Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2vmMR1G0HuTHCCwGaH5M4wluSMk.roa
File: 2vmMR1G0HuTHCCwGaH5M4wluSMk.roa (raw, json)
Hash identifier: KdBH9zAdxGRVb0DthhkGZDtmD0eAFCx3L48LJNhZmJ8=
Subject key identifier: DA:F9:8C:47:51:B4:1E:E4:C7:08:2C:06:68:7E:4C:E3:09:6E:48:C9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA1BF4D820002C368B0462C5E9A74DD69
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2vmMR1G0HuTHCCwGaH5M4wluSMk.roa
Signing time: Mon 25 Dec 2023 16:11:58 +0000
ROA not before: Mon 25 Dec 2023 16:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a1:bf:4d:82:00:02:c3:68:b0:46:2c:5e:9a:74:dd:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 16:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daf98c4751b41ee4c7082c06687e4ce3096e48c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e7:5b:fe:ea:66:39:a4:07:09:69:5b:bc:58:
cf:d2:e7:9d:f3:65:ef:63:3c:8f:d2:62:c2:d1:98:
3a:18:bc:84:61:90:c0:56:09:6e:71:7a:a9:a0:93:
95:fb:7c:86:92:27:10:ea:8a:91:ff:ec:79:9a:19:
e9:60:81:d3:e6:a1:41:5b:c3:87:0c:8b:bb:3d:af:
c0:f9:ab:5f:08:dc:76:b3:91:1e:3b:da:a7:df:56:
07:4b:28:66:b7:98:53:7e:42:43:4b:19:f7:64:5a:
4b:eb:94:ca:92:05:c5:df:cd:aa:74:63:cf:6b:b7:
39:09:b1:5a:5b:e8:bc:9d:70:b2:ab:72:1e:a7:7e:
86:e4:a9:83:90:1d:c3:ff:d2:55:63:11:e6:07:6e:
7c:6e:f4:1a:6a:b1:14:0b:39:7c:f5:5c:ae:05:b4:
d6:67:20:7a:ac:79:8c:df:1f:9c:de:6f:8e:eb:d5:
34:79:7c:ea:ec:e5:bf:50:bd:27:5b:e9:cb:73:fc:
ec:0d:9a:8c:fa:a3:45:0c:80:a1:bd:05:a3:8f:42:
37:b8:fd:f2:ff:f2:97:21:ba:f2:b2:6c:86:1f:09:
6a:7b:a2:2b:81:cd:c0:77:f4:87:63:0d:0d:f3:84:
da:f5:ae:d1:dc:8b:b5:7d:34:b2:be:23:8a:89:a1:
1c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F9:8C:47:51:B4:1E:E4:C7:08:2C:06:68:7E:4C:E3:09:6E:48:C9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2vmMR1G0HuTHCCwGaH5M4wluSMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:16:43:d9:4d:2b:92:05:99:00:20:1a:c0:7a:42:66:a7:48:
a0:7e:46:4f:76:33:24:ac:46:80:4e:f8:38:23:ca:03:06:3c:
79:51:fa:a5:30:e3:48:a8:d7:fd:61:66:5b:96:a0:f7:eb:e7:
62:73:25:ea:5f:e7:e3:42:18:7d:a0:0f:80:99:82:c1:e1:6d:
ce:85:c7:d9:df:12:b6:c6:f0:96:a1:3e:b6:19:f6:a5:55:73:
97:58:97:4d:87:1d:fc:ff:5e:9e:7a:c4:5e:df:09:3e:d7:0f:
6f:33:dc:72:5d:9a:f6:24:0b:82:5a:a2:3a:55:35:1a:dc:82:
9a:3d:89:2d:a6:f3:64:52:f1:09:f8:8e:e7:e9:82:12:1c:c9:
74:b3:ec:93:c9:8d:48:5b:ef:70:f3:30:fc:05:56:c2:ac:04:
dc:7a:91:a2:c3:60:25:8b:7c:8c:db:02:3d:5b:b0:ea:34:50:
b4:ba:45:da:70:46:2b:aa:9b:bf:d5:ef:0d:d0:cb:63:4c:91:
e2:1a:e7:a4:bc:d5:35:fa:f8:61:18:0f:3b:ac:a3:81:13:9f:
2f:4c:8e:6c:05:07:8c:dc:20:14:86:64:c3:3f:49:2a:75:d2:
ab:8f:59:d9:4b:e3:7a:f7:a9:b0:b1:3e:de:70:95:bb:60:75:
41:5f:16:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyhv02CAALDaLBGLF6adN1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MTYxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWY5OGM0NzUxYjQxZWU0YzcwODJjMDY2ODdlNGNlMzA5NmU0OGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOdb/upmOaQHCWlbvFjP0ued82Xv
YzyP0mLC0Zg6GLyEYZDAVglucXqpoJOV+3yGkicQ6oqR/+x5mhnpYIHT5qFBW8OH
DIu7Pa/A+atfCNx2s5EeO9qn31YHSyhmt5hTfkJDSxn3ZFpL65TKkgXF382qdGPP
a7c5CbFaW+i8nXCyq3Iep36G5KmDkB3D/9JVYxHmB258bvQaarEUCzl89VyuBbTW
ZyB6rHmM3x+c3m+O69U0eXzq7OW/UL0nW+nLc/zsDZqM+qNFDIChvQWjj0I3uP3y
//KXIbrysmyGHwlqe6Irgc3Ad/SHYw0N84Ta9a7R3Iu1fTSyviOKiaEc/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNr5jEdRtB7kxwgsBmh+TOMJbkjJMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMnZtTVIxRzBIdVRIQ0N3R2FINU00d2x1U01rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE8WQ9lNK5IFmQAgGsB6
QmanSKB+Rk92MySsRoBO+DgjygMGPHlR+qUw40io1/1hZluWoPfr52JzJepf5+NC
GH2gD4CZgsHhbc6Fx9nfErbG8JahPrYZ9qVVc5dYl02HHfz/Xp56xF7fCT7XD28z
3HJdmvYkC4JaojpVNRrcgpo9iS2m82RS8Qn4jufpghIcyXSz7JPJjUhb73DzMPwF
VsKsBNx6kaLDYCWLfIzbAj1bsOo0ULS6RdpwRiuqm7/V7w3Qy2NMkeIa56S81TX6
+GEYDzuso4ETny9MjmwFB4zcIBSGZMM/SSp10quPWdlL43r3qbCxPt5wlbtgdUFf
Fh8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:30 2024 by rpki-client on console-fra.rpki-client.org