Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xvjfbDGZEhpCmZfPT7hPzbhokWI.roa
File: xvjfbDGZEhpCmZfPT7hPzbhokWI.roa (raw, json)
Hash identifier: JoxbLx7dImJyPvxp72mSAIA/dHk5RY4vqJwpkbzXAh4=
Subject key identifier: C6:F8:DF:6C:31:99:12:1A:42:99:97:CF:4F:B8:4F:CD:B8:68:91:62
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D6ACD9D3E70278624E27E7EBC2FBFAEE6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xvjfbDGZEhpCmZfPT7hPzbhokWI.roa
Signing time: Fri 02 Feb 2024 17:11:16 +0000
ROA not before: Fri 02 Feb 2024 17:11:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:cd:9d:3e:70:27:86:24:e2:7e:7e:bc:2f:bf:ae:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 2 17:11:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6f8df6c3199121a429997cf4fb84fcdb8689162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8e:fb:a7:0b:56:d4:4b:04:ee:5a:24:10:5f:
5f:84:98:25:7a:38:59:2e:ce:ee:8c:e7:d5:d4:97:
85:63:2c:c4:c7:86:f9:6f:26:22:dc:89:4d:a6:2a:
5a:f3:9d:b3:9b:60:e7:fc:ef:2f:7b:86:49:e2:c1:
5b:01:db:1e:7f:62:34:75:2b:e9:02:df:da:d5:43:
0e:e5:f4:33:0c:51:32:c4:d2:45:ce:46:48:7c:f7:
9b:1d:20:ac:1e:13:7d:44:f4:55:7d:27:cd:1b:0d:
17:59:ad:a8:dd:5c:48:c0:d3:c0:8f:48:2e:b8:15:
d9:97:5c:50:93:ab:fe:c2:ff:52:0a:af:a1:e0:89:
1e:8b:4f:9f:1a:8e:d1:21:93:f0:b7:e3:96:ad:3d:
cd:ca:97:60:ef:3c:06:36:00:e5:4e:89:05:37:88:
60:b4:3d:50:23:e1:3d:05:49:86:54:91:50:dd:60:
5b:90:21:20:be:6a:ef:fc:79:88:c9:e9:db:af:0e:
e9:04:f4:f6:c9:63:b3:cc:f7:ab:46:a8:db:c7:78:
7f:4a:53:cd:7d:cf:a9:0c:72:50:0d:2f:84:df:83:
b9:3e:55:b2:c8:69:a9:4f:79:78:5d:7a:ab:03:63:
b4:dc:37:e5:50:c8:8d:65:19:eb:d6:85:93:d5:52:
fa:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F8:DF:6C:31:99:12:1A:42:99:97:CF:4F:B8:4F:CD:B8:68:91:62
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xvjfbDGZEhpCmZfPT7hPzbhokWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:76:7d:c9:69:f1:a5:17:b7:41:86:0d:32:3f:74:19:9a:81:
28:62:bb:d2:d0:4e:43:4a:ee:05:8e:89:b1:9b:5a:42:fc:76:
17:72:a7:b9:09:95:9e:42:84:9d:31:d8:5c:1f:9e:a9:89:92:
8b:b6:4c:03:aa:cf:63:a7:32:4f:5a:24:74:6a:46:7a:6a:2c:
a4:ef:f2:7f:50:d5:e7:ac:e0:7e:9a:12:68:7e:dc:08:1f:6c:
3d:1b:29:7a:a2:7c:8e:4b:fe:d0:d8:48:45:bd:d2:2b:5a:ff:
b4:0f:5a:37:43:00:1c:ed:1e:c0:2c:90:79:56:84:19:95:11:
52:28:c9:0b:71:c3:64:52:24:2e:b5:27:f3:f2:5d:c3:0b:09:
5c:93:e4:a2:63:fa:0b:c2:9d:ff:56:15:94:73:ec:b5:30:6b:
b3:c3:64:ba:f7:83:7c:68:a6:de:50:19:7b:71:5c:bc:e1:e4:
3b:f0:c5:37:2c:ee:e9:0a:73:1c:6c:2d:1d:c4:28:80:28:75:
d6:e8:22:28:cd:31:e7:64:2e:b4:f3:44:7b:09:18:05:73:47:
6e:49:ee:e7:5e:54:b9:e1:1b:6f:ef:b4:41:6c:26:fd:a4:9b:
4a:17:8a:d4:f2:a3:bc:e9:b7:b9:65:72:16:fb:90:78:23:e9:
fb:d9:76:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1qzZ0+cCeGJOJ+frwvv67mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAyMTcxMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmY4ZGY2YzMxOTkxMjFhNDI5OTk3Y2Y0ZmI4NGZjZGI4Njg5MTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuY77pwtW1EsE7lokEF9fhJglejhZ
Ls7ujOfV1JeFYyzEx4b5byYi3IlNpipa852zm2Dn/O8ve4ZJ4sFbAdsef2I0dSvp
At/a1UMO5fQzDFEyxNJFzkZIfPebHSCsHhN9RPRVfSfNGw0XWa2o3VxIwNPAj0gu
uBXZl1xQk6v+wv9SCq+h4Ikei0+fGo7RIZPwt+OWrT3Nypdg7zwGNgDlTokFN4hg
tD1QI+E9BUmGVJFQ3WBbkCEgvmrv/HmIyenbrw7pBPT2yWOzzPerRqjbx3h/SlPN
fc+pDHJQDS+E34O5PlWyyGmpT3l4XXqrA2O03DflUMiNZRnr1oWT1VL6KQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMb432wxmRIaQpmXz0+4T824aJFiMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveHZqZmJER1pFaHBDbVpmUFQ3aFB6Ymhva1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI92fclp8aUXt0GGDTI/
dBmagShiu9LQTkNK7gWOibGbWkL8dhdyp7kJlZ5ChJ0x2FwfnqmJkou2TAOqz2On
Mk9aJHRqRnpqLKTv8n9Q1ees4H6aEmh+3AgfbD0bKXqifI5L/tDYSEW90ita/7QP
WjdDABztHsAskHlWhBmVEVIoyQtxw2RSJC61J/PyXcMLCVyT5KJj+gvCnf9WFZRz
7LUwa7PDZLr3g3xopt5QGXtxXLzh5DvwxTcs7ukKcxxsLR3EKIAoddboIijNMedk
LrTzRHsJGAVzR25J7udeVLnhG2/vtEFsJv2km0oXitTyo7zpt7llchb7kHgj6fvZ
dt8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:23 2025 by rpki-client