Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/617o2tQcvg3ST1HXoQhgcDSFNF4.roa
File: 617o2tQcvg3ST1HXoQhgcDSFNF4.roa (raw, json)
Hash identifier: NUYB+zDlDYtiwtB7xXoSCNXIyUty5XgXkvI8SMGvmes=
Subject key identifier: EB:5E:E8:DA:D4:1C:BE:0D:D2:4F:51:D7:A1:08:60:70:34:85:34:5E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E66EDD022423C8069ABEDE3BA2942FAA5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/617o2tQcvg3ST1HXoQhgcDSFNF4.roa
Signing time: Fri 22 Mar 2024 16:10:45 +0000
ROA not before: Fri 22 Mar 2024 16:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:ed:d0:22:42:3c:80:69:ab:ed:e3:ba:29:42:fa:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 22 16:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb5ee8dad41cbe0dd24f51d7a10860703485345e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7d:6f:57:8e:ba:67:46:1f:de:ea:3c:36:6c:
31:08:33:5c:cd:51:bf:99:3a:c0:db:a2:52:33:36:
7f:dd:58:9f:b6:b6:be:0b:57:a1:e6:07:bc:db:1f:
16:82:61:8c:e6:c9:bd:8f:8d:1b:45:79:cb:ea:c8:
a2:6e:3c:59:af:46:81:c1:69:a4:97:72:88:f2:fc:
f6:33:26:2c:c2:63:dc:41:b6:fa:2f:2c:4d:7b:67:
b9:10:fa:60:fe:b8:0f:f1:8f:97:59:64:2d:9f:90:
3a:c7:3c:9f:af:8a:fe:1c:02:b9:89:9e:0b:66:b2:
a7:b8:4a:18:bb:bd:39:3f:33:6f:87:fd:a4:b6:64:
eb:04:63:a7:ab:5d:79:33:40:c6:37:c4:89:b8:fb:
7d:f4:d9:dd:c1:3d:b9:d4:63:e2:54:42:7d:b5:fd:
66:42:8b:f3:48:4a:22:a1:32:76:42:de:34:56:d0:
fb:41:24:1a:e8:6d:ab:52:78:ed:38:40:73:bc:64:
52:e9:28:36:23:c0:d5:ec:74:67:55:ea:de:07:56:
ff:a9:5b:81:79:aa:a8:1f:e5:36:36:83:66:c0:af:
2b:73:d8:6e:7c:d2:96:a5:5a:4d:11:81:41:97:65:
20:0c:9a:8a:2d:30:bd:df:ef:54:36:5c:c7:02:8a:
a4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:5E:E8:DA:D4:1C:BE:0D:D2:4F:51:D7:A1:08:60:70:34:85:34:5E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/617o2tQcvg3ST1HXoQhgcDSFNF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:48:00:13:ba:26:a8:f9:e7:92:71:0f:92:aa:36:d8:16:1e:
0d:72:4a:36:20:bf:ea:4a:f4:b9:c2:e3:91:b3:b6:41:73:88:
41:d8:df:06:1a:3e:4e:ce:5d:44:e0:48:12:db:8d:3b:6d:7a:
25:67:85:f9:a6:ab:6e:64:e1:01:a9:cc:2b:72:e3:f0:0e:e8:
3b:7c:4f:bf:de:00:ed:99:4d:d9:ce:b2:4a:6c:55:1e:0c:d3:
06:c7:4d:64:58:37:4c:00:22:39:e1:e1:c7:ef:07:c5:a2:03:
37:02:fe:5c:84:85:4d:e9:32:c6:d9:77:27:f1:13:53:8e:83:
38:f1:54:cf:6c:7b:a3:4e:7a:a0:ca:80:f6:a3:7b:57:a7:d2:
88:dc:4f:c9:e9:a1:76:ee:e1:55:b7:6a:97:7c:70:c9:7b:82:
6e:e7:d6:02:bb:b7:b6:48:75:18:25:28:42:e8:8e:d1:3e:32:
d3:19:18:08:11:e8:88:8f:d8:99:57:9e:3f:ae:1f:5e:2a:77:
7c:01:71:37:99:6a:37:ae:27:92:d6:26:a2:d1:b4:58:a2:c4:
d8:a1:7c:a6:46:3e:1d:5b:74:e3:eb:93:ae:3f:9e:1b:b5:6b:
fb:d4:20:1d:52:f4:fd:76:8e:3e:84:92:2f:d7:87:32:03:0c:
b5:1a:9f:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5m7dAiQjyAaavt47opQvqlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIyMTYxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjVlZThkYWQ0MWNiZTBkZDI0ZjUxZDdhMTA4NjA3MDM0ODUzNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1n1vV466Z0Yf3uo8NmwxCDNczVG/
mTrA26JSMzZ/3Viftra+C1eh5ge82x8WgmGM5sm9j40bRXnL6siibjxZr0aBwWmk
l3KI8vz2MyYswmPcQbb6LyxNe2e5EPpg/rgP8Y+XWWQtn5A6xzyfr4r+HAK5iZ4L
ZrKnuEoYu705PzNvh/2ktmTrBGOnq115M0DGN8SJuPt99NndwT251GPiVEJ9tf1m
QovzSEoioTJ2Qt40VtD7QSQa6G2rUnjtOEBzvGRS6Sg2I8DV7HRnVereB1b/qVuB
eaqoH+U2NoNmwK8rc9hufNKWpVpNEYFBl2UgDJqKLTC93+9UNlzHAoqkFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOte6NrUHL4N0k9R16EIYHA0hTReMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNjE3bzJ0UWN2ZzNTVDFIWG9RaGdjRFNGTkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABFIABO6Jqj555JxD5Kq
NtgWHg1ySjYgv+pK9LnC45GztkFziEHY3wYaPk7OXUTgSBLbjTtteiVnhfmmq25k
4QGpzCty4/AO6Dt8T7/eAO2ZTdnOskpsVR4M0wbHTWRYN0wAIjnh4cfvB8WiAzcC
/lyEhU3pMsbZdyfxE1OOgzjxVM9se6NOeqDKgPaje1en0ojcT8npoXbu4VW3apd8
cMl7gm7n1gK7t7ZIdRglKELojtE+MtMZGAgR6IiP2JlXnj+uH14qd3wBcTeZajeu
J5LWJqLRtFiixNihfKZGPh1bdOPrk64/nhu1a/vUIB1S9P12jj6Eki/XhzIDDLUa
n/Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:49 2024 by rpki-client on console-ams.rpki-client.org