Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4XThY5ANJLikXk4bl9SzeY7OJIU.roa
File: 4XThY5ANJLikXk4bl9SzeY7OJIU.roa (raw, json)
Hash identifier: hzWzYeyHtzRW8YfmW99kmFvXegbYgUUjWo/x5CnNAsQ=
Subject key identifier: E1:74:E1:63:90:0D:24:B8:A4:5E:4E:1B:97:D4:B3:79:8E:CE:24:85
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E22B598497573CB5E97E2EA02BCD3D176
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4XThY5ANJLikXk4bl9SzeY7OJIU.roa
Signing time: Sat 09 Mar 2024 10:15:10 +0000
ROA not before: Sat 09 Mar 2024 10:15:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:22:b5:98:49:75:73:cb:5e:97:e2:ea:02:bc:d3:d1:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 9 10:15:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e174e163900d24b8a45e4e1b97d4b3798ece2485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a6:a3:d9:13:b6:c4:93:4a:c2:9f:20:17:ea:
42:fb:6a:1d:3f:26:60:37:c1:ea:be:f2:4b:49:f3:
b0:bf:b3:10:4e:14:18:0a:f6:c4:51:ac:fc:23:0a:
4f:d0:ca:38:fd:57:48:39:5d:6e:72:b8:49:d6:d2:
ff:88:ad:10:5d:cb:1f:f8:c2:cf:8b:dd:f6:c8:d7:
dd:bc:0d:43:c3:61:6a:91:94:98:09:21:99:18:3c:
40:a8:ad:78:db:c3:d7:3c:64:62:b4:8e:ce:09:32:
86:24:06:41:01:0d:b0:6d:99:7f:77:21:56:52:76:
7b:e7:cc:39:84:97:aa:8f:ae:88:6c:20:6f:c8:aa:
7e:63:dc:55:8b:fb:84:3e:bd:fe:da:70:ba:e7:ef:
23:90:b6:12:be:a2:c2:fb:d7:54:4d:1d:f5:d4:51:
de:25:74:52:dc:a8:37:44:6b:f9:74:b0:24:3b:f2:
64:3e:68:ed:df:78:0c:a7:93:fb:b2:b8:a6:45:7c:
d8:61:2f:95:80:fa:7d:68:25:d1:94:73:cb:83:cd:
9f:20:0e:63:f4:a2:4a:5e:88:8f:ed:98:54:fc:bf:
4f:35:9d:ab:f6:59:2a:0a:af:f8:51:7d:8c:39:00:
12:09:a7:c5:21:23:54:b6:cf:6d:d3:2a:3f:b1:0c:
24:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:74:E1:63:90:0D:24:B8:A4:5E:4E:1B:97:D4:B3:79:8E:CE:24:85
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4XThY5ANJLikXk4bl9SzeY7OJIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:f2:55:1b:83:6f:5e:3e:87:58:39:ce:f9:70:a7:2e:3c:81:
3a:ae:7e:da:83:ea:bf:87:e7:ed:95:1a:60:59:b4:85:c7:39:
65:da:4f:6d:ca:20:50:ba:4c:61:1e:5d:de:e9:e1:cc:d8:eb:
41:c0:58:e3:bd:10:10:a3:77:55:55:cb:0d:f1:1b:43:96:04:
7c:af:e7:c2:ef:89:c1:6e:2f:41:67:63:53:70:a3:5b:5a:aa:
5f:1b:45:a2:1f:e4:29:60:78:21:82:09:6d:76:f3:b8:40:84:
f7:c7:d1:97:8c:b6:02:41:a1:66:d9:0c:d6:63:4f:3b:dc:c8:
18:23:9c:c3:68:43:95:16:ed:9a:61:0c:85:79:5e:f2:06:f6:
05:fc:01:c2:d2:f4:92:be:13:3f:a0:7e:d1:b5:c2:ec:11:ea:
ee:a9:e0:a6:36:f4:5f:2d:a6:fd:d8:c7:e8:9b:2b:75:ff:cc:
66:d0:45:ad:ba:f4:a8:9e:b9:de:81:c8:73:1b:c4:d2:bc:ac:
28:66:97:4a:c3:ce:8d:ce:75:ed:9d:36:d6:89:31:e5:a5:46:
97:26:be:1a:00:5b:36:b7:e0:68:6a:8d:c7:2b:ab:29:de:12:
6d:ca:2f:1d:dc:5a:96:53:b4:6c:df:64:f3:f9:78:75:22:09:
69:65:5e:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4itZhJdXPLXpfi6gK809F2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA5MTAxNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTc0ZTE2MzkwMGQyNGI4YTQ1ZTRlMWI5N2Q0YjM3OThlY2UyNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6aj2RO2xJNKwp8gF+pC+2odPyZg
N8HqvvJLSfOwv7MQThQYCvbEUaz8IwpP0Mo4/VdIOV1ucrhJ1tL/iK0QXcsf+MLP
i932yNfdvA1Dw2FqkZSYCSGZGDxAqK1428PXPGRitI7OCTKGJAZBAQ2wbZl/dyFW
UnZ758w5hJeqj66IbCBvyKp+Y9xVi/uEPr3+2nC65+8jkLYSvqLC+9dUTR311FHe
JXRS3Kg3RGv5dLAkO/JkPmjt33gMp5P7srimRXzYYS+VgPp9aCXRlHPLg82fIA5j
9KJKXoiP7ZhU/L9PNZ2r9lkqCq/4UX2MOQASCafFISNUts9t0yo/sQwk+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOF04WOQDSS4pF5OG5fUs3mOziSFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNFhUaFk1QU5KTGlrWGs0Ymw5U3plWTdPSklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEnyVRuDb14+h1g5zvlw
py48gTquftqD6r+H5+2VGmBZtIXHOWXaT23KIFC6TGEeXd7p4czY60HAWOO9EBCj
d1VVyw3xG0OWBHyv58LvicFuL0FnY1Nwo1taql8bRaIf5ClgeCGCCW1287hAhPfH
0ZeMtgJBoWbZDNZjTzvcyBgjnMNoQ5UW7ZphDIV5XvIG9gX8AcLS9JK+Ez+gftG1
wuwR6u6p4KY29F8tpv3Yx+ibK3X/zGbQRa269Kieud6ByHMbxNK8rChml0rDzo3O
de2dNtaJMeWlRpcmvhoAWza34GhqjccrqyneEm3KLx3cWpZTtGzfZPP5eHUiCWll
Xts=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:49 2024 by rpki-client on console-ams.rpki-client.org