Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8SmhpvnNhKotfQn206Ian0m4Rz4.roa
File: 8SmhpvnNhKotfQn206Ian0m4Rz4.roa (raw, json)
Hash identifier: /jpLfp5/5fdgc/CfUjJoJyQ6qb0eR/aiLvcgg3Xatvo=
Subject key identifier: F1:29:A1:A6:F9:CD:84:AA:2D:7D:09:F6:D3:A2:1A:9F:49:B8:47:3E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D0888358BED0AC33FA2B934E924D7E04B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8SmhpvnNhKotfQn206Ian0m4Rz4.roa
Signing time: Sun 14 Jan 2024 15:12:40 +0000
ROA not before: Sun 14 Jan 2024 15:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:08:88:35:8b:ed:0a:c3:3f:a2:b9:34:e9:24:d7:e0:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 14 15:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f129a1a6f9cd84aa2d7d09f6d3a21a9f49b8473e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fc:c1:01:88:b2:e7:51:6b:9e:25:88:3c:c7:
1f:ea:ec:47:5f:fe:67:16:16:25:f3:c6:68:5e:94:
df:38:27:f1:39:1b:b3:f5:2f:6e:7e:fe:df:d8:da:
be:06:b3:56:44:e6:1a:a4:0c:01:50:45:65:fd:47:
e2:25:2a:fa:8f:00:62:b3:0b:05:bb:c1:b1:db:53:
be:65:9a:dc:de:e4:28:63:31:78:8c:1c:c9:d0:64:
9e:c5:a4:1c:e2:c2:70:32:10:92:85:24:f8:c1:42:
bc:48:9a:cc:df:d1:de:98:d1:2b:b1:4b:a3:31:36:
66:28:8e:95:07:94:47:8e:0b:1f:12:2a:51:2c:bd:
06:4a:7b:95:8b:43:62:57:96:49:93:22:6f:e5:b7:
fb:d6:8b:f4:08:2d:d5:a9:be:64:55:87:58:48:c1:
79:0c:73:20:10:25:b9:4d:c1:47:7b:86:be:66:71:
3f:2a:00:1c:12:64:db:72:ac:32:3d:e5:5e:f4:20:
b5:74:bf:7e:0e:db:f0:d5:74:77:aa:29:f3:a7:a3:
ac:fd:cd:70:83:a0:43:e8:11:34:a7:77:08:e1:91:
c7:55:24:96:ea:3a:7d:8e:f5:d9:85:f2:ee:14:53:
39:dd:c6:60:4f:6f:bc:b4:f3:55:14:e9:4e:f4:3e:
f9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:29:A1:A6:F9:CD:84:AA:2D:7D:09:F6:D3:A2:1A:9F:49:B8:47:3E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8SmhpvnNhKotfQn206Ian0m4Rz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:4a:28:bc:9e:6d:d7:7e:12:a2:8a:c7:68:90:76:89:69:70:
cc:fe:82:90:1f:80:26:88:a2:89:3b:a3:5c:31:41:56:cb:aa:
fc:6b:3f:95:d6:1b:0e:fb:39:12:ed:b1:e6:db:0c:bb:60:21:
23:57:af:da:67:d6:ec:e9:45:39:45:e2:c3:77:b5:a5:27:65:
2c:42:15:b3:e9:e8:ad:1e:bd:81:ee:41:e7:6c:2c:3b:08:42:
50:e6:69:4b:e0:52:ae:3e:40:ad:2f:7d:5a:3c:5f:53:e0:48:
ae:e2:91:f5:f7:18:67:5f:52:43:49:cb:5e:47:e9:3f:7b:3b:
57:2b:5d:80:54:53:be:5d:d5:b8:21:59:cf:80:ed:f4:1b:af:
41:d7:48:3a:0f:ef:f5:6d:1a:db:66:d6:7c:77:3e:f9:82:95:
29:bd:da:a9:51:41:62:c8:3f:08:e2:cb:8c:d7:e4:ba:c4:17:
09:95:94:0a:fe:fc:a4:07:fb:ec:84:bc:12:d8:58:c1:36:2c:
3f:a2:b4:99:dc:cd:b6:4b:48:89:72:06:7c:48:74:2a:ff:18:
ba:34:a7:3b:df:f0:71:21:f3:2d:b0:61:3d:a1:87:9a:a9:fc:
95:92:7e:b7:60:93:a7:0e:cf:69:5d:8d:06:75:98:ff:8a:c6:
6f:e3:0d:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0IiDWL7QrDP6K5NOkk1+BLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE0MTUxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTI5YTFhNmY5Y2Q4NGFhMmQ3ZDA5ZjZkM2EyMWE5ZjQ5Yjg0NzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfzBAYiy51FrniWIPMcf6uxHX/5n
FhYl88ZoXpTfOCfxORuz9S9ufv7f2Nq+BrNWROYapAwBUEVl/UfiJSr6jwBiswsF
u8Gx21O+ZZrc3uQoYzF4jBzJ0GSexaQc4sJwMhCShST4wUK8SJrM39HemNErsUuj
MTZmKI6VB5RHjgsfEipRLL0GSnuVi0NiV5ZJkyJv5bf71ov0CC3Vqb5kVYdYSMF5
DHMgECW5TcFHe4a+ZnE/KgAcEmTbcqwyPeVe9CC1dL9+Dtvw1XR3qinzp6Os/c1w
g6BD6BE0p3cI4ZHHVSSW6jp9jvXZhfLuFFM53cZgT2+8tPNVFOlO9D759wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPEpoab5zYSqLX0J9tOiGp9JuEc+MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOFNtaHB2bk5oS290ZlFuMjA2SWFuMG00Uno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJtKKLyebdd+EqKKx2iQ
dolpcMz+gpAfgCaIook7o1wxQVbLqvxrP5XWGw77ORLtsebbDLtgISNXr9pn1uzp
RTlF4sN3taUnZSxCFbPp6K0evYHuQedsLDsIQlDmaUvgUq4+QK0vfVo8X1PgSK7i
kfX3GGdfUkNJy15H6T97O1crXYBUU75d1bghWc+A7fQbr0HXSDoP7/VtGttm1nx3
PvmClSm92qlRQWLIPwjiy4zX5LrEFwmVlAr+/KQH++yEvBLYWME2LD+itJnczbZL
SIlyBnxIdCr/GLo0pzvf8HEh8y2wYT2hh5qp/JWSfrdgk6cOz2ldjQZ1mP+Kxm/j
DSQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:30 2024 by rpki-client on console-fra.rpki-client.org