:CD:BE:C5:61:04
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vRfdjNqlUFLFNHRj1Jwazb7FYQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:07:f1:83:38:8a:09:59:39:12:be:b4:88:5a:fd:29:88:7f:
d7:a4:4d:c5:12:56:ca:fb:c9:24:59:b7:a3:64:c9:7f:57:8b:
46:13:4d:fa:b9:f3:83:49:f6:72:fe:90:83:49:db:f7:3d:96:
bc:d0:fb:0f:ee:ed:c5:2a:a9:15:73:40:3d:56:15:0b:c0:71:
63:68:0f:61:cf:6d:02:bd:af:3a:7e:2d:ff:3a:73:ed:42:6e:
ee:84:a0:ed:c8:60:0c:8c:b4:8c:44:11:70:84:66:c0:cd:6d:
3d:be:2a:ec:35:2c:e0:7a:cb:be:f8:52:77:76:81:ab:ee:78:
b8:4e:17:01:51:92:7b:5d:d6:8a:a8:49:9d:a3:a4:e7:63:1a:
e2:ef:ae:82:b3:cd:b2:b5:72:78:15:c1:8c:f3:22:f0:87:3a:
a5:77:7a:64:7f:b8:be:60:54:3a:90:a2:34:5b:5b:98:8e:01:
ff:66:2a:2e:f0:c6:b4:e2:3f:9f:52:69:44:d4:3a:6f:67:d9:
f7:4a:98:f4:0d:30:09:d5:77:ea:ca:b1:5d:29:42:78:ff:46:
2c:08:d8:82:9d:59:ee:b9:01:45:46:34:69:88:7f:f6:64:14:
da:a3:9a:b3:01:85:74:18:7f:7d:bd:87:c5:fc:cc:fa:49:e2:
20:ea:70:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5/0eHmzoaB6pyBMZtGHNPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI3MTIxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDE3ZGQ4Y2RhYTU1MDUyYzUzNDc0NjNkNDljMWFjZGJlYzU2MTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtODw2ikHbca/4UZYLQwCuZFU6rAJ
Z9HqMdx7DO0Rvsix6MnAoOb4HyfSNzEp20sJumakol/Zw+IAsyfcy+GROOUl6ux/
UIgXCSMnt8vRaPBoHMEgms1dBfBWm12bbTdEJr00KElOlP5bePiYEuV4fQQpxsim
9GqnkOntNMQS83akQd+dUtCZojsVYdj4F6UZO2enKQziyK7rONdgSI+j3z3F21RN
Mj3HnGSYOWsv6KBzRdNwHGcRTGXZm8IXRIytGt9nm/oDTUnbxf4NAPzHFnQTq3cn
zo7DqNTu8yzaBILTOi+2gAuuV6ONvq8CiE+XrqB24IETqWgFTWxhpbpuLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL0X3YzapVBSxTR0Y9ScGs2+xWEEMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdlJmZGpOcWxVRkxGTkhSajFKd2F6YjdGWVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKgH8YM4iglZORK+tIha
/SmIf9ekTcUSVsr7ySRZt6NkyX9Xi0YTTfq584NJ9nL+kINJ2/c9lrzQ+w/u7cUq
qRVzQD1WFQvAcWNoD2HPbQK9rzp+Lf86c+1Cbu6EoO3IYAyMtIxEEXCEZsDNbT2+
Kuw1LOB6y774Und2gavueLhOFwFRkntd1oqoSZ2jpOdjGuLvroKzzbK1cngVwYzz
IvCHOqV3emR/uL5gVDqQojRbW5iOAf9mKi7wxrTiP59SaUTUOm9n2fdKmPQNMAnV
d+rKsV0pQnj/RiwI2IKdWe65AUVGNGmIf/ZkFNqjmrMBhXQYf329h8X8zPpJ4iDq
cPg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:48 2025 by rpki-client