Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xYotn5zn2QFWlGcJJ7UKtfuNc2Q.roa
File: xYotn5zn2QFWlGcJJ7UKtfuNc2Q.roa (raw, json)
Hash identifier: oI5W9kTjjsPeJD0PbXkdAowJBosAKfjySg0Jt6N7AEI=
Subject key identifier: C5:8A:2D:9F:9C:E7:D9:01:56:94:67:09:27:B5:0A:B5:FB:8D:73:64
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8A500A7522ADD811CB66E751C4B1AAF5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xYotn5zn2QFWlGcJJ7UKtfuNc2Q.roa
Signing time: Fri 29 Mar 2024 13:04:45 +0000
ROA not before: Fri 29 Mar 2024 13:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:8a4f:8d66/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8a:50:0a:75:22:ad:d8:11:cb:66:e7:51:c4:b1:aa:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 29 13:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c58a2d9f9ce7d9015694670927b50ab5fb8d7364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c6:6e:58:29:1a:ab:29:87:42:73:6e:27:25:
26:3d:a0:92:27:17:71:09:57:aa:31:c4:19:a7:b4:
ee:2d:2e:ec:06:90:4b:3a:d6:7f:74:8a:35:d6:cf:
f3:53:ad:28:2e:ed:22:86:56:e2:3e:67:d6:ff:ab:
5c:59:0b:58:f3:a7:15:5d:b9:20:ac:58:0e:bd:11:
35:23:75:4a:5c:ca:52:43:73:8c:2c:24:d5:f0:54:
0a:82:78:f7:35:b0:4f:2f:ae:c3:02:ce:b9:0d:f1:
d7:5e:09:ec:34:a3:c0:e5:e1:8e:75:73:ed:f9:2c:
b0:0b:4b:6a:30:22:a7:77:ab:3e:3d:c7:31:40:e2:
53:68:8e:b8:89:37:ba:71:15:ab:c9:00:18:f1:f3:
c8:2c:79:89:97:b6:69:01:5c:bd:4d:90:c9:8e:6e:
9e:30:77:39:fd:05:f0:24:b7:b0:e1:66:88:73:00:
e8:fb:5d:aa:33:e2:06:f8:28:09:cd:65:51:95:0b:
c6:39:dd:ce:a6:3a:ff:6b:87:7a:b6:95:4c:d5:b8:
48:49:2d:c3:9d:92:c6:9d:ec:63:23:22:02:4c:25:
37:03:b9:da:15:23:89:fd:96:d9:4f:d9:db:77:09:
32:66:ae:89:60:af:e2:87:9d:c3:b0:8d:06:1b:3a:
09:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:8A:2D:9F:9C:E7:D9:01:56:94:67:09:27:B5:0A:B5:FB:8D:73:64
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xYotn5zn2QFWlGcJJ7UKtfuNc2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:4c:fe:9d:4a:4a:b6:63:30:fa:0c:70:2c:a5:74:e0:e5:4e:
e2:05:fb:bf:3a:40:4c:08:70:a2:49:48:6e:bf:97:b5:57:db:
10:7f:f9:35:8b:d6:6d:65:65:b6:e1:e5:19:14:f7:73:b4:c3:
46:6c:83:1d:b9:04:0f:35:69:ef:a4:f0:69:93:53:18:9c:8a:
fd:da:99:6e:05:76:4e:ce:84:3b:f9:71:64:b0:b1:43:fe:85:
36:8e:05:aa:98:d5:dc:02:9f:a3:82:6b:25:28:ac:73:53:ac:
64:67:d0:cf:fb:58:42:f5:75:87:71:e9:d7:3e:f7:5b:1e:ce:
6a:99:bd:d8:ee:2d:62:24:59:5b:ab:66:82:5b:18:95:7d:1b:
a0:1c:eb:b7:b2:76:51:d3:e3:34:07:6a:d5:d0:e3:3a:6c:7d:
8e:6c:3f:0e:85:2b:c7:6e:0d:ed:c4:a3:42:97:88:85:00:52:
65:1c:f6:4d:ed:5f:bb:7f:97:91:ad:01:06:ed:ec:bb:a5:0b:
18:f7:8a:1e:80:86:ff:d0:38:dd:ef:bf:fe:12:4d:9c:f0:69:
b9:be:3a:72:99:6a:5a:c3:4a:9e:67:7c:75:c1:c8:1e:3c:4d:
e8:9e:a3:c5:6e:f7:43:97:05:3f:82:0c:8b:fa:2a:ba:08:cd:
95:a1:e1:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6KUAp1Iq3YEctm51HEsar1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI5MTMwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNThhMmQ5ZjljZTdkOTAxNTY5NDY3MDkyN2I1MGFiNWZiOGQ3MzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsZuWCkaqymHQnNuJyUmPaCSJxdx
CVeqMcQZp7TuLS7sBpBLOtZ/dIo11s/zU60oLu0ihlbiPmfW/6tcWQtY86cVXbkg
rFgOvRE1I3VKXMpSQ3OMLCTV8FQKgnj3NbBPL67DAs65DfHXXgnsNKPA5eGOdXPt
+SywC0tqMCKnd6s+PccxQOJTaI64iTe6cRWryQAY8fPILHmJl7ZpAVy9TZDJjm6e
MHc5/QXwJLew4WaIcwDo+12qM+IG+CgJzWVRlQvGOd3Opjr/a4d6tpVM1bhISS3D
nZLGnexjIyICTCU3A7naFSOJ/ZbZT9nbdwkyZq6JYK/ih53DsI0GGzoJ3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMWKLZ+c59kBVpRnCSe1CrX7jXNkMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveFlvdG41em4yUUZXbEdjSko3VUt0ZnVOYzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADhM/p1KSrZjMPoMcCyl
dODlTuIF+786QEwIcKJJSG6/l7VX2xB/+TWL1m1lZbbh5RkU93O0w0Zsgx25BA81
ae+k8GmTUxiciv3amW4Fdk7OhDv5cWSwsUP+hTaOBaqY1dwCn6OCayUorHNTrGRn
0M/7WEL1dYdx6dc+91sezmqZvdjuLWIkWVurZoJbGJV9G6Ac67eydlHT4zQHatXQ
4zpsfY5sPw6FK8duDe3Eo0KXiIUAUmUc9k3tX7t/l5GtAQbt7LulCxj3ih6Ahv/Q
ON3vv/4STZzwabm+OnKZalrDSp5nfHXByB48Teieo8Vu90OXBT+CDIv6KroIzZWh
4QI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:34 2025 by rpki-client