Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-wU5qn0_iElHT0i3t9gbt0NZ7x8.roa
File: 1-wU5qn0_iElHT0i3t9gbt0NZ7x8.roa (raw, json)
Hash identifier: KaSmI/ju4dbHng8nXW99nFT5tfG0X3g+IsSdO+25slk=
Subject key identifier: FB:05:39:AA:7D:3F:88:49:47:4F:48:B7:B7:D8:1B:B7:43:59:EF:1F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E72172C68460A0F1598E32F250BA66077
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-wU5qn0_iElHT0i3t9gbt0NZ7x8.roa
Signing time: Sun 24 Mar 2024 20:11:45 +0000
ROA not before: Sun 24 Mar 2024 20:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:72:17:2c:68:46:0a:0f:15:98:e3:2f:25:0b:a6:60:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 24 20:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb0539aa7d3f8849474f48b7b7d81bb74359ef1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c6:eb:5c:64:b3:23:f9:d0:9e:bb:c3:a1:79:
91:fc:95:10:7e:b8:c5:63:d7:96:3d:96:f2:84:12:
39:ec:14:04:15:04:99:4a:3c:39:83:59:c0:9e:64:
c9:eb:fa:58:a4:64:f2:3e:dc:24:77:6a:82:06:07:
23:47:92:19:b4:1c:bf:77:65:8a:90:56:59:af:11:
8a:98:46:3a:8b:2e:c8:6b:e7:d0:7b:95:74:ce:26:
91:ac:c1:9b:07:07:8f:e0:8d:0c:79:a2:39:05:83:
1d:c8:da:66:cd:e1:54:17:41:10:8c:46:1d:74:bf:
92:5d:a9:a0:89:65:5e:03:40:cc:f6:94:63:fb:ed:
e2:18:66:80:3b:c2:ac:0d:8a:a7:15:c4:59:f5:88:
d2:f1:8c:5f:95:30:24:f4:3f:8e:fe:58:67:94:2a:
c6:bc:14:07:3a:5e:d4:dc:36:0a:0f:4d:db:e2:ce:
26:34:9e:60:59:78:bd:1e:df:74:ee:8c:be:45:dc:
c1:c8:61:69:08:6a:13:90:a7:e2:eb:c7:27:6f:27:
86:82:0a:97:28:48:65:89:47:60:91:a6:be:07:1f:
5d:2f:d7:e6:27:98:87:d3:92:28:21:65:67:41:54:
45:30:12:65:23:5c:ac:e2:9b:1f:9a:0f:45:b0:b2:
df:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:05:39:AA:7D:3F:88:49:47:4F:48:B7:B7:D8:1B:B7:43:59:EF:1F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-wU5qn0_iElHT0i3t9gbt0NZ7x8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:97:4e:81:64:33:cf:49:75:af:3f:7b:cc:2d:cf:eb:73:84:
fa:49:6c:c2:e9:01:46:3a:4c:52:9b:b3:9b:df:be:f6:d4:ee:
bc:23:e7:d8:b4:b4:26:76:f6:63:0c:3f:a2:e6:96:79:08:12:
d3:80:eb:07:b3:46:61:48:5d:f0:94:dc:e8:b4:1e:6b:ff:8d:
b4:05:5a:f6:6d:aa:07:7b:eb:4c:54:10:b2:27:df:8c:25:33:
f5:bc:c7:a2:29:21:b8:c2:82:6d:f0:eb:83:e1:b3:42:68:40:
86:44:79:36:b2:f4:56:36:fb:01:00:de:8b:91:91:9a:2f:92:
3b:88:6b:4c:00:b1:41:1b:5a:fc:5f:89:dd:22:89:56:f6:e0:
bd:e3:d1:79:aa:83:03:eb:d8:7a:2c:71:27:e0:6b:a7:36:76:
db:65:7b:7c:31:7e:3d:cd:39:a4:ea:a5:ba:7b:78:dc:e5:ff:
b2:b3:63:fd:e5:d3:da:89:2d:8a:b4:60:d0:b2:58:a3:86:a8:
4e:d7:18:5a:c8:f4:cb:37:39:58:3e:fc:84:f4:0c:44:21:7c:
a3:0b:72:1f:94:3f:af:2c:d3:3f:01:91:6e:55:56:09:33:27:
7e:64:d4:28:28:c1:ab:ee:79:48:8d:ec:8e:39:75:c2:13:6c:
5c:b0:f4:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5yFyxoRgoPFZjjLyULpmB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI0MjAxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjA1MzlhYTdkM2Y4ODQ5NDc0ZjQ4YjdiN2Q4MWJiNzQzNTllZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMbrXGSzI/nQnrvDoXmR/JUQfrjF
Y9eWPZbyhBI57BQEFQSZSjw5g1nAnmTJ6/pYpGTyPtwkd2qCBgcjR5IZtBy/d2WK
kFZZrxGKmEY6iy7Ia+fQe5V0ziaRrMGbBweP4I0MeaI5BYMdyNpmzeFUF0EQjEYd
dL+SXamgiWVeA0DM9pRj++3iGGaAO8KsDYqnFcRZ9YjS8YxflTAk9D+O/lhnlCrG
vBQHOl7U3DYKD03b4s4mNJ5gWXi9Ht907oy+RdzByGFpCGoTkKfi68cnbyeGggqX
KEhliUdgkaa+Bx9dL9fmJ5iH05IoIWVnQVRFMBJlI1ys4psfmg9FsLLfiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPsFOap9P4hJR09It7fYG7dDWe8fMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS13VTVxbjBfaUVsSFQwaTN0OWdidDBOWjd4OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQBSl06BZDPPSXWvP3vM
Lc/rc4T6SWzC6QFGOkxSm7Ob37721O68I+fYtLQmdvZjDD+i5pZ5CBLTgOsHs0Zh
SF3wlNzotB5r/420BVr2baoHe+tMVBCyJ9+MJTP1vMeiKSG4woJt8OuD4bNCaECG
RHk2svRWNvsBAN6LkZGaL5I7iGtMALFBG1r8X4ndIolW9uC949F5qoMD69h6LHEn
4GunNnbbZXt8MX49zTmk6qW6e3jc5f+ys2P95dPaiS2KtGDQslijhqhO1xhayPTL
NzlYPvyE9AxEIXyjC3IflD+vLNM/AZFuVVYJMyd+ZNQoKMGr7nlIjeyOOXXCE2xc
sPTz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:30 2024 by rpki-client on console-fra.rpki-client.org