Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/w3N5bvxxcMR-bZ9RxGlOGbuVyvw.roa
File: w3N5bvxxcMR-bZ9RxGlOGbuVyvw.roa (raw, json)
Hash identifier: zi/LeIlR6jOuOBK2u5YAwRZu28E5MMgLcu2fuc58PSg=
Subject key identifier: C3:73:79:6E:FC:71:70:C4:7E:6D:9F:51:C4:69:4E:19:BB:95:CA:FC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EC09FF6E354770FD5EA03ABBDE49B2303
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/w3N5bvxxcMR-bZ9RxGlOGbuVyvw.roa
Signing time: Tue 09 Apr 2024 02:11:32 +0000
ROA not before: Tue 09 Apr 2024 02:11:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c0:9f:f6:e3:54:77:0f:d5:ea:03:ab:bd:e4:9b:23:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 9 02:11:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c373796efc7170c47e6d9f51c4694e19bb95cafc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bb:2e:9c:5a:73:f1:78:fd:8c:25:35:19:61:
6f:66:a8:c6:be:c4:33:57:2c:f2:9e:b5:1f:0d:89:
86:f1:b9:0f:58:fe:be:d5:5e:24:e8:98:46:99:fc:
b8:16:cc:22:82:6f:60:9f:ca:84:c7:97:c1:19:84:
e6:34:f5:91:98:46:92:ff:aa:fa:b9:09:98:7d:d4:
7b:b2:2b:5f:6b:bf:06:9f:11:0e:9c:18:2c:32:c3:
b9:68:8c:fb:c9:71:a3:45:c7:e8:86:51:5a:ad:cf:
b8:34:21:65:01:35:10:0d:9c:19:9a:1e:2a:a2:36:
77:f6:5a:43:cb:ab:39:91:3f:75:fc:39:56:81:ea:
c8:b5:6f:3e:11:14:82:0a:9a:2d:99:be:dd:14:4f:
bc:cf:00:49:c5:b6:19:34:d8:db:2d:e7:87:53:54:
d7:b4:c8:7f:4b:b7:83:d2:04:78:b9:12:97:95:dc:
34:c4:40:b5:ab:75:94:87:be:7d:e2:d9:29:9d:89:
70:6a:69:98:3b:55:1d:8e:ee:bf:db:01:e4:a4:5b:
31:5d:0e:13:62:c4:af:3f:7f:d5:66:69:d5:3d:7c:
a3:0e:8d:02:4a:4a:58:8a:68:7a:39:0c:a1:1c:0b:
b6:08:6c:92:a9:1d:3d:bb:ec:93:f3:8e:79:38:56:
f0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:73:79:6E:FC:71:70:C4:7E:6D:9F:51:C4:69:4E:19:BB:95:CA:FC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/w3N5bvxxcMR-bZ9RxGlOGbuVyvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:6d:9c:56:cb:47:e1:54:ed:e2:d5:c8:8a:a1:fd:9b:30:83:
de:25:d0:9d:af:0d:a7:92:3e:ff:5c:1a:8c:92:9e:f3:45:24:
bb:5d:2a:31:69:47:2c:66:3c:04:ee:5a:ab:56:ea:a1:3b:5e:
6d:19:f8:93:ac:f9:f3:be:79:c4:52:98:3c:59:41:d9:73:45:
1f:44:bc:45:10:56:7d:c9:d0:a2:6b:18:55:e9:cb:ab:16:32:
94:91:f5:c6:ea:65:2f:b0:63:16:61:5b:ca:57:e5:4b:1f:62:
11:61:3d:ea:57:63:e7:70:19:1d:58:a1:a5:c2:e7:2e:4a:7a:
45:37:31:e7:11:2f:61:c2:43:04:7a:0e:e3:3b:7f:d6:e8:aa:
7c:4a:d5:b1:c7:57:8c:49:fb:9f:e9:26:69:53:ab:5e:d0:f9:
b1:fb:f2:ea:b5:bb:06:4c:a4:29:9e:64:26:5c:19:d7:a2:48:
fa:42:2e:f0:a2:5b:b4:4e:17:d2:cc:c7:ab:ad:e1:cf:36:f0:
3c:14:cf:9e:d7:7e:b5:dd:d2:d7:08:06:7d:1a:5e:6e:af:80:
b5:9b:15:25:0c:21:cc:a6:0a:5a:d0:8e:26:70:af:a4:b5:75:
d5:77:6f:ef:8a:48:be:6f:ab:2a:71:1e:fc:3e:54:23:bf:c6:
86:5c:0e:bd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7An/bjVHcP1eoDq73kmyMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA5MDIxMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzczNzk2ZWZjNzE3MGM0N2U2ZDlmNTFjNDY5NGUxOWJiOTVjYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLsunFpz8Xj9jCU1GWFvZqjGvsQz
VyzynrUfDYmG8bkPWP6+1V4k6JhGmfy4Fswigm9gn8qEx5fBGYTmNPWRmEaS/6r6
uQmYfdR7sitfa78GnxEOnBgsMsO5aIz7yXGjRcfohlFarc+4NCFlATUQDZwZmh4q
ojZ39lpDy6s5kT91/DlWgerItW8+ERSCCpotmb7dFE+8zwBJxbYZNNjbLeeHU1TX
tMh/S7eD0gR4uRKXldw0xEC1q3WUh7594tkpnYlwammYO1Udju6/2wHkpFsxXQ4T
YsSvP3/VZmnVPXyjDo0CSkpYimh6OQyhHAu2CGySqR09u+yT8455OFbwYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMNzeW78cXDEfm2fUcRpThm7lcr8MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdzNONWJ2eHhjTVItYlo5UnhHbE9HYnVWeXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI1tnFbLR+FU7eLVyIqh
/Zswg94l0J2vDaeSPv9cGoySnvNFJLtdKjFpRyxmPATuWqtW6qE7Xm0Z+JOs+fO+
ecRSmDxZQdlzRR9EvEUQVn3J0KJrGFXpy6sWMpSR9cbqZS+wYxZhW8pX5UsfYhFh
PepXY+dwGR1YoaXC5y5KekU3MecRL2HCQwR6DuM7f9boqnxK1bHHV4xJ+5/pJmlT
q17Q+bH78uq1uwZMpCmeZCZcGdeiSPpCLvCiW7ROF9LMx6ut4c828DwUz57XfrXd
0tcIBn0aXm6vgLWbFSUMIcymClrQjiZwr6S1ddV3b++KSL5vqypxHvw+VCO/xoZc
Dr0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:09 2025 by rpki-client