Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0OnA4ap02QwNkGhuuDj5wWxtO1w.roa
File: 0OnA4ap02QwNkGhuuDj5wWxtO1w.roa (raw, json)
Hash identifier: ue5cEWXJ6/wiOvKaauyAjmLxFZSy05vtFwsl1l6fVis=
Subject key identifier: D0:E9:C0:E1:AA:74:D9:0C:0D:90:68:6E:B8:38:F9:C1:6C:6D:3B:5C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D585BAD8D56B63CFF56CD194AD6BA0FBA
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0OnA4ap02QwNkGhuuDj5wWxtO1w.roa
Signing time: Tue 30 Jan 2024 03:13:39 +0000
ROA not before: Tue 30 Jan 2024 03:13:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:58:5b:ad:8d:56:b6:3c:ff:56:cd:19:4a:d6:ba:0f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 30 03:13:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0e9c0e1aa74d90c0d90686eb838f9c16c6d3b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9c:8e:02:5a:d4:b0:53:6c:30:9a:7f:b9:1f:
b6:99:21:79:15:d7:89:b8:30:53:4a:51:57:41:74:
ba:24:fc:fc:e7:e7:74:99:32:67:3a:30:dc:48:ae:
b0:89:9f:84:57:2b:9e:ef:ee:25:90:3e:e6:8f:27:
a9:35:bb:da:8e:ec:47:b8:02:0b:92:82:f5:b0:85:
49:53:ce:20:56:6c:5d:85:59:3c:c2:c6:76:96:1d:
7f:3b:9b:bf:7c:bb:5a:ba:e8:82:75:77:1e:37:30:
75:e8:99:fe:cc:e2:4f:47:2c:f3:4c:f5:e6:52:2d:
8a:a3:f7:02:f5:5d:35:04:86:9f:d8:08:00:51:c7:
af:0e:a4:f4:5f:c6:cf:c5:55:3a:55:44:63:d1:b1:
91:14:d6:67:7a:17:d2:d4:92:fb:48:8f:9b:c1:ad:
26:5a:5b:c6:49:94:6f:e4:a5:cb:f3:9b:73:20:8d:
3a:d3:1b:00:3c:53:98:66:a1:0d:2b:06:b0:74:03:
4f:f1:ff:7c:9f:94:03:9e:d6:63:91:3e:d4:03:44:
32:53:2c:ba:07:ea:45:3e:37:2c:2b:d7:cb:81:2d:
0b:c7:98:51:90:4b:69:11:7d:9a:8d:03:f2:32:7f:
5d:9a:f7:bd:66:6e:76:0f:d2:20:fd:f6:c6:9a:a5:
3e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E9:C0:E1:AA:74:D9:0C:0D:90:68:6E:B8:38:F9:C1:6C:6D:3B:5C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0OnA4ap02QwNkGhuuDj5wWxtO1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:d4:a3:d9:2a:b0:c6:2f:a8:fc:7c:98:2c:bc:7b:c1:bb:23:
b6:00:68:5e:fd:8b:cc:e5:c7:4c:e4:8c:f8:de:79:ce:bc:cc:
30:59:c2:cf:93:8d:34:89:f7:c4:17:c8:a7:a9:bb:0f:6a:03:
7c:ac:e9:7a:76:94:ee:5f:67:0b:7e:28:d0:6e:a4:97:9b:20:
cc:3e:e0:76:b2:1f:fe:73:2d:87:a8:7a:d1:eb:52:01:e4:9f:
52:e7:e9:de:19:03:dc:a8:46:55:aa:31:70:14:ff:4e:51:ee:
e4:f0:d1:09:e9:42:18:0e:6d:58:8b:29:0b:78:77:c8:1f:38:
a3:82:3e:93:f9:7e:2d:4e:23:bc:62:0f:99:dd:97:7b:3d:8c:
41:ed:1d:0e:16:f1:5c:5a:c8:4d:98:e5:56:bf:2a:8d:8c:ba:
9d:ef:54:aa:6c:53:45:e7:0d:bd:bd:59:9c:eb:c7:3c:13:85:
bb:2c:e9:f6:d8:ae:54:a1:96:23:99:76:e3:7a:1e:98:cc:81:
71:29:f5:43:b3:6c:25:11:65:45:03:25:a1:f1:c2:06:ec:14:
54:fd:56:1d:f4:5a:42:2f:b9:5a:fd:ea:0a:d2:05:9d:7e:4c:
73:cb:31:b6:41:99:ab:f9:d7:0f:f7:2b:7c:0b:43:bf:b1:32:
a7:7d:de:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1YW62NVrY8/1bNGUrWug+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTMwMDMxMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGU5YzBlMWFhNzRkOTBjMGQ5MDY4NmViODM4ZjljMTZjNmQzYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZyOAlrUsFNsMJp/uR+2mSF5FdeJ
uDBTSlFXQXS6JPz85+d0mTJnOjDcSK6wiZ+EVyue7+4lkD7mjyepNbvajuxHuAIL
koL1sIVJU84gVmxdhVk8wsZ2lh1/O5u/fLtauuiCdXceNzB16Jn+zOJPRyzzTPXm
Ui2Ko/cC9V01BIaf2AgAUcevDqT0X8bPxVU6VURj0bGRFNZnehfS1JL7SI+bwa0m
WlvGSZRv5KXL85tzII060xsAPFOYZqENKwawdANP8f98n5QDntZjkT7UA0QyUyy6
B+pFPjcsK9fLgS0Lx5hRkEtpEX2ajQPyMn9dmve9Zm52D9Ig/fbGmqU+MQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNDpwOGqdNkMDZBobrg4+cFsbTtcMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvME9uQTRhcDAyUXdOa0dodXVEajV3V3h0TzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABjUo9kqsMYvqPx8mCy8
e8G7I7YAaF79i8zlx0zkjPjeec68zDBZws+TjTSJ98QXyKepuw9qA3ys6Xp2lO5f
Zwt+KNBupJebIMw+4HayH/5zLYeoetHrUgHkn1Ln6d4ZA9yoRlWqMXAU/05R7uTw
0QnpQhgObViLKQt4d8gfOKOCPpP5fi1OI7xiD5ndl3s9jEHtHQ4W8VxayE2Y5Va/
Ko2Mup3vVKpsU0XnDb29WZzrxzwThbss6fbYrlShliOZduN6HpjMgXEp9UOzbCUR
ZUUDJaHxwgbsFFT9Vh30WkIvuVr96grSBZ1+THPLMbZBmav51w/3K3wLQ7+xMqd9
3qo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:49 2024 by rpki-client on console-ams.rpki-client.org