Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xJ0aj3Tbobm40wH7q2s5fEYYcFQ.roa
File: xJ0aj3Tbobm40wH7q2s5fEYYcFQ.roa (raw, json)
Hash identifier: 4pANpJlIJ4RAB8hztt79/ZfpNgoXvbaqvDQVzdP2svw=
Subject key identifier: C4:9D:1A:8F:74:DB:A1:B9:B8:D3:01:FB:AB:6B:39:7C:46:18:70:54
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DF7FD498465416FBEFA36C2990AE3467E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xJ0aj3Tbobm40wH7q2s5fEYYcFQ.roa
Signing time: Fri 01 Mar 2024 03:09:48 +0000
ROA not before: Fri 01 Mar 2024 03:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f7:fd:49:84:65:41:6f:be:fa:36:c2:99:0a:e3:46:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 1 03:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c49d1a8f74dba1b9b8d301fbab6b397c46187054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4a:46:72:90:d2:c7:18:b7:73:55:cb:28:bf:
13:e4:66:e8:4a:c2:f5:c0:2e:4f:35:56:54:59:ab:
52:ad:04:97:01:f1:de:00:7b:f4:23:ac:c4:22:43:
4b:65:d7:e9:f3:bb:b4:cd:c5:bb:00:7a:5a:33:08:
b9:cf:29:ba:12:0f:ff:03:93:b4:e0:22:2b:71:a2:
c2:f8:49:26:0a:5f:4c:73:6d:92:fa:0e:3a:36:30:
ab:4f:78:72:4e:19:cf:c8:08:f3:d8:29:6e:ee:b3:
a2:f1:61:3b:4f:97:eb:5b:e4:8f:9e:fe:7a:1a:d6:
74:e5:de:2d:38:6d:50:c0:09:5b:13:a8:a2:a0:a4:
bc:e2:7f:3f:58:5c:83:83:a6:81:27:b9:f0:f6:7d:
b7:03:f8:ea:3c:78:fb:be:54:1c:11:b2:0b:49:63:
d1:2e:c0:ea:e2:35:6e:22:a1:6b:aa:3d:f6:11:68:
cf:a5:20:92:d5:fd:fc:de:73:cc:71:2e:38:06:5f:
8c:2f:a4:92:ac:18:2e:2f:f9:9a:b6:a9:dc:0e:58:
97:9b:0c:40:f6:c7:60:ff:fb:b4:4e:31:b4:1f:d4:
c7:bf:4e:98:e0:6d:e9:47:3f:fb:9e:39:ac:45:0c:
c9:d4:9d:57:d0:e9:7a:71:ba:11:34:89:19:b0:4c:
4d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9D:1A:8F:74:DB:A1:B9:B8:D3:01:FB:AB:6B:39:7C:46:18:70:54
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xJ0aj3Tbobm40wH7q2s5fEYYcFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:2e:9c:1a:27:54:bb:0f:15:18:5e:09:bd:5e:4d:95:c8:c8:
7a:1c:4c:59:ba:02:b1:02:11:9d:e0:a4:dc:85:b8:23:71:9a:
a7:c2:59:da:05:75:cc:d5:51:db:33:25:cb:2d:3c:d3:b5:aa:
77:1c:e3:83:fb:e0:46:21:c3:b8:b8:67:f2:e7:f0:69:66:b7:
f0:e4:e5:58:cf:8e:53:85:af:56:eb:ba:ba:32:29:77:40:83:
88:11:d9:03:b9:0a:7a:62:2b:ac:d7:1e:72:ef:e3:db:76:c7:
17:7c:01:9a:59:54:fe:1b:c1:9e:86:37:04:d3:4e:2a:1b:3e:
1f:ca:57:b6:ea:bd:9d:23:d0:86:3f:bf:3d:31:83:01:ee:d5:
e9:42:6c:07:a5:9d:0e:5b:f9:5a:dc:c6:20:97:94:2d:69:6b:
b4:5e:e8:05:8c:cc:3e:83:4c:5a:94:89:6d:dd:e8:5f:1a:17:
f0:dc:3d:56:c0:2b:da:69:bf:d5:ad:32:39:5d:07:c8:e6:fc:
9a:a8:61:ed:12:75:fc:12:a7:f6:38:6a:b8:a8:e3:f4:ac:f2:
72:76:60:0b:44:0c:64:67:15:38:25:82:ec:9d:29:e3:0a:cb:
3f:a1:3f:db:41:50:47:c2:cc:d9:88:ba:22:c0:c5:c4:a3:fb:
fa:62:29:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY33/UmEZUFvvvo2wpkK40Z+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAxMDMwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDlkMWE4Zjc0ZGJhMWI5YjhkMzAxZmJhYjZiMzk3YzQ2MTg3MDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEpGcpDSxxi3c1XLKL8T5GboSsL1
wC5PNVZUWatSrQSXAfHeAHv0I6zEIkNLZdfp87u0zcW7AHpaMwi5zym6Eg//A5O0
4CIrcaLC+EkmCl9Mc22S+g46NjCrT3hyThnPyAjz2Clu7rOi8WE7T5frW+SPnv56
GtZ05d4tOG1QwAlbE6iioKS84n8/WFyDg6aBJ7nw9n23A/jqPHj7vlQcEbILSWPR
LsDq4jVuIqFrqj32EWjPpSCS1f383nPMcS44Bl+ML6SSrBguL/matqncDliXmwxA
9sdg//u0TjG0H9THv06Y4G3pRz/7njmsRQzJ1J1X0Ol6cboRNIkZsExNRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMSdGo9026G5uNMB+6trOXxGGHBUMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveEowYWozVGJvYm00MHdIN3EyczVmRVlZY0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAounBonVLsPFRheCb1e
TZXIyHocTFm6ArECEZ3gpNyFuCNxmqfCWdoFdczVUdszJcstPNO1qncc44P74EYh
w7i4Z/Ln8Glmt/Dk5VjPjlOFr1bruroyKXdAg4gR2QO5CnpiK6zXHnLv49t2xxd8
AZpZVP4bwZ6GNwTTTiobPh/KV7bqvZ0j0IY/vz0xgwHu1elCbAelnQ5b+VrcxiCX
lC1pa7Re6AWMzD6DTFqUiW3d6F8aF/DcPVbAK9ppv9WtMjldB8jm/JqoYe0SdfwS
p/Y4ario4/Ss8nJ2YAtEDGRnFTglguydKeMKyz+hP9tBUEfCzNmIuiLAxcSj+/pi
KQo=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:01 2025 by rpki-client