Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xW2MiTVfHg4if6QAYj8ZfwzIzuw.roa
File: xW2MiTVfHg4if6QAYj8ZfwzIzuw.roa (raw, json)
Hash identifier: rHfHZHXGAulFE/0eSTTHxBM1iVsK8lLCXXcrPHU4tWA=
Subject key identifier: C5:6D:8C:89:35:5F:1E:0E:22:7F:A4:00:62:3F:19:7F:0C:C8:CE:EC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E88D7C1EC917A148EFD7BA6CA015C79A1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xW2MiTVfHg4if6QAYj8ZfwzIzuw.roa
Signing time: Fri 29 Mar 2024 06:13:44 +0000
ROA not before: Fri 29 Mar 2024 06:13:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:88:d7:c1:ec:91:7a:14:8e:fd:7b:a6:ca:01:5c:79:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 29 06:13:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c56d8c89355f1e0e227fa400623f197f0cc8ceec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f6:59:1a:49:72:18:9c:56:f3:3b:ec:19:09:
a5:3d:27:2d:12:80:52:b4:6f:86:00:22:30:f2:02:
36:da:64:4c:aa:12:3e:63:e7:2a:d8:bf:bb:39:c5:
50:d3:04:87:3e:92:1b:8c:89:e8:7e:0d:ef:bb:d5:
54:cc:85:4e:bb:4f:df:5e:10:15:94:06:b8:e7:a7:
9a:38:9a:8b:7e:03:b2:f2:b6:5e:f9:3c:e4:01:14:
26:71:50:c8:b0:cd:20:9e:60:f1:ff:07:1c:64:fe:
d0:15:69:43:28:2e:65:8f:1f:f9:5f:e5:09:0f:80:
fc:13:65:34:1c:a2:8c:00:b3:b7:40:1d:e4:79:53:
19:92:3f:f6:d5:b1:c3:8d:73:61:b9:a6:ca:28:06:
d6:bb:c8:a5:b3:7a:b7:7b:ab:e1:59:05:f3:78:52:
7a:9c:d3:76:09:6e:8d:10:d1:42:3e:44:94:b6:2a:
78:0f:85:90:d0:93:3b:7c:8b:3d:fc:f3:6a:e0:c8:
68:5b:2a:5d:56:c5:03:36:31:a3:72:00:ac:66:85:
25:a9:52:6b:ab:8d:10:5d:9a:58:e7:fd:b6:b6:3b:
a6:28:4b:a4:9c:99:1b:58:ec:1b:c4:0b:b3:a9:f4:
46:f4:a9:1c:2b:e7:00:ae:09:5d:b0:1e:01:b1:9b:
cd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:6D:8C:89:35:5F:1E:0E:22:7F:A4:00:62:3F:19:7F:0C:C8:CE:EC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xW2MiTVfHg4if6QAYj8ZfwzIzuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:28:78:1f:26:88:0a:91:85:c5:d2:e9:48:7d:ad:b8:e0:fc:
5e:4c:e1:ea:67:57:15:03:9c:6e:fc:a1:4b:74:e6:81:68:78:
da:e1:cf:9f:de:6a:5d:fc:28:d2:b3:ac:d8:bf:bc:d7:4b:11:
11:b4:e8:3b:50:47:93:31:45:3c:1e:17:ae:40:06:70:be:65:
8a:34:ba:c8:ff:d2:b1:0c:1a:bc:03:48:cc:17:cf:fb:50:04:
06:01:43:44:13:ac:24:22:71:80:a3:f6:44:cf:3c:cf:5d:0e:
ee:8e:a6:34:20:ee:3f:1f:ee:84:b1:aa:ef:9f:1c:39:74:da:
5e:50:b9:4d:3e:fd:e3:a9:bf:ab:b0:4c:44:02:c6:ec:12:37:
4d:7f:69:6f:25:a2:f1:96:b5:14:a7:51:49:40:94:6e:1b:3f:
2f:6e:7c:ea:38:3d:6d:f3:d5:f7:9e:c5:9e:7a:41:df:35:01:
82:ad:f5:12:92:c2:2b:58:7a:a3:99:64:ba:7a:ce:b2:86:72:
1c:fe:bb:1b:57:f0:52:d0:d1:3f:6f:ea:21:d4:94:1e:e0:bf:
3a:33:7d:9e:61:04:46:f9:73:da:15:42:16:68:54:ba:2d:13:
1a:ca:69:48:b5:74:52:45:bc:18:1f:6a:6f:34:42:6e:90:d2:
94:cc:a4:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6I18HskXoUjv17psoBXHmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI5MDYxMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTZkOGM4OTM1NWYxZTBlMjI3ZmE0MDA2MjNmMTk3ZjBjYzhjZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvZZGklyGJxW8zvsGQmlPSctEoBS
tG+GACIw8gI22mRMqhI+Y+cq2L+7OcVQ0wSHPpIbjInofg3vu9VUzIVOu0/fXhAV
lAa456eaOJqLfgOy8rZe+TzkARQmcVDIsM0gnmDx/wccZP7QFWlDKC5ljx/5X+UJ
D4D8E2U0HKKMALO3QB3keVMZkj/21bHDjXNhuabKKAbWu8ils3q3e6vhWQXzeFJ6
nNN2CW6NENFCPkSUtip4D4WQ0JM7fIs9/PNq4MhoWypdVsUDNjGjcgCsZoUlqVJr
q40QXZpY5/22tjumKEuknJkbWOwbxAuzqfRG9KkcK+cArgldsB4BsZvNhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMVtjIk1Xx4OIn+kAGI/GX8MyM7sMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveFcyTWlUVmZIZzRpZjZRQVlqOFpmd3pJenV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFIoeB8miAqRhcXS6Uh9
rbjg/F5M4epnVxUDnG78oUt05oFoeNrhz5/eal38KNKzrNi/vNdLERG06DtQR5Mx
RTweF65ABnC+ZYo0usj/0rEMGrwDSMwXz/tQBAYBQ0QTrCQicYCj9kTPPM9dDu6O
pjQg7j8f7oSxqu+fHDl02l5QuU0+/eOpv6uwTEQCxuwSN01/aW8lovGWtRSnUUlA
lG4bPy9ufOo4PW3z1feexZ56Qd81AYKt9RKSwitYeqOZZLp6zrKGchz+uxtX8FLQ
0T9v6iHUlB7gvzozfZ5hBEb5c9oVQhZoVLotExrKaUi1dFJFvBgfam80Qm6Q0pTM
pG0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:42:11 2025 by rpki-client