Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vWW8YPi1pg_SY1Ff6XDUTd1QsgM.roa
File: vWW8YPi1pg_SY1Ff6XDUTd1QsgM.roa (raw, json)
Hash identifier: fQXL8e8aAz9T2qUbAr50u03nDqt7cU6h7P6ymERkTzg=
Subject key identifier: BD:65:BC:60:F8:B5:A6:0F:D2:63:51:5F:E9:70:D4:4D:DD:50:B2:03
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D8191D8D6959C4A442CAA249CB297C784
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vWW8YPi1pg_SY1Ff6XDUTd1QsgM.roa
Signing time: Wed 07 Feb 2024 03:17:15 +0000
ROA not before: Wed 07 Feb 2024 03:17:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:81:91:d8:d6:95:9c:4a:44:2c:aa:24:9c:b2:97:c7:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 7 03:17:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd65bc60f8b5a60fd263515fe970d44ddd50b203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:50:c3:c6:ed:d0:bf:2e:cc:2b:d7:a5:94:da:
c0:24:13:48:bd:8b:2e:b6:63:a7:94:b2:b0:89:80:
e1:eb:bd:a7:df:79:20:da:54:57:7d:b8:5d:e7:98:
b8:c2:f3:f9:41:08:9c:52:8b:60:24:51:3d:b2:f9:
d6:b8:37:78:dc:08:7a:f6:29:06:b9:6d:93:2d:24:
64:e8:fd:77:3d:1f:fc:ec:7d:13:b2:60:09:cc:45:
1f:6d:8d:22:6c:03:b7:c7:64:79:85:bb:d8:27:16:
58:5b:cb:89:2f:61:8e:8f:38:8c:a4:83:9d:6f:61:
f1:92:3e:24:b8:1d:71:64:37:96:55:f9:c4:20:47:
50:ce:a2:af:0f:3e:e7:1f:ea:a9:c9:d5:05:27:0b:
7a:31:20:21:b0:07:73:ef:83:d5:c3:e6:24:8a:f4:
a3:4e:d8:a8:1a:6b:68:f8:70:25:90:fb:5e:59:34:
a9:48:4e:4d:d7:83:eb:b8:36:d0:82:05:85:d6:c2:
92:33:17:1f:28:b0:a5:81:da:3a:fe:ab:66:4f:15:
d7:0a:24:e5:cc:8d:8a:39:db:a3:04:35:ad:c3:00:
04:d5:10:66:62:b6:66:cc:e6:46:fa:cc:a8:85:d3:
b7:a7:b6:ce:d7:25:c7:8f:cf:29:b0:09:fb:c3:5c:
7a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:65:BC:60:F8:B5:A6:0F:D2:63:51:5F:E9:70:D4:4D:DD:50:B2:03
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vWW8YPi1pg_SY1Ff6XDUTd1QsgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:ef:99:33:00:70:d4:aa:d9:bb:15:1d:b7:ca:c1:71:cf:75:
87:c0:78:13:1a:f8:bf:e2:54:a8:1e:ba:c2:70:66:75:41:53:
bb:64:c3:1f:e1:79:5e:52:9e:6f:af:62:26:b0:a2:4a:04:64:
91:e8:b1:2b:e3:b4:26:d7:a2:8d:06:d2:fa:de:50:e6:58:87:
3d:0f:c6:03:4d:e6:6f:35:4b:0c:59:a2:2f:bd:5b:80:38:d0:
b2:fc:9b:d3:8a:c4:61:8c:4f:2e:38:48:35:49:35:5e:f0:87:
dc:2e:b2:43:ea:c7:67:79:0f:77:ef:ed:2e:15:c3:82:9a:09:
72:f4:97:42:5d:6a:15:be:d1:44:69:9c:e3:90:a6:95:44:c2:
39:e7:9d:79:13:2e:22:88:45:57:08:52:42:67:3a:07:34:1e:
b0:1c:73:be:7c:87:48:82:e1:cb:01:a7:1a:15:a2:52:88:6c:
65:86:37:4d:47:6c:e1:c9:9c:da:9b:f3:1e:fb:9d:9a:3c:4d:
fd:c7:54:fa:ff:b5:22:18:fb:44:45:f9:ed:9b:05:0c:4f:cb:
a6:35:f0:61:b4:4f:df:56:b7:9f:62:d7:42:93:49:bb:cf:18:
5e:d0:1c:c4:41:2d:2d:ad:0a:41:27:59:81:cd:48:85:01:3c:
66:d4:8f:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2BkdjWlZxKRCyqJJyyl8eEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA3MDMxNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDY1YmM2MGY4YjVhNjBmZDI2MzUxNWZlOTcwZDQ0ZGRkNTBiMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklDDxu3Qvy7MK9ellNrAJBNIvYsu
tmOnlLKwiYDh672n33kg2lRXfbhd55i4wvP5QQicUotgJFE9svnWuDd43Ah69ikG
uW2TLSRk6P13PR/87H0TsmAJzEUfbY0ibAO3x2R5hbvYJxZYW8uJL2GOjziMpIOd
b2Hxkj4kuB1xZDeWVfnEIEdQzqKvDz7nH+qpydUFJwt6MSAhsAdz74PVw+YkivSj
TtioGmto+HAlkPteWTSpSE5N14PruDbQggWF1sKSMxcfKLClgdo6/qtmTxXXCiTl
zI2KOdujBDWtwwAE1RBmYrZmzOZG+syohdO3p7bO1yXHj88psAn7w1x6FQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL1lvGD4taYP0mNRX+lw1E3dULIDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdldXOFlQaTFwZ19TWTFGZjZYRFVUZDFRc2dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACvvmTMAcNSq2bsVHbfK
wXHPdYfAeBMa+L/iVKgeusJwZnVBU7tkwx/heV5Snm+vYiawokoEZJHosSvjtCbX
oo0G0vreUOZYhz0PxgNN5m81SwxZoi+9W4A40LL8m9OKxGGMTy44SDVJNV7wh9wu
skPqx2d5D3fv7S4Vw4KaCXL0l0JdahW+0URpnOOQppVEwjnnnXkTLiKIRVcIUkJn
Ogc0HrAcc758h0iC4csBpxoVolKIbGWGN01HbOHJnNqb8x77nZo8Tf3HVPr/tSIY
+0RF+e2bBQxPy6Y18GG0T99Wt59i10KTSbvPGF7QHMRBLS2tCkEnWYHNSIUBPGbU
j9M=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:50 2025 by rpki-client