Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xpn_EQu0DPWwD3mYvhMcFtzPotA.roa
File: xpn_EQu0DPWwD3mYvhMcFtzPotA.roa (raw, json)
Hash identifier: RW6jFop7pwlk+4LJErR84fHdJRyP19hP8IXyMP8flMc=
Subject key identifier: C6:99:FF:11:0B:B4:0C:F5:B0:0F:79:98:BE:13:1C:16:DC:CF:A2:D0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E51E942416320B049A1CF0E47BB355BC3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xpn_EQu0DPWwD3mYvhMcFtzPotA.roa
Signing time: Mon 18 Mar 2024 14:13:45 +0000
ROA not before: Mon 18 Mar 2024 14:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:e9:42:41:63:20:b0:49:a1:cf:0e:47:bb:35:5b:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 18 14:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c699ff110bb40cf5b00f7998be131c16dccfa2d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:12:a9:0e:ad:e6:31:f9:f5:3a:c7:b4:18:db:
13:ad:52:2c:4d:c1:e3:7b:39:4d:14:96:37:19:c7:
9c:bf:05:c4:4b:68:88:6b:f6:6b:55:6a:53:61:0a:
1b:e5:ba:10:a6:ae:d8:f7:aa:26:4d:de:a5:db:2b:
c9:c6:60:15:3e:3f:2e:54:fb:5d:b4:5a:3d:40:8e:
5c:64:a6:e1:ac:34:2b:84:9a:2c:f5:74:9f:7e:61:
a3:74:63:98:bd:ac:16:13:19:de:3d:5c:c7:bd:e1:
c2:50:3e:a0:15:d2:e2:ad:be:28:80:59:93:e4:22:
75:4e:73:50:e5:88:b4:2b:20:7d:1a:fd:af:02:30:
c8:82:d1:5d:88:09:ed:7a:52:6f:94:d2:e3:21:cc:
a8:40:a5:cb:54:cf:d3:fe:80:58:6a:b6:31:3f:0c:
2b:2f:2e:6c:0e:39:44:af:40:71:3e:3f:9d:24:dc:
e2:38:f6:93:fb:8c:7a:5f:9b:50:ad:b5:0b:89:a4:
58:6a:28:f5:53:8a:70:9b:a4:7e:c1:41:39:37:9b:
45:18:b2:c9:26:b8:83:1b:ee:d7:43:c5:f9:db:c1:
65:61:ed:fe:20:70:e9:59:95:00:ef:5d:e9:56:11:
e0:e9:3f:51:9b:b0:50:de:f3:b1:ef:9f:0e:94:97:
d2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:99:FF:11:0B:B4:0C:F5:B0:0F:79:98:BE:13:1C:16:DC:CF:A2:D0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xpn_EQu0DPWwD3mYvhMcFtzPotA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:cb:44:a5:2c:cd:a8:f3:a0:2c:60:dc:5a:c8:b3:73:82:3a:
3e:d8:7c:5e:1f:bb:9c:7a:14:e2:a9:91:1b:b3:f7:24:f8:9f:
14:03:8b:3f:db:8a:8e:7a:bd:1b:81:34:49:46:58:ff:6d:9e:
9a:6c:5f:0a:8f:15:d6:9a:9f:e7:8a:6f:df:4a:72:56:e6:de:
d3:c0:ca:c8:66:fc:5c:50:7b:a8:d4:40:5c:6d:b8:03:bd:3d:
20:0f:4a:9b:2b:65:38:46:34:35:c2:a2:bf:19:df:04:f5:45:
af:ef:85:88:c0:ed:38:a6:43:88:b3:ce:b7:b4:85:3d:0a:57:
9e:4c:91:f4:59:7d:c1:b1:1c:21:22:af:64:80:1f:27:aa:59:
09:38:98:6c:36:f7:12:8b:3e:81:8f:bb:32:1e:e1:4b:27:82:
74:b3:f6:fa:3f:74:97:48:c8:24:0b:e5:90:b6:dd:eb:16:a4:
6c:a7:aa:a1:1c:2f:fd:0f:73:86:f0:e8:dc:d0:38:b4:d9:b1:
68:28:5f:5d:5d:41:5c:c5:98:16:da:a9:0e:7a:a0:cc:8c:34:
8c:0a:bf:8d:43:08:d3:b4:ee:b0:e3:6c:ca:63:bd:05:a0:06:
b9:1d:3f:6f:45:75:43:8f:9d:78:f0:64:13:c5:e4:eb:9d:9c:
2f:98:77:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5R6UJBYyCwSaHPDke7NVvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE4MTQxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjk5ZmYxMTBiYjQwY2Y1YjAwZjc5OThiZTEzMWMxNmRjY2ZhMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhKpDq3mMfn1Ose0GNsTrVIsTcHj
ezlNFJY3GcecvwXES2iIa/ZrVWpTYQob5boQpq7Y96omTd6l2yvJxmAVPj8uVPtd
tFo9QI5cZKbhrDQrhJos9XSffmGjdGOYvawWExnePVzHveHCUD6gFdLirb4ogFmT
5CJ1TnNQ5Yi0KyB9Gv2vAjDIgtFdiAntelJvlNLjIcyoQKXLVM/T/oBYarYxPwwr
Ly5sDjlEr0BxPj+dJNziOPaT+4x6X5tQrbULiaRYaij1U4pwm6R+wUE5N5tFGLLJ
JriDG+7XQ8X528FlYe3+IHDpWZUA713pVhHg6T9Rm7BQ3vOx758OlJfSVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMaZ/xELtAz1sA95mL4THBbcz6LQMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveHBuX0VRdTBEUFd3RDNtWXZoTWNGdHpQb3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGXLRKUszajzoCxg3FrI
s3OCOj7YfF4fu5x6FOKpkRuz9yT4nxQDiz/bio56vRuBNElGWP9tnppsXwqPFdaa
n+eKb99Kclbm3tPAyshm/FxQe6jUQFxtuAO9PSAPSpsrZThGNDXCor8Z3wT1Ra/v
hYjA7TimQ4izzre0hT0KV55MkfRZfcGxHCEir2SAHyeqWQk4mGw29xKLPoGPuzIe
4UsngnSz9vo/dJdIyCQL5ZC23esWpGynqqEcL/0Pc4bw6NzQOLTZsWgoX11dQVzF
mBbaqQ56oMyMNIwKv41DCNO07rDjbMpjvQWgBrkdP29FdUOPnXjwZBPF5OudnC+Y
dzg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:34 2025 by rpki-client