Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wWhfiud3sXaigg4Fti8_tl-xGoA.roa
File: wWhfiud3sXaigg4Fti8_tl-xGoA.roa (raw, json)
Hash identifier: ZBCWxzHCIvaIsQcufyx8fWFZ0hi8TWETSWoKlyB6Wwc=
Subject key identifier: C1:68:5F:8A:E7:77:B1:76:A2:82:0E:05:B6:2F:3F:B6:5F:B1:1A:80
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D5E5585FFD7D258267F40B97F10AD7353
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wWhfiud3sXaigg4Fti8_tl-xGoA.roa
Signing time: Wed 31 Jan 2024 07:04:39 +0000
ROA not before: Wed 31 Jan 2024 07:04:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:5e54:f27f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:55:85:ff:d7:d2:58:26:7f:40:b9:7f:10:ad:73:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 31 07:04:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1685f8ae777b176a2820e05b62f3fb65fb11a80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:39:89:84:bb:f1:86:a2:67:1d:01:bd:74:a6:
5f:47:18:5b:c7:cb:aa:37:df:52:ce:d3:ef:37:66:
eb:00:53:24:0b:3f:28:33:8b:55:04:58:e2:66:b6:
b1:de:d7:c4:63:22:b3:dd:18:a6:5d:7b:e8:67:be:
52:b4:57:e2:ac:8f:3e:6f:dc:59:93:57:9a:dd:51:
26:a5:49:ee:cf:a4:1f:42:7b:46:8d:65:48:7e:0f:
b9:47:79:a4:d5:44:ad:e5:2e:f4:85:7c:db:99:73:
27:01:41:cf:4c:ed:8e:2e:27:e0:b7:11:83:0c:b2:
94:ec:a8:8f:7a:80:54:ac:fc:69:ed:8a:11:ca:35:
a5:22:8e:a8:00:cd:fc:97:42:23:fb:c0:47:de:f6:
1f:1b:ed:33:f5:ee:01:e3:cd:c5:41:00:22:f4:7a:
32:5e:1b:1e:c9:d3:23:29:40:d0:b5:28:6b:c5:da:
e2:83:06:b1:94:23:19:76:a9:8e:de:38:93:91:48:
c2:3c:03:d7:bf:6d:15:3e:4e:bc:29:ac:03:7e:a2:
8d:69:69:b3:75:88:6e:f9:2e:47:e8:9e:e0:ad:33:
37:82:b4:ba:35:80:44:60:4c:0a:21:70:e6:d1:57:
57:c8:c7:4e:da:93:49:b0:c5:38:46:06:70:d6:f0:
65:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:68:5F:8A:E7:77:B1:76:A2:82:0E:05:B6:2F:3F:B6:5F:B1:1A:80
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/wWhfiud3sXaigg4Fti8_tl-xGoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:e4:93:e6:15:04:58:8d:49:8d:ab:0a:6d:f0:bb:b3:28:a7:
6a:5a:a0:f0:f9:b5:a2:6b:cb:83:56:70:35:a7:8d:b0:b4:be:
e1:2b:47:87:4a:0e:02:92:14:ed:55:05:44:e1:3b:36:86:04:
09:03:3b:25:9b:5e:67:cd:38:56:7a:93:72:a2:43:f8:c5:6c:
24:b8:c6:4a:55:0e:a1:6b:3c:4f:37:b2:96:13:32:ba:f1:03:
6c:94:51:21:8b:3f:62:d3:b0:93:b9:48:97:c8:0b:06:db:23:
e5:eb:52:27:c4:67:c6:06:6c:e4:ca:75:48:05:0e:8d:ab:da:
e9:17:96:2f:d0:ca:08:90:cb:a3:f8:23:1f:77:e4:4c:86:4b:
84:e9:8f:45:02:fd:d0:a7:b8:97:1b:5d:04:9e:f5:9a:d8:cd:
f9:e3:e6:a2:dc:af:bb:0c:3f:0e:e2:0c:dd:74:96:46:87:a7:
48:f8:f3:75:76:21:76:d2:27:db:61:f1:13:01:52:1b:b5:ab:
e4:d8:a7:81:16:e3:f9:e6:7d:88:99:d0:2e:79:6e:11:c9:ee:
84:47:d9:2e:ec:6a:83:4b:7a:56:b7:21:4d:65:e7:f0:15:13:
83:ee:1a:ca:65:21:80:8d:51:44:55:e8:20:d8:59:dd:7e:a7:
35:c9:0a:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1eVYX/19JYJn9AuX8QrXNTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTMxMDcwNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTY4NWY4YWU3NzdiMTc2YTI4MjBlMDViNjJmM2ZiNjVmYjExYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TmJhLvxhqJnHQG9dKZfRxhbx8uq
N99SztPvN2brAFMkCz8oM4tVBFjiZrax3tfEYyKz3RimXXvoZ75StFfirI8+b9xZ
k1ea3VEmpUnuz6QfQntGjWVIfg+5R3mk1USt5S70hXzbmXMnAUHPTO2OLifgtxGD
DLKU7KiPeoBUrPxp7YoRyjWlIo6oAM38l0Ij+8BH3vYfG+0z9e4B483FQQAi9Hoy
XhseydMjKUDQtShrxdrigwaxlCMZdqmO3jiTkUjCPAPXv20VPk68KawDfqKNaWmz
dYhu+S5H6J7grTM3grS6NYBEYEwKIXDm0VdXyMdO2pNJsMU4RgZw1vBlbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMFoX4rnd7F2ooIOBbYvP7ZfsRqAMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvd1doZml1ZDNzWGFpZ2c0RnRpOF90bC14R29BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFrkk+YVBFiNSY2rCm3w
u7Mop2paoPD5taJry4NWcDWnjbC0vuErR4dKDgKSFO1VBUThOzaGBAkDOyWbXmfN
OFZ6k3KiQ/jFbCS4xkpVDqFrPE83spYTMrrxA2yUUSGLP2LTsJO5SJfICwbbI+Xr
UifEZ8YGbOTKdUgFDo2r2ukXli/QygiQy6P4Ix935EyGS4Tpj0UC/dCnuJcbXQSe
9ZrYzfnj5qLcr7sMPw7iDN10lkaHp0j483V2IXbSJ9th8RMBUhu1q+TYp4EW4/nm
fYiZ0C55bhHJ7oRH2S7saoNLela3IU1l5/AVE4PuGsplIYCNUURV6CDYWd1+pzXJ
Crw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:13 2025 by rpki-client