Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vWaQbO6RydsaBIIk6NIJp3BjjHQ.roa
File: vWaQbO6RydsaBIIk6NIJp3BjjHQ.roa (raw, json)
Hash identifier: 6J4ydAwG1F3uGUjEl+CTS/pFDBIB7+L3v6uiG78yLso=
Subject key identifier: BD:66:90:6C:EE:91:C9:DB:1A:04:82:24:E8:D2:09:A7:70:63:8C:74
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E216A2CBB2DCF6B9A0D50FDEEF3E19681
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vWaQbO6RydsaBIIk6NIJp3BjjHQ.roa
Signing time: Sat 09 Mar 2024 04:13:10 +0000
ROA not before: Sat 09 Mar 2024 04:13:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:21:6a:2c:bb:2d:cf:6b:9a:0d:50:fd:ee:f3:e1:96:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 9 04:13:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd66906cee91c9db1a048224e8d209a770638c74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6c:7e:d8:94:cd:60:68:ab:dc:d0:3e:d1:63:
d5:b0:2d:7b:17:2a:42:3a:24:e8:6e:a0:eb:bd:73:
fb:c7:c7:e3:42:14:15:90:aa:80:b3:be:e9:14:37:
43:59:64:76:b6:ba:38:44:33:73:f0:d9:b9:1f:95:
66:c6:cc:28:43:c2:87:10:d9:8f:35:78:c6:83:37:
0e:df:d3:76:da:52:2a:85:6d:71:18:26:5c:84:85:
fc:ad:0a:68:a7:38:be:2b:ab:ed:d4:d2:34:96:62:
27:37:5d:bb:f2:0a:87:a2:14:da:24:86:9c:81:39:
07:fd:94:49:4b:15:34:af:c1:e1:74:96:23:55:c6:
13:a7:a2:51:8e:ab:e0:94:9a:a5:aa:fc:be:0b:d5:
37:ad:79:37:ad:9d:e0:d5:2b:ef:18:1f:95:24:4f:
dc:2c:4f:52:6f:75:eb:bb:e0:49:00:d9:96:0b:81:
30:91:cc:38:37:34:e6:31:f2:16:06:98:af:94:76:
09:cc:7a:06:20:eb:9f:57:57:c9:64:f5:76:c8:13:
ed:e7:16:54:25:63:d6:29:f9:be:4e:e1:5a:d7:7b:
e7:c7:1c:8d:d2:73:94:da:2a:07:72:c7:3b:76:8a:
1c:48:95:54:61:59:01:b8:89:c0:24:6a:3e:74:81:
1c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:66:90:6C:EE:91:C9:DB:1A:04:82:24:E8:D2:09:A7:70:63:8C:74
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vWaQbO6RydsaBIIk6NIJp3BjjHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:5d:ed:5b:54:a1:bc:42:a9:02:eb:1f:70:2f:27:d7:02:24:
21:a6:1a:a8:99:c8:2a:58:6e:12:2a:86:81:5b:b1:bc:ca:56:
70:3d:eb:da:41:7c:e9:fa:99:f2:18:39:7e:35:17:4b:47:17:
97:9d:f0:50:95:15:a7:d5:d2:0b:f9:bf:72:f7:83:ef:fc:2e:
a5:5b:56:9c:9e:75:b1:8b:57:27:b2:5c:ea:3e:b3:f8:9e:57:
13:43:90:e3:4b:d8:49:81:cc:a5:25:d9:7d:b8:2e:58:06:3a:
cc:aa:6d:67:e2:58:8d:6d:f1:9a:79:03:da:86:03:83:92:c0:
46:04:d5:2e:c4:64:42:cc:78:a1:f2:58:a2:09:01:61:27:25:
a6:12:4e:eb:4b:33:b2:07:d7:f9:05:55:cd:bd:3f:ab:8c:8f:
b9:a2:1f:f4:3d:b7:9b:a5:5d:70:60:50:45:c6:13:1d:93:84:
71:2e:f0:3f:74:64:f6:8e:b7:0b:60:47:27:b9:45:e4:42:6f:
b1:90:b9:b9:17:73:97:17:8f:f0:61:c9:c9:fc:f3:1a:0c:ae:
6c:25:3b:56:e2:c6:33:aa:7a:34:b4:39:ab:40:91:ca:c9:b7:
06:ee:5f:54:9d:29:90:da:a2:0f:d0:1b:ea:9d:64:92:aa:42:
f0:f9:81:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4haiy7Lc9rmg1Q/e7z4ZaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA5MDQxMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDY2OTA2Y2VlOTFjOWRiMWEwNDgyMjRlOGQyMDlhNzcwNjM4Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmx+2JTNYGir3NA+0WPVsC17FypC
OiTobqDrvXP7x8fjQhQVkKqAs77pFDdDWWR2tro4RDNz8Nm5H5VmxswoQ8KHENmP
NXjGgzcO39N22lIqhW1xGCZchIX8rQpopzi+K6vt1NI0lmInN1278gqHohTaJIac
gTkH/ZRJSxU0r8HhdJYjVcYTp6JRjqvglJqlqvy+C9U3rXk3rZ3g1SvvGB+VJE/c
LE9Sb3Xru+BJANmWC4Ewkcw4NzTmMfIWBpivlHYJzHoGIOufV1fJZPV2yBPt5xZU
JWPWKfm+TuFa13vnxxyN0nOU2ioHcsc7doocSJVUYVkBuInAJGo+dIEcwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL1mkGzukcnbGgSCJOjSCadwY4x0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdldhUWJPNlJ5ZHNhQklJazZOSUpwM0JqakhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJpd7VtUobxCqQLrH3Av
J9cCJCGmGqiZyCpYbhIqhoFbsbzKVnA969pBfOn6mfIYOX41F0tHF5ed8FCVFafV
0gv5v3L3g+/8LqVbVpyedbGLVyeyXOo+s/ieVxNDkONL2EmBzKUl2X24LlgGOsyq
bWfiWI1t8Zp5A9qGA4OSwEYE1S7EZELMeKHyWKIJAWEnJaYSTutLM7IH1/kFVc29
P6uMj7miH/Q9t5ulXXBgUEXGEx2ThHEu8D90ZPaOtwtgRye5ReRCb7GQubkXc5cX
j/Bhycn88xoMrmwlO1bixjOqejS0OatAkcrJtwbuX1SdKZDaog/QG+qdZJKqQvD5
geg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:02 2025 by rpki-client