Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vtGBODF8JVSVA-JY_yp5Iz9w_MA.roa
File: vtGBODF8JVSVA-JY_yp5Iz9w_MA.roa (raw, json)
Hash identifier: 4eu6K1C5q6XQ42S3DPHX/9e3Z7cMdwZBjVPVdtXwuW8=
Subject key identifier: BE:D1:81:38:31:7C:25:54:95:03:E2:58:FF:2A:79:23:3F:70:FC:C0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CE445CA351542E165CA7E6F019F3747DD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vtGBODF8JVSVA-JY_yp5Iz9w_MA.roa
Signing time: Sun 07 Jan 2024 14:13:48 +0000
ROA not before: Sun 07 Jan 2024 14:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e4:45:ca:35:15:42:e1:65:ca:7e:6f:01:9f:37:47:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 7 14:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bed18138317c25549503e258ff2a79233f70fcc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0e:ee:b0:35:21:1f:7e:fb:fc:60:3a:a7:15:
31:2d:81:a7:8b:83:37:49:ac:4e:7e:83:4a:66:64:
de:12:9f:46:c9:76:67:af:40:eb:a8:34:fd:a1:6c:
af:26:8d:40:53:15:be:42:6a:04:0b:2a:57:f9:b1:
ef:95:9e:cb:3a:e9:c3:30:8e:a6:41:3f:1d:03:06:
3e:9f:65:06:42:67:46:55:17:b5:61:c1:6d:db:86:
f3:98:de:f5:89:70:cc:ac:52:9b:6c:a8:32:47:e4:
63:f0:e7:02:f4:cc:e9:1d:24:81:7d:88:6d:0e:9f:
8c:c6:84:9c:b3:74:1a:ce:a0:87:2a:88:70:6e:c6:
79:a4:be:89:01:55:a4:31:92:15:71:6a:22:4e:9d:
75:11:bd:4d:9d:cc:78:a3:af:c4:9f:c4:88:8f:18:
41:59:12:84:59:8e:eb:ec:a9:07:22:07:4d:5a:66:
39:da:87:ba:e7:e2:ea:3e:b3:5d:09:b6:c0:23:82:
d7:65:ab:b7:6c:10:62:1f:61:33:24:6e:78:fc:bb:
ab:7f:b5:00:8b:2d:25:97:98:7c:65:4f:e8:90:01:
e2:b2:bc:74:78:23:48:a8:72:ae:c3:f4:54:1e:0e:
fb:3a:d3:34:4c:6c:82:5c:14:77:80:6b:80:af:0b:
8d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:D1:81:38:31:7C:25:54:95:03:E2:58:FF:2A:79:23:3F:70:FC:C0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/vtGBODF8JVSVA-JY_yp5Iz9w_MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:4c:9f:67:48:8f:96:33:1e:4b:81:3d:87:17:0c:c9:4f:e9:
69:0c:16:b0:64:26:29:d7:38:9d:d3:2f:9f:89:cc:22:a1:c8:
36:f6:aa:e7:60:6d:5a:c1:a6:0c:b0:7b:94:28:f9:0a:b1:1f:
e8:f4:03:69:73:da:17:c9:27:79:86:63:b2:00:ba:71:ee:d5:
3d:27:55:6e:2f:40:48:ce:34:10:c6:a1:2a:13:b1:30:ad:93:
43:c1:f6:2d:f2:bd:1a:ac:d0:18:07:c3:68:0c:46:82:c5:2e:
0f:16:fc:32:58:55:b5:59:25:20:96:2c:3b:42:26:95:6d:f9:
56:a4:a5:60:66:67:dd:11:54:f9:1b:f0:23:9a:da:5d:b7:97:
84:28:f7:62:f7:c4:16:27:eb:63:13:d9:45:96:c7:f7:71:45:
e6:11:d0:a5:db:92:73:0f:2b:3f:2e:2a:39:5b:b5:24:e8:aa:
77:9c:a0:47:eb:a4:10:9b:59:9c:da:30:56:d3:00:4e:6f:57:
4d:97:a6:77:24:73:89:c0:3f:fc:fe:43:26:17:92:0f:98:75:
3e:61:21:29:dc:56:64:a8:d1:eb:5d:91:42:78:f5:88:18:22:
87:82:09:ff:29:6c:6d:43:90:b8:6c:23:ac:73:47:6b:61:73:
58:b1:38:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzkRco1FULhZcp+bwGfN0fdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA3MTQxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWQxODEzODMxN2MyNTU0OTUwM2UyNThmZjJhNzkyMzNmNzBmY2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtg7usDUhH377/GA6pxUxLYGni4M3
SaxOfoNKZmTeEp9GyXZnr0DrqDT9oWyvJo1AUxW+QmoECypX+bHvlZ7LOunDMI6m
QT8dAwY+n2UGQmdGVRe1YcFt24bzmN71iXDMrFKbbKgyR+Rj8OcC9MzpHSSBfYht
Dp+MxoScs3QazqCHKohwbsZ5pL6JAVWkMZIVcWoiTp11Eb1Nncx4o6/En8SIjxhB
WRKEWY7r7KkHIgdNWmY52oe65+LqPrNdCbbAI4LXZau3bBBiH2EzJG54/Lurf7UA
iy0ll5h8ZU/okAHisrx0eCNIqHKuw/RUHg77OtM0TGyCXBR3gGuArwuN/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL7RgTgxfCVUlQPiWP8qeSM/cPzAMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdnRHQk9ERjhKVlNWQS1KWV95cDVJejl3X01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFtMn2dIj5YzHkuBPYcX
DMlP6WkMFrBkJinXOJ3TL5+JzCKhyDb2qudgbVrBpgywe5Qo+QqxH+j0A2lz2hfJ
J3mGY7IAunHu1T0nVW4vQEjONBDGoSoTsTCtk0PB9i3yvRqs0BgHw2gMRoLFLg8W
/DJYVbVZJSCWLDtCJpVt+VakpWBmZ90RVPkb8COa2l23l4Qo92L3xBYn62MT2UWW
x/dxReYR0KXbknMPKz8uKjlbtSToqnecoEfrpBCbWZzaMFbTAE5vV02Xpnckc4nA
P/z+QyYXkg+YdT5hISncVmSo0etdkUJ49YgYIoeCCf8pbG1DkLhsI6xzR2thc1ix
OJg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:59 2025 by rpki-client