Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2EcdztDZ-Qb1DfjACKdH4B7vtcY.roa
File: 2EcdztDZ-Qb1DfjACKdH4B7vtcY.roa (raw, json)
Hash identifier: 678+6vb7YsCB2JL9NKbYzUgs9IRY3T9rhNJlzGf88nI=
Subject key identifier: D8:47:1D:CE:D0:D9:F9:06:F5:0D:F8:C0:08:A7:47:E0:1E:EF:B5:C6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9284127C690BEFC9D72C574BA68C91A7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2EcdztDZ-Qb1DfjACKdH4B7vtcY.roa
Signing time: Fri 22 Dec 2023 17:12:58 +0000
ROA not before: Fri 22 Dec 2023 17:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:92:84:12:7c:69:0b:ef:c9:d7:2c:57:4b:a6:8c:91:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 17:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8471dced0d9f906f50df8c008a747e01eefb5c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ba:c1:51:b8:c6:00:c3:d1:91:8b:7d:c2:59:
e2:1d:53:2c:8b:6e:6d:17:07:61:a5:5f:39:c3:14:
4c:04:7a:7e:f9:cb:64:3d:2c:58:4f:16:b8:c9:59:
71:c3:c3:ba:94:ab:82:bd:12:ea:bf:a6:33:df:2c:
ce:ee:ed:fd:72:d2:8a:a7:c0:c5:57:a0:56:35:c9:
e9:f5:c6:f4:65:76:07:e5:5c:82:da:9f:d2:18:c5:
22:da:3d:6b:33:fd:af:5f:b3:71:f6:86:af:89:e9:
c4:50:32:51:41:23:eb:3f:e5:ae:9a:cf:fb:f1:f9:
e1:36:77:c6:88:b7:1b:59:86:79:b8:79:40:4b:02:
9f:be:8b:72:89:9d:b8:35:6a:39:3e:cf:15:d6:27:
5c:f4:b0:c9:1e:49:7b:7f:76:7c:08:bc:2c:ef:f4:
7a:e4:96:5a:dd:17:c4:9c:b4:65:f3:f9:29:6d:15:
cb:1d:4f:af:82:5f:dc:ef:22:8a:fe:9d:1d:96:bc:
58:6e:32:10:09:6f:02:e8:6c:84:bb:c6:c7:1c:93:
5b:be:6b:2d:65:73:9c:4d:b8:47:91:70:38:b8:cf:
bd:97:85:07:7c:41:9c:f6:41:88:c7:a7:14:ce:40:
f8:c1:cb:5f:7b:78:d4:41:24:35:70:45:74:94:5f:
f3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:47:1D:CE:D0:D9:F9:06:F5:0D:F8:C0:08:A7:47:E0:1E:EF:B5:C6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2EcdztDZ-Qb1DfjACKdH4B7vtcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
30:75:bd:53:de:bf:db:42:5f:81:69:30:d7:89:85:00:e7:b9:
0a:f9:df:a9:2a:39:69:fb:15:5b:56:d6:76:0d:31:81:9e:86:
9d:b7:70:e8:28:77:f6:f7:46:6a:94:ac:ae:54:33:96:7a:bc:
7e:c5:d9:52:ea:65:f8:96:2b:dc:bc:7d:1f:5d:cf:22:76:7d:
2d:c5:52:64:88:08:39:3e:0e:d0:8d:93:54:0a:70:d6:77:77:
14:c2:9c:1b:be:b4:ca:78:fc:c8:ae:fb:00:aa:a7:61:5a:bc:
f1:62:9d:41:ed:76:ed:cc:3b:94:9d:63:8c:3b:2f:da:62:c3:
1a:53:6d:dd:90:b6:e7:7e:a9:d1:d1:cd:f3:93:d3:e5:ef:2f:
db:53:04:81:17:33:45:6d:5d:be:bb:68:f7:02:3f:64:db:79:
cd:eb:b3:a4:e8:5b:2d:4d:24:48:f0:8c:02:99:c5:b8:a2:4d:
db:77:9e:97:a7:d4:cc:81:13:2c:25:9d:09:93:e4:60:ac:03:
a5:bd:bd:58:d4:3d:44:ea:d8:be:a2:c4:ce:b7:2d:0e:8c:5a:
44:9a:75:e0:b5:12:e0:dd:c4:fe:c8:5f:c5:96:e9:ec:f8:da:
fa:f3:d9:fd:fa:7d:52:45:d9:91:25:23:ea:ce:4f:03:0c:0f:
2a:b0:34:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyShBJ8aQvvydcsV0umjJGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMTcxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODQ3MWRjZWQwZDlmOTA2ZjUwZGY4YzAwOGE3NDdlMDFlZWZiNWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrrBUbjGAMPRkYt9wlniHVMsi25t
FwdhpV85wxRMBHp++ctkPSxYTxa4yVlxw8O6lKuCvRLqv6Yz3yzO7u39ctKKp8DF
V6BWNcnp9cb0ZXYH5VyC2p/SGMUi2j1rM/2vX7Nx9oavienEUDJRQSPrP+Wums/7
8fnhNnfGiLcbWYZ5uHlASwKfvotyiZ24NWo5Ps8V1idc9LDJHkl7f3Z8CLws7/R6
5JZa3RfEnLRl8/kpbRXLHU+vgl/c7yKK/p0dlrxYbjIQCW8C6GyEu8bHHJNbvmst
ZXOcTbhHkXA4uM+9l4UHfEGc9kGIx6cUzkD4wctfe3jUQSQ1cEV0lF/zlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNhHHc7Q2fkG9Q34wAinR+Ae77XGMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMkVjZHp0RFotUWIxRGZqQUNLZEg0Qjd2dGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADB1vVPev9tCX4FpMNeJ
hQDnuQr536kqOWn7FVtW1nYNMYGehp23cOgod/b3RmqUrK5UM5Z6vH7F2VLqZfiW
K9y8fR9dzyJ2fS3FUmSICDk+DtCNk1QKcNZ3dxTCnBu+tMp4/Miu+wCqp2FavPFi
nUHtdu3MO5SdY4w7L9piwxpTbd2Qtud+qdHRzfOT0+XvL9tTBIEXM0VtXb67aPcC
P2Tbec3rs6ToWy1NJEjwjAKZxbiiTdt3npen1MyBEywlnQmT5GCsA6W9vVjUPUTq
2L6ixM63LQ6MWkSadeC1EuDdxP7IX8WW6ez42vrz2f36fVJF2ZElI+rOTwMMDyqw
NCY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:30 2024 by rpki-client on console-fra.rpki-client.org