Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vj3p1vzI_F6l5dmp_sx-6ITaoU8.roa
File: vj3p1vzI_F6l5dmp_sx-6ITaoU8.roa (raw, json)
Hash identifier: fQtPcT2qkZALDVFV0b+tV65pqxjRs5XqeDwUpmK7oOA=
Subject key identifier: BE:3D:E9:D6:FC:C8:FC:5E:A5:E5:D9:A9:FE:CC:7E:E8:84:DA:A1:4F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D96573A8D87218DF22BF4E60296074372
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vj3p1vzI_F6l5dmp_sx-6ITaoU8.roa
Signing time: Sun 11 Feb 2024 04:05:15 +0000
ROA not before: Sun 11 Feb 2024 04:05:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:9656:6203/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:96:57:3a:8d:87:21:8d:f2:2b:f4:e6:02:96:07:43:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 11 04:05:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be3de9d6fcc8fc5ea5e5d9a9fecc7ee884daa14f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9e:1b:e5:04:72:aa:67:aa:56:fa:9f:e2:25:
48:65:3d:90:b5:31:62:7a:49:75:10:11:a3:4b:0e:
b1:0e:14:72:29:df:53:38:df:b7:5a:cf:78:4b:3c:
5a:b1:06:90:3e:a3:f7:c6:c4:4a:b6:29:2e:81:b7:
7a:bc:59:81:53:e7:04:12:28:a2:8b:d3:b8:d4:df:
de:bd:93:d0:f3:99:85:cb:1c:bd:c2:99:2e:83:72:
49:30:9c:a6:45:d8:2a:82:e9:f1:0c:1e:ed:42:55:
06:b0:c9:c9:94:67:05:15:2d:3e:b6:aa:99:71:11:
07:46:3b:70:b3:e0:03:0d:58:87:ce:27:b1:34:1d:
69:4e:ea:d7:8a:15:b1:8e:9d:67:25:ed:e8:d2:62:
89:b8:96:f2:09:a5:45:f9:6a:b5:e8:0f:85:82:e1:
65:26:79:fb:07:3b:d8:f4:a2:15:9e:16:15:32:79:
fe:ac:94:30:69:ca:fc:8e:b3:4c:c3:ce:fd:4d:b7:
a8:b8:b9:87:bb:25:62:c9:02:67:dc:06:44:1a:be:
a3:09:0f:ce:dd:db:48:04:a3:b1:f6:4f:6e:ef:d0:
5a:53:b5:a4:c1:c0:4e:60:f0:95:5d:53:03:9f:f3:
1e:de:d3:c5:22:80:73:46:ea:cf:6a:53:56:53:e5:
c6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:3D:E9:D6:FC:C8:FC:5E:A5:E5:D9:A9:FE:CC:7E:E8:84:DA:A1:4F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vj3p1vzI_F6l5dmp_sx-6ITaoU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:88:11:f2:06:ea:25:2a:43:5e:c6:fd:7c:6d:12:3b:d6:19:
71:f0:46:13:f1:2e:be:bc:7f:bf:bd:7b:94:6a:bc:09:5f:fe:
6c:f3:48:e6:16:b0:fc:60:16:8e:02:ac:90:91:0d:03:08:00:
88:be:4e:51:c2:ee:07:67:2b:2c:2a:cf:a6:fe:ed:11:04:f1:
9b:08:48:91:14:61:c5:82:7e:00:0a:6d:5d:b6:10:9c:01:d2:
1b:b4:de:3d:ba:c9:65:c7:f6:d6:03:ff:59:55:b6:c9:0a:7f:
cd:ad:60:d9:57:8f:4d:bf:0b:80:53:51:7b:57:8e:f5:f5:95:
e8:13:90:22:aa:80:c6:40:e4:06:4e:39:be:4d:79:8c:2c:78:
63:25:86:10:c9:5d:66:4e:fd:7c:12:7c:e1:66:9d:a9:b3:db:
f9:c5:a3:c2:bb:0a:93:dd:1e:33:d6:9c:bc:16:37:bd:8a:92:
1f:ea:e3:c3:07:df:59:22:bd:cb:e4:d5:f8:a9:c8:aa:da:54:
c2:6d:d2:de:6f:2f:cf:91:11:50:31:83:0e:8e:53:a1:1c:21:
40:a3:5f:5f:28:ad:d3:99:d0:a7:09:e1:db:73:b1:9a:8e:8b:
a0:be:45:42:5f:78:72:ba:0e:3f:12:97:98:e7:88:b2:2f:ff:
da:71:42:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2WVzqNhyGN8iv05gKWB0NyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjExMDQwNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTNkZTlkNmZjYzhmYzVlYTVlNWQ5YTlmZWNjN2VlODg0ZGFhMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo54b5QRyqmeqVvqf4iVIZT2QtTFi
ekl1EBGjSw6xDhRyKd9TON+3Ws94SzxasQaQPqP3xsRKtikugbd6vFmBU+cEEiii
i9O41N/evZPQ85mFyxy9wpkug3JJMJymRdgqgunxDB7tQlUGsMnJlGcFFS0+tqqZ
cREHRjtws+ADDViHziexNB1pTurXihWxjp1nJe3o0mKJuJbyCaVF+Wq16A+FguFl
Jnn7BzvY9KIVnhYVMnn+rJQwacr8jrNMw879TbeouLmHuyViyQJn3AZEGr6jCQ/O
3dtIBKOx9k9u79BaU7WkwcBOYPCVXVMDn/Me3tPFIoBzRurPalNWU+XG0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL496db8yPxepeXZqf7MfuiE2qFPMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdmozcDF2eklfRjZsNWRtcF9zeC02SVRhb1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB2IEfIG6iUqQ17G/Xxt
EjvWGXHwRhPxLr68f7+9e5RqvAlf/mzzSOYWsPxgFo4CrJCRDQMIAIi+TlHC7gdn
Kywqz6b+7REE8ZsISJEUYcWCfgAKbV22EJwB0hu03j26yWXH9tYD/1lVtskKf82t
YNlXj02/C4BTUXtXjvX1legTkCKqgMZA5AZOOb5NeYwseGMlhhDJXWZO/XwSfOFm
namz2/nFo8K7CpPdHjPWnLwWN72Kkh/q48MH31kivcvk1fipyKraVMJt0t5vL8+R
EVAxgw6OU6EcIUCjX18ordOZ0KcJ4dtzsZqOi6C+RUJfeHK6Dj8Sl5jniLIv/9px
Qrw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:37 2025 by rpki-client