Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zAjSPRx7Hj3Nv16t-2jdpjQrYUs.roa
File: zAjSPRx7Hj3Nv16t-2jdpjQrYUs.roa (raw, json)
Hash identifier: lvmE7e9aoXHtoESx1Xr0PjAFJ9LIoUi2XufteZ/jIyU=
Subject key identifier: CC:08:D2:3D:1C:7B:1E:3D:CD:BF:5E:AD:FB:68:DD:A6:34:2B:61:4B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E3F3A8B6D129A0460466E0E439583608F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zAjSPRx7Hj3Nv16t-2jdpjQrYUs.roa
Signing time: Thu 14 Mar 2024 23:09:45 +0000
ROA not before: Thu 14 Mar 2024 23:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3f:3a:8b:6d:12:9a:04:60:46:6e:0e:43:95:83:60:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 14 23:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc08d23d1c7b1e3dcdbf5eadfb68dda6342b614b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2a:e3:e0:29:1a:7b:bd:a8:2b:aa:c6:bf:4a:
21:44:3b:37:06:f1:c4:af:e9:d5:59:dd:7c:0e:ba:
f5:68:3b:d3:22:b3:12:3a:2e:26:7f:b9:37:ce:b4:
de:bc:6e:27:34:6a:c6:5d:0c:97:ab:7e:24:15:72:
1e:66:cc:2d:24:92:5e:a1:5b:d8:0f:b9:b0:b2:47:
33:7a:f0:95:5d:bc:bc:15:97:bb:86:39:b8:26:dd:
07:85:1c:41:15:88:e9:4c:ef:f8:7a:8c:6e:58:75:
00:23:7d:e4:75:cf:36:93:40:84:d4:13:a5:b0:de:
99:2d:67:4b:16:45:6a:e6:c7:69:88:65:ee:91:9c:
85:b6:06:0c:86:0c:ed:3a:1b:c3:ee:10:01:85:8a:
86:a4:04:96:22:b7:97:24:b9:15:39:a1:9a:9f:78:
f2:7e:c4:ab:48:8a:fd:5f:69:bb:c3:93:4d:74:95:
c0:8f:96:d6:ee:31:e8:3e:64:ab:d4:ff:d1:3c:21:
e7:fe:0e:bc:38:3a:09:89:37:be:87:d0:0f:cd:cf:
7d:5e:d9:b3:9d:05:39:84:77:10:14:d7:6f:0f:8a:
25:17:bf:4e:08:0b:83:6f:d4:51:c2:ac:87:d3:d5:
8b:b9:66:d7:1d:d5:88:72:fb:c1:0a:9c:60:ff:96:
94:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:08:D2:3D:1C:7B:1E:3D:CD:BF:5E:AD:FB:68:DD:A6:34:2B:61:4B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zAjSPRx7Hj3Nv16t-2jdpjQrYUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:e4:01:45:32:e4:92:58:b9:52:df:dc:45:3d:ed:b8:5a:d8:
f3:8a:56:35:21:f2:15:13:63:f7:68:10:79:9b:f2:e5:27:ce:
28:31:6b:12:02:b5:44:96:d6:06:cf:4c:df:5a:58:51:4e:5f:
b0:b2:72:59:72:75:ca:9d:da:02:f3:64:34:98:42:2f:b8:fb:
64:21:10:05:d7:8c:da:59:a9:8c:9a:5f:5a:cc:4f:cb:26:dc:
8c:9b:2a:a5:d6:f3:b3:8d:53:b1:7d:97:ea:14:53:6b:69:dc:
f5:62:33:3b:1a:54:c3:fc:86:86:99:a8:09:37:a9:a7:4d:78:
63:50:02:80:86:56:07:63:a8:9b:d5:40:9e:b3:c4:d4:1e:e3:
06:e4:dd:7a:97:64:b6:9d:e1:05:90:21:43:04:0a:53:23:96:
f9:29:3b:7a:85:f2:84:0f:93:f4:fa:2a:d4:49:59:3f:dd:03:
fc:4f:71:e3:d8:88:72:d9:3d:78:1e:79:04:f5:43:90:29:de:
92:06:03:64:96:e7:82:fc:61:38:70:66:b1:3e:7a:65:8d:e2:
24:dd:1c:96:47:e5:d6:72:23:d4:b7:83:35:7b:18:9d:5a:3b:
bc:51:fc:10:41:99:44:90:b6:a6:6c:6a:0a:5a:32:51:50:50:
bb:f3:2f:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4/OottEpoEYEZuDkOVg2CPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE0MjMwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzA4ZDIzZDFjN2IxZTNkY2RiZjVlYWRmYjY4ZGRhNjM0MmI2MTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyrj4Ckae72oK6rGv0ohRDs3BvHE
r+nVWd18Drr1aDvTIrMSOi4mf7k3zrTevG4nNGrGXQyXq34kFXIeZswtJJJeoVvY
D7mwskczevCVXby8FZe7hjm4Jt0HhRxBFYjpTO/4eoxuWHUAI33kdc82k0CE1BOl
sN6ZLWdLFkVq5sdpiGXukZyFtgYMhgztOhvD7hABhYqGpASWIreXJLkVOaGan3jy
fsSrSIr9X2m7w5NNdJXAj5bW7jHoPmSr1P/RPCHn/g68ODoJiTe+h9APzc99Xtmz
nQU5hHcQFNdvD4olF79OCAuDb9RRwqyH09WLuWbXHdWIcvvBCpxg/5aUPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMwI0j0cex49zb9erfto3aY0K2FLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvekFqU1BSeDdIajNOdjE2dC0yamRwalFyWVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJzkAUUy5JJYuVLf3EU9
7bha2POKVjUh8hUTY/doEHmb8uUnzigxaxICtUSW1gbPTN9aWFFOX7Cycllydcqd
2gLzZDSYQi+4+2QhEAXXjNpZqYyaX1rMT8sm3IybKqXW87ONU7F9l+oUU2tp3PVi
MzsaVMP8hoaZqAk3qadNeGNQAoCGVgdjqJvVQJ6zxNQe4wbk3XqXZLad4QWQIUME
ClMjlvkpO3qF8oQPk/T6KtRJWT/dA/xPcePYiHLZPXgeeQT1Q5Ap3pIGA2SW54L8
YThwZrE+emWN4iTdHJZH5dZyI9S3gzV7GJ1aO7xR/BBBmUSQtqZsagpaMlFQULvz
L/s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:39 2025 by rpki-client