Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1CXm1j-5Nprfs4EXZMSjDvikwvs.roa
File: 1CXm1j-5Nprfs4EXZMSjDvikwvs.roa (raw, json)
Hash identifier: lFacZFi9UEy+05EWLdLAPdAkxTXwlodpE6cURkYpmUc=
Subject key identifier: D4:25:E6:D6:3F:B9:36:9A:DF:B3:81:17:64:C4:A3:0E:F8:A4:C2:FB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DFF44637C8BF06617A56AE8D538FCCB68
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1CXm1j-5Nprfs4EXZMSjDvikwvs.roa
Signing time: Sat 02 Mar 2024 13:04:48 +0000
ROA not before: Sat 02 Mar 2024 13:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18d:ff43:f0f3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ff:44:63:7c:8b:f0:66:17:a5:6a:e8:d5:38:fc:cb:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 2 13:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d425e6d63fb9369adfb3811764c4a30ef8a4c2fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e4:08:b6:4a:7e:d0:17:14:48:47:c1:27:4c:
f1:39:b0:de:7b:d9:3d:e0:26:69:dc:62:b5:0c:e7:
46:6b:a9:45:03:0b:89:00:a4:03:c9:24:a8:cf:71:
1a:20:dc:f4:0c:6b:e2:c9:f7:91:ca:47:0e:f8:b4:
df:53:da:99:bf:64:d5:dd:e1:b3:1f:32:3d:b3:b3:
9c:67:16:4e:b7:20:cf:da:08:cb:09:a2:9d:11:78:
ef:29:82:1a:8b:cc:ea:20:3c:03:4d:24:14:c3:b3:
fb:da:8a:c3:4f:33:79:50:31:1f:2e:5d:00:6a:50:
2f:22:7c:fc:ec:68:d1:ba:c3:7f:91:26:b1:a2:09:
8d:43:de:ad:d8:32:35:50:8a:35:f7:7e:16:04:87:
de:97:5b:d6:c8:74:21:22:5a:78:0f:db:97:c3:2d:
8d:a1:e4:a9:75:df:45:b4:86:7a:f4:b6:33:ae:57:
bc:fa:fe:40:5d:af:ab:76:99:a9:b8:2e:88:08:27:
0e:63:29:49:89:9f:e8:d7:a1:71:0b:3c:b2:bc:94:
be:3d:f1:d4:27:8c:f9:2f:e6:7b:c9:52:c0:e4:6a:
b6:47:c2:cd:65:0f:8c:31:0c:b3:03:84:ba:d0:c4:
da:de:a7:13:ce:e1:71:f8:c4:05:9b:d4:3c:e2:66:
52:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:25:E6:D6:3F:B9:36:9A:DF:B3:81:17:64:C4:A3:0E:F8:A4:C2:FB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1CXm1j-5Nprfs4EXZMSjDvikwvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:ce:9c:02:d1:76:1c:78:ac:2b:7f:fc:41:c5:ab:cb:df:70:
73:dc:a0:5b:3e:ba:73:9e:8c:fb:9c:cd:98:d6:c6:38:19:85:
64:af:27:49:18:70:76:d7:a3:e3:e8:17:4c:c8:69:7a:7f:09:
34:27:18:52:85:55:79:4c:44:76:9b:1e:95:51:d4:84:c3:6a:
dc:07:28:a7:73:fa:96:89:b3:e0:6f:64:41:de:13:03:eb:b9:
0d:e3:b4:41:97:f3:dd:a0:45:b9:03:72:cd:9b:aa:77:3f:e4:
56:c9:07:7f:88:28:1d:ae:2b:dc:f3:3f:5d:68:88:21:c1:f2:
c2:b2:af:1b:4f:e8:e3:6d:a1:09:1e:f9:ee:db:ec:fa:73:00:
d6:54:c0:6c:d8:9c:0f:92:c3:b5:15:c4:27:fb:6e:bb:ab:78:
da:4d:5c:ce:ec:cf:92:e1:59:5d:c1:91:87:0e:a1:5b:f3:33:
26:46:d6:39:08:98:4b:98:2c:29:d7:2b:a3:a9:6c:0e:71:68:
3e:37:86:2f:f8:31:c9:2c:90:1d:9c:3b:21:fd:ef:62:02:5a:
7d:40:ca:e9:a2:c6:cc:fd:cc:dc:bd:f1:6b:03:19:b5:53:26:
95:91:0f:8e:dd:be:83:46:18:b2:eb:85:d5:c0:ea:e0:50:f0:
ea:ab:2b:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3/RGN8i/BmF6Vq6NU4/MtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAyMTMwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDI1ZTZkNjNmYjkzNjlhZGZiMzgxMTc2NGM0YTMwZWY4YTRjMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuQItkp+0BcUSEfBJ0zxObDee9k9
4CZp3GK1DOdGa6lFAwuJAKQDySSoz3EaINz0DGviyfeRykcO+LTfU9qZv2TV3eGz
HzI9s7OcZxZOtyDP2gjLCaKdEXjvKYIai8zqIDwDTSQUw7P72orDTzN5UDEfLl0A
alAvInz87GjRusN/kSaxogmNQ96t2DI1UIo1934WBIfel1vWyHQhIlp4D9uXwy2N
oeSpdd9FtIZ69LYzrle8+v5AXa+rdpmpuC6ICCcOYylJiZ/o16FxCzyyvJS+PfHU
J4z5L+Z7yVLA5Gq2R8LNZQ+MMQyzA4S60MTa3qcTzuFx+MQFm9Q84mZSOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNQl5tY/uTaa37OBF2TEow74pML7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMUNYbTFqLTVOcHJmczRFWFpNU2pEdmlrd3ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKDOnALRdhx4rCt//EHF
q8vfcHPcoFs+unOejPuczZjWxjgZhWSvJ0kYcHbXo+PoF0zIaXp/CTQnGFKFVXlM
RHabHpVR1ITDatwHKKdz+paJs+BvZEHeEwPruQ3jtEGX892gRbkDcs2bqnc/5FbJ
B3+IKB2uK9zzP11oiCHB8sKyrxtP6ONtoQke+e7b7PpzANZUwGzYnA+Sw7UVxCf7
brureNpNXM7sz5LhWV3BkYcOoVvzMyZG1jkImEuYLCnXK6OpbA5xaD43hi/4Mcks
kB2cOyH972ICWn1Ayumixsz9zNy98WsDGbVTJpWRD47dvoNGGLLrhdXA6uBQ8Oqr
K2s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:49 2024 by rpki-client on console-ams.rpki-client.org