Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3hhBu0keu0XfXimBcXnpsiNqSEc.roa
File: 3hhBu0keu0XfXimBcXnpsiNqSEc.roa (raw, json)
Hash identifier: raUB5mIJwBTTnx+UrZh3ilCWFptb7CiUi+DyCFo6AyY=
Subject key identifier: DE:18:41:BB:49:1E:BB:45:DF:5E:29:81:71:79:E9:B2:23:6A:48:47
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D111D79758510A274D5EED0C71F9560C0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3hhBu0keu0XfXimBcXnpsiNqSEc.roa
Signing time: Tue 16 Jan 2024 07:12:40 +0000
ROA not before: Tue 16 Jan 2024 07:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:1d:79:75:85:10:a2:74:d5:ee:d0:c7:1f:95:60:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 16 07:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de1841bb491ebb45df5e29817179e9b2236a4847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:15:66:c1:f1:a8:53:96:b1:18:d9:d3:c5:af:
35:de:cc:26:37:5f:44:f1:4d:8d:17:b1:99:1b:9a:
61:0b:ba:0b:8b:48:f4:6a:7e:79:74:e2:d5:76:7d:
c8:56:20:4a:f7:64:89:b5:f0:94:91:a8:97:6a:da:
19:52:ab:42:55:43:1a:54:9b:0c:51:bb:dc:89:77:
b9:64:f6:8b:d4:fb:82:63:88:ce:cd:c4:34:4d:c8:
42:25:7e:67:05:d6:a6:07:7f:7f:77:aa:b1:13:d0:
90:fa:fc:0f:0f:95:28:15:73:30:93:7a:21:1b:9a:
a3:da:d1:c7:b3:b8:48:f0:ec:a6:80:21:f7:2a:c9:
a3:71:bb:69:d5:41:ea:d6:2a:ea:5c:7b:d3:93:6f:
e0:70:10:a7:41:74:39:bb:f9:b2:67:ce:fc:05:7c:
e9:f3:de:fa:10:43:e3:4f:e5:89:02:9f:72:f6:48:
8d:4c:bc:d7:e9:34:a8:e3:dd:d9:a4:ed:8e:1f:38:
8e:78:17:e9:ff:80:a9:ed:11:bd:9b:77:62:b3:8b:
26:a1:1a:c0:ab:a9:6e:ff:a0:13:85:85:94:cb:c2:
8b:25:e9:ef:f2:aa:b7:be:91:0f:42:74:b2:a8:79:
5e:f1:bb:a2:05:cf:a0:2a:57:4a:0f:10:a1:27:dc:
3a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:18:41:BB:49:1E:BB:45:DF:5E:29:81:71:79:E9:B2:23:6A:48:47
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3hhBu0keu0XfXimBcXnpsiNqSEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
54:ef:1e:d3:c8:7a:28:33:c1:03:e2:88:6d:01:b3:b3:d8:6f:
ba:d0:4d:ca:7b:38:81:e7:3c:eb:4f:85:49:5c:75:ea:fa:87:
89:c0:ba:bd:22:dd:76:92:04:aa:95:2a:32:2a:fa:ca:96:b0:
32:49:c6:70:3d:d6:2e:38:2e:c7:95:bc:12:84:41:f3:34:ba:
63:e6:75:32:a4:bb:45:aa:7a:83:83:9a:79:39:6e:5a:6c:65:
9e:f9:db:65:d9:53:99:fc:d1:88:44:0d:94:b5:f9:3a:1f:23:
1f:6e:4f:11:d6:38:27:0a:8f:c6:5a:47:07:a7:8e:e4:fe:3e:
4f:bf:74:78:bb:68:01:7c:0b:44:c8:22:c7:bc:ac:2b:4f:de:
67:4a:4c:62:bf:37:03:42:26:55:b0:89:0b:ac:6c:25:d5:c3:
a2:71:d1:a4:ea:04:e4:1f:a9:a8:e6:84:56:e1:2d:70:a0:a8:
3b:d2:4d:2d:4b:46:12:ed:d6:e5:47:89:bf:d9:8d:36:b7:d1:
7f:56:ea:c8:f4:3c:7e:50:e0:4d:e4:5f:36:77:3a:e3:c7:16:
34:f9:77:22:89:a5:fe:47:98:1b:1d:7e:ec:47:b9:83:f4:25:
f5:2a:76:d4:ca:67:ba:ac:0b:93:c9:5a:ed:cf:f9:2a:63:fa:
21:2f:b1:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0RHXl1hRCidNXu0McflWDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE2MDcxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTE4NDFiYjQ5MWViYjQ1ZGY1ZTI5ODE3MTc5ZTliMjIzNmE0ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBVmwfGoU5axGNnTxa813swmN19E
8U2NF7GZG5phC7oLi0j0an55dOLVdn3IViBK92SJtfCUkaiXatoZUqtCVUMaVJsM
UbvciXe5ZPaL1PuCY4jOzcQ0TchCJX5nBdamB39/d6qxE9CQ+vwPD5UoFXMwk3oh
G5qj2tHHs7hI8OymgCH3Ksmjcbtp1UHq1irqXHvTk2/gcBCnQXQ5u/myZ878BXzp
8976EEPjT+WJAp9y9kiNTLzX6TSo493ZpO2OHziOeBfp/4Cp7RG9m3dis4smoRrA
q6lu/6AThYWUy8KLJenv8qq3vpEPQnSyqHle8buiBc+gKldKDxChJ9w6LQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN4YQbtJHrtF314pgXF56bIjakhHMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvM2hoQnUwa2V1MFhmWGltQmNYbnBzaU5xU0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFTvHtPIeigzwQPiiG0B
s7PYb7rQTcp7OIHnPOtPhUlcder6h4nAur0i3XaSBKqVKjIq+sqWsDJJxnA91i44
LseVvBKEQfM0umPmdTKku0WqeoODmnk5blpsZZ7522XZU5n80YhEDZS1+TofIx9u
TxHWOCcKj8ZaRwenjuT+Pk+/dHi7aAF8C0TIIse8rCtP3mdKTGK/NwNCJlWwiQus
bCXVw6Jx0aTqBOQfqajmhFbhLXCgqDvSTS1LRhLt1uVHib/ZjTa30X9W6sj0PH5Q
4E3kXzZ3OuPHFjT5dyKJpf5HmBsdfuxHuYP0JfUqdtTKZ7qsC5PJWu3P+Spj+iEv
saQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:49 2024 by rpki-client on console-ams.rpki-client.org