Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0BOF3hQnPCjrzmYXgmlV0kkC4ng.roa
File: 0BOF3hQnPCjrzmYXgmlV0kkC4ng.roa (raw, json)
Hash identifier: JAxvxvKX/E+kLlkMriqgC2MKFNJv75W4GUSdH1Cgaik=
Subject key identifier: D0:13:85:DE:14:27:3C:28:EB:CE:66:17:82:69:55:D2:49:02:E2:78
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D7106A0AF0148D33CCCBDA776EE544C9C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0BOF3hQnPCjrzmYXgmlV0kkC4ng.roa
Signing time: Sat 03 Feb 2024 22:11:16 +0000
ROA not before: Sat 03 Feb 2024 22:11:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:71:06:a0:af:01:48:d3:3c:cc:bd:a7:76:ee:54:4c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 3 22:11:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d01385de14273c28ebce6617826955d24902e278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:68:74:b1:c6:83:2a:82:d6:db:30:9e:6b:b7:
e3:21:48:66:18:b6:41:fd:a8:80:0c:22:de:f0:98:
df:54:5e:92:22:b4:62:00:db:28:7c:de:26:a4:f3:
2d:f2:54:8e:11:8b:ff:14:a2:3a:5f:25:29:cf:cf:
f3:bf:3c:6d:c0:ff:56:78:06:fb:ba:8b:4a:2e:cb:
00:9c:d9:5d:21:a3:7f:dd:5b:b3:9c:a1:c7:58:49:
99:95:8e:f1:48:d7:cd:4b:7c:08:d9:95:30:3a:b8:
c1:77:c1:50:8b:29:af:e6:71:05:76:c9:22:94:e0:
a5:4d:df:a5:e7:61:1d:d0:f3:c4:47:49:9c:16:f8:
09:81:9c:ab:c3:40:f8:84:8c:56:8d:7a:b8:52:9c:
71:9c:d8:37:ac:3c:3f:2a:e9:6a:7e:1c:7c:11:7f:
7f:38:3d:da:e8:ac:14:7c:84:48:21:68:88:92:e4:
88:13:80:5c:f0:22:3d:4f:c2:da:40:09:ac:ab:ef:
f4:c8:8f:03:0a:cc:2a:f6:22:5b:76:5f:4b:cd:f5:
75:32:64:4a:4c:55:b6:89:47:34:b2:a7:01:8a:10:
5b:59:2a:09:ac:f0:f1:48:ac:a1:39:30:b6:46:8f:
f7:31:37:e8:32:f0:56:e2:d5:20:f7:77:01:5e:1d:
8e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:13:85:DE:14:27:3C:28:EB:CE:66:17:82:69:55:D2:49:02:E2:78
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0BOF3hQnPCjrzmYXgmlV0kkC4ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:d5:a2:3f:c4:3d:0e:1c:16:93:4d:31:86:06:a2:b2:73:48:
16:82:98:64:62:45:19:bc:f6:09:8d:5f:d5:46:1a:09:e5:d2:
60:3f:e3:71:f2:16:b5:1a:a5:dd:fa:97:a6:04:3a:06:c1:f3:
91:73:a1:26:24:c9:3b:70:37:95:47:ec:89:8b:5b:1a:40:65:
d2:51:f4:07:df:58:86:bd:bc:63:84:00:b5:9f:34:3e:00:a3:
07:ec:e2:38:0b:8a:fc:9f:b8:9d:c6:fd:99:08:8c:5b:7c:6b:
33:c0:e3:4f:8d:cd:79:17:2b:a0:bc:50:a0:ef:59:53:20:9a:
4b:1b:5a:e8:81:2d:68:8b:74:aa:a6:86:62:3d:fc:42:03:3c:
c5:6d:34:df:fd:9b:a6:04:60:18:8f:9e:bd:a5:0a:00:06:07:
d9:27:fe:f2:9a:1d:56:37:86:7f:e1:ea:8a:bc:00:5c:c6:33:
13:71:58:92:34:e7:28:89:74:8d:bb:59:8c:95:a1:30:c3:6e:
14:66:1e:d6:86:37:65:61:1f:33:03:89:03:28:9b:c7:b9:25:
83:3e:41:b0:68:b2:3e:33:de:29:bb:15:07:a9:f7:c4:7a:7d:
5b:e0:f6:e5:ea:29:c6:d3:27:32:70:14:f4:12:71:74:6a:5f:
53:4c:a2:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1xBqCvAUjTPMy9p3buVEycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAzMjIxMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDEzODVkZTE0MjczYzI4ZWJjZTY2MTc4MjY5NTVkMjQ5MDJlMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmh0scaDKoLW2zCea7fjIUhmGLZB
/aiADCLe8JjfVF6SIrRiANsofN4mpPMt8lSOEYv/FKI6XyUpz8/zvzxtwP9WeAb7
uotKLssAnNldIaN/3VuznKHHWEmZlY7xSNfNS3wI2ZUwOrjBd8FQiymv5nEFdski
lOClTd+l52Ed0PPER0mcFvgJgZyrw0D4hIxWjXq4UpxxnNg3rDw/Kulqfhx8EX9/
OD3a6KwUfIRIIWiIkuSIE4Bc8CI9T8LaQAmsq+/0yI8DCswq9iJbdl9LzfV1MmRK
TFW2iUc0sqcBihBbWSoJrPDxSKyhOTC2Ro/3MTfoMvBW4tUg93cBXh2OzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNAThd4UJzwo685mF4JpVdJJAuJ4MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMEJPRjNoUW5QQ2pyem1ZWGdtbFYwa2tDNG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF/Voj/EPQ4cFpNNMYYG
orJzSBaCmGRiRRm89gmNX9VGGgnl0mA/43HyFrUapd36l6YEOgbB85FzoSYkyTtw
N5VH7ImLWxpAZdJR9AffWIa9vGOEALWfND4Aowfs4jgLivyfuJ3G/ZkIjFt8azPA
40+NzXkXK6C8UKDvWVMgmksbWuiBLWiLdKqmhmI9/EIDPMVtNN/9m6YEYBiPnr2l
CgAGB9kn/vKaHVY3hn/h6oq8AFzGMxNxWJI05yiJdI27WYyVoTDDbhRmHtaGN2Vh
HzMDiQMom8e5JYM+QbBosj4z3im7FQep98R6fVvg9uXqKcbTJzJwFPQScXRqX1NM
onc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:48 2024 by rpki-client on console-ams.rpki-client.org