Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xC-CuEFa8bEqnieHWNEewgKOlxg.roa
File: xC-CuEFa8bEqnieHWNEewgKOlxg.roa (raw, json)
Hash identifier: F0tzE4hMEYT5f5ahjAasps6PgBUCmbxzIwRM/ktbzg4=
Subject key identifier: C4:2F:82:B8:41:5A:F1:B1:2A:9E:27:87:58:D1:1E:C2:02:8E:97:18
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C977380168735313B2E31773589192001
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xC-CuEFa8bEqnieHWNEewgKOlxg.roa
Signing time: Sat 23 Dec 2023 16:12:58 +0000
ROA not before: Sat 23 Dec 2023 16:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:97:73:80:16:87:35:31:3b:2e:31:77:35:89:19:20:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 16:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c42f82b8415af1b12a9e278758d11ec2028e9718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f9:4d:78:90:90:b6:89:4f:39:2e:c7:ef:33:
91:61:5b:d2:7c:1f:c2:27:eb:93:1a:18:3b:5e:b6:
5c:c4:07:21:0f:35:ef:00:af:85:c5:28:ab:e2:c6:
af:91:ea:9d:af:0a:e8:36:51:18:52:20:74:2d:e1:
e5:2c:83:7e:ff:00:d4:be:ca:c1:ff:4b:82:d1:2b:
5f:8a:ce:a5:8a:98:d8:85:17:fd:a4:f6:17:0d:b8:
d9:f0:f0:3e:bb:ba:54:8d:58:b4:33:aa:f6:cb:fa:
f6:14:2b:1c:fe:3b:11:a5:a7:aa:a1:1f:f8:d0:5e:
9b:80:3c:cb:2b:7b:4d:7e:a4:9b:11:68:bf:60:b4:
3f:f7:87:05:4a:de:7f:49:c9:2a:2c:ee:a0:89:21:
89:19:6a:38:83:7a:7b:0b:f8:ee:3b:eb:f4:b4:94:
11:af:38:99:d5:78:33:e1:16:36:5c:34:1d:76:b1:
b5:35:6a:cb:69:77:00:e2:50:e0:51:ea:b9:fe:8f:
1b:1e:1d:17:e5:cf:f9:09:63:3e:83:dd:ab:a8:96:
a5:64:3e:38:04:d1:a7:c8:6c:3a:1e:f3:c4:26:24:
d4:ab:d7:43:11:78:52:11:02:4f:3d:02:17:2d:5a:
3f:0d:07:2c:7e:56:8f:49:c7:18:6b:d4:01:d0:10:
52:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2F:82:B8:41:5A:F1:B1:2A:9E:27:87:58:D1:1E:C2:02:8E:97:18
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xC-CuEFa8bEqnieHWNEewgKOlxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:fc:d4:a3:01:3b:45:89:63:12:3e:71:a9:b3:d4:71:42:30:
6a:ef:f7:fb:ca:f7:2a:1b:cc:9e:dc:9e:cf:e8:45:03:8a:be:
c3:95:14:2f:3d:8b:0d:01:6f:df:96:9c:a6:3c:9a:ca:06:7c:
d9:07:fc:b2:0e:20:55:0a:38:d6:ae:0e:f1:2b:a9:59:f3:b7:
b8:b7:a5:70:d5:3d:65:6b:f2:74:b4:b6:f8:2b:d6:1b:91:d7:
de:b3:a7:df:ce:f6:b3:0d:a2:d8:ef:d0:37:7b:ee:3a:85:07:
8a:97:09:a4:f3:5b:54:70:11:f2:f5:0b:08:70:c7:c6:ed:1d:
bf:48:0d:61:25:34:cb:70:87:89:af:85:e1:33:fc:dc:ec:65:
cb:2c:e9:22:90:fa:a5:15:69:21:68:9b:bb:fc:e3:fb:a7:98:
11:c9:85:bd:3b:6f:06:33:28:30:5e:e4:92:34:b2:41:26:c3:
4a:e3:80:8b:c9:0c:a6:4c:2f:4d:f9:74:11:fa:a0:5a:6d:e4:
07:af:2b:cb:c1:90:ec:79:cb:37:1a:68:cb:ee:53:72:b9:f0:
7f:d5:33:d7:66:4d:65:20:04:09:20:7a:33:84:de:e0:ec:be:
76:ad:07:44:4a:9d:9d:7c:2a:28:78:07:cd:8e:fe:90:b9:25:
1a:fd:87:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyXc4AWhzUxOy4xdzWJGSABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMTYxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDJmODJiODQxNWFmMWIxMmE5ZTI3ODc1OGQxMWVjMjAyOGU5NzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/lNeJCQtolPOS7H7zORYVvSfB/C
J+uTGhg7XrZcxAchDzXvAK+FxSir4savkeqdrwroNlEYUiB0LeHlLIN+/wDUvsrB
/0uC0Stfis6lipjYhRf9pPYXDbjZ8PA+u7pUjVi0M6r2y/r2FCsc/jsRpaeqoR/4
0F6bgDzLK3tNfqSbEWi/YLQ/94cFSt5/SckqLO6giSGJGWo4g3p7C/juO+v0tJQR
rziZ1Xgz4RY2XDQddrG1NWrLaXcA4lDgUeq5/o8bHh0X5c/5CWM+g92rqJalZD44
BNGnyGw6HvPEJiTUq9dDEXhSEQJPPQIXLVo/DQcsflaPSccYa9QB0BBSSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMQvgrhBWvGxKp4nh1jRHsICjpcYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveEMtQ3VFRmE4YkVxbmllSFdORWV3Z0tPbHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI781KMBO0WJYxI+camz
1HFCMGrv9/vK9yobzJ7cns/oRQOKvsOVFC89iw0Bb9+WnKY8msoGfNkH/LIOIFUK
ONauDvErqVnzt7i3pXDVPWVr8nS0tvgr1huR196zp9/O9rMNotjv0Dd77jqFB4qX
CaTzW1RwEfL1Cwhwx8btHb9IDWElNMtwh4mvheEz/NzsZcss6SKQ+qUVaSFom7v8
4/unmBHJhb07bwYzKDBe5JI0skEmw0rjgIvJDKZML035dBH6oFpt5AevK8vBkOx5
yzcaaMvuU3K58H/VM9dmTWUgBAkgejOE3uDsvnatB0RKnZ18Kih4B82O/pC5JRr9
hwM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:06 2025 by rpki-client