Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3O8DzTrOzpPvT8DtpD-Dm3xpCyk.roa
File: 3O8DzTrOzpPvT8DtpD-Dm3xpCyk.roa (raw, json)
Hash identifier: MV/UjHj/rCphmCO5O4wrFza8LDyUmH+6ZEPHeKHBQXs=
Subject key identifier: DC:EF:03:CD:3A:CE:CE:93:EF:4F:C0:ED:A4:3F:83:9B:7C:69:0B:29
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F671CE103CA3760328644F321A06D6339
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3O8DzTrOzpPvT8DtpD-Dm3xpCyk.roa
Signing time: Sat 11 May 2024 10:04:56 +0000
ROA not before: Sat 11 May 2024 10:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
2001:67c:64:ffff:0:18f:671c:275d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:67:1c:e1:03:ca:37:60:32:86:44:f3:21:a0:6d:63:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 11 10:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcef03cd3acece93ef4fc0eda43f839b7c690b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cf:8a:a0:10:a0:0c:71:f1:f7:eb:57:62:e7:
d9:58:af:34:93:fb:f6:fe:21:18:c0:a1:85:5e:a9:
4f:2c:0b:7e:99:f9:f0:02:6a:d2:69:c9:2e:b4:54:
09:fd:01:37:5c:95:7e:54:81:e3:7b:4b:47:9a:7e:
2f:bb:ee:4e:42:7f:bb:cb:be:93:52:4c:f7:17:d7:
95:61:60:12:7d:de:56:0d:13:e8:55:d4:4b:5f:01:
58:4e:d1:15:be:dd:81:73:e3:6d:80:59:01:f2:fe:
5c:2c:ee:03:c6:9a:3a:42:0f:a1:d5:80:f2:ba:21:
71:78:84:f0:db:7e:20:2d:fd:3f:12:73:c2:62:ae:
2a:ce:8a:06:00:50:b4:2a:a8:b5:12:db:d5:dc:68:
d5:f5:22:96:2c:69:e3:5a:57:ed:ed:a1:7d:79:57:
25:36:31:df:fb:60:f6:fc:fd:08:45:cb:2e:b1:20:
75:1a:a1:fe:1e:ab:95:fd:c4:09:9b:f6:7f:ee:27:
b9:6c:fb:9c:bc:0b:63:cd:27:11:22:f9:aa:50:52:
24:6c:c2:88:16:ac:8c:d6:5b:7a:95:56:3f:e2:49:
e8:2b:63:1d:91:7e:4f:1a:d9:c5:e2:8b:e4:c8:44:
9e:c6:fa:c0:eb:d8:b9:0a:96:d2:2f:e7:2e:21:91:
d5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:EF:03:CD:3A:CE:CE:93:EF:4F:C0:ED:A4:3F:83:9B:7C:69:0B:29
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/3O8DzTrOzpPvT8DtpD-Dm3xpCyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:81:98:83:14:02:09:9a:9a:44:30:21:96:d2:58:0f:30:8d:
9e:cc:96:48:72:94:8d:c1:d6:87:1d:bc:42:a1:0b:57:1a:44:
79:41:b1:cc:50:6d:97:0a:70:73:9d:b2:6b:90:0f:46:33:d2:
de:27:a1:2f:49:9a:9a:bb:f8:3d:7e:f7:35:8b:0a:c4:ac:8d:
06:a4:f9:a3:f4:8f:11:64:f3:16:28:51:25:60:0b:7d:5d:5d:
02:5d:44:bc:57:35:5a:e9:78:91:c6:fa:37:bf:32:74:c9:20:
07:8c:b7:52:5c:19:ae:f9:b3:6f:77:49:d7:78:0f:bc:65:48:
14:75:1e:02:51:67:b0:cc:d6:71:2b:8a:7e:8b:02:7c:2c:ad:
9c:49:39:e0:25:da:87:aa:a0:9c:f6:b0:3f:5a:0c:46:a8:d4:
18:03:14:75:1c:17:71:9f:e6:f7:5b:ee:83:ab:cb:8a:f8:d8:
ad:f4:f7:da:d2:ff:c0:f5:a2:a8:d3:7e:2c:7e:47:0b:d0:7d:
22:e4:de:6c:2d:3c:8c:a1:c1:85:ea:6f:1a:dc:7a:eb:3d:de:
cf:a6:54:6c:d0:70:e4:7b:89:7b:d4:58:ed:47:82:9c:e0:a8:
4c:54:7b:fe:a7:3e:2b:7f:17:85:42:18:6c:ee:4d:52:48:ac:
62:76:46:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9nHOEDyjdgMoZE8yGgbWM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTExMTAwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2VmMDNjZDNhY2VjZTkzZWY0ZmMwZWRhNDNmODM5YjdjNjkwYjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8+KoBCgDHHx9+tXYufZWK80k/v2
/iEYwKGFXqlPLAt+mfnwAmrSackutFQJ/QE3XJV+VIHje0tHmn4vu+5OQn+7y76T
Ukz3F9eVYWASfd5WDRPoVdRLXwFYTtEVvt2Bc+NtgFkB8v5cLO4Dxpo6Qg+h1YDy
uiFxeITw234gLf0/EnPCYq4qzooGAFC0Kqi1EtvV3GjV9SKWLGnjWlft7aF9eVcl
NjHf+2D2/P0IRcsusSB1GqH+HquV/cQJm/Z/7ie5bPucvAtjzScRIvmqUFIkbMKI
FqyM1lt6lVY/4knoK2MdkX5PGtnF4ovkyESexvrA69i5CpbSL+cuIZHVoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNzvA806zs6T70/A7aQ/g5t8aQspMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvM084RHpUck96cFB2VDhEdHBELURtM3hwQ3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEGBmIMUAgmamkQwIZbS
WA8wjZ7MlkhylI3B1ocdvEKhC1caRHlBscxQbZcKcHOdsmuQD0Yz0t4noS9Jmpq7
+D1+9zWLCsSsjQak+aP0jxFk8xYoUSVgC31dXQJdRLxXNVrpeJHG+je/MnTJIAeM
t1JcGa75s293Sdd4D7xlSBR1HgJRZ7DM1nErin6LAnwsrZxJOeAl2oeqoJz2sD9a
DEao1BgDFHUcF3Gf5vdb7oOry4r42K3099rS/8D1oqjTfix+RwvQfSLk3mwtPIyh
wYXqbxrceus93s+mVGzQcOR7iXvUWO1HgpzgqExUe/6nPit/F4VCGGzuTVJIrGJ2
Row=
-----END CERTIFICATE-----
Generated at Wed Apr 30 05:43:50 2025 by rpki-client