Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/98iTcjpP7NnqhnAPfqzy4iWFIjA.roa
File: 98iTcjpP7NnqhnAPfqzy4iWFIjA.roa (raw, json)
Hash identifier: lh0uSN69M8PSf0hwODUJBnbNvwbDh8QduuSbINOjVEU=
Subject key identifier: F7:C8:93:72:3A:4F:EC:D9:EA:86:70:0F:7E:AC:F2:E2:25:85:22:30
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D46841C6625640D9D87C3B62F23379DC3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/98iTcjpP7NnqhnAPfqzy4iWFIjA.roa
Signing time: Fri 26 Jan 2024 16:04:39 +0000
ROA not before: Fri 26 Jan 2024 16:04:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:4683:d0bf/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:46:84:1c:66:25:64:0d:9d:87:c3:b6:2f:23:37:9d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 26 16:04:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7c893723a4fecd9ea86700f7eacf2e225852230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6e:30:64:88:d5:f8:68:23:cb:31:8f:ec:21:
a1:f4:53:e3:58:a4:4e:0a:10:74:cd:2e:c1:70:4d:
44:d0:12:bd:ad:a5:0a:f3:7a:e5:fd:ec:41:6d:85:
1d:86:37:6a:2e:7a:a4:c7:91:cc:57:47:98:f9:05:
52:e3:59:af:da:a4:12:b4:72:17:47:a5:ba:2f:ed:
3a:5a:31:62:70:ec:27:32:ed:df:bd:f0:08:ef:86:
31:22:28:52:84:c3:22:4d:58:8b:16:99:8d:5d:0b:
c0:62:2b:7b:f4:64:36:55:bc:ae:8d:b9:27:2a:8e:
04:33:b8:a5:b1:a9:48:d9:a6:66:d4:a0:92:6d:a3:
ef:da:50:9d:a0:a8:a7:a4:44:5a:80:39:e4:62:34:
1a:68:ba:11:2f:4e:c7:c4:0f:d8:62:4d:d8:53:f9:
ed:7c:0d:8a:74:bd:5d:ea:36:66:89:6c:4b:ea:a7:
40:71:ef:ae:51:da:09:df:ef:25:91:a5:45:f5:19:
23:c7:28:d1:6d:39:d8:47:31:c8:eb:28:09:f7:ed:
49:15:35:1d:ad:4d:d2:9a:65:15:e7:e0:f2:c2:bd:
7b:c1:05:f6:85:81:c8:13:a6:36:f8:22:c7:72:c9:
86:c9:7a:44:32:08:a2:02:33:70:b7:7b:4b:d0:b3:
62:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C8:93:72:3A:4F:EC:D9:EA:86:70:0F:7E:AC:F2:E2:25:85:22:30
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/98iTcjpP7NnqhnAPfqzy4iWFIjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:4e:db:07:1e:8b:85:55:5e:ed:03:72:99:e4:0d:c8:1a:72:
ab:b8:d7:c6:6e:34:01:3e:a4:55:72:79:87:7c:f5:53:ea:40:
cf:a2:b0:d6:c8:53:f4:0d:2a:6b:cb:f5:b4:0a:60:f2:7b:e5:
c8:51:ef:be:23:b5:9b:dc:bd:16:61:de:a9:44:a3:dd:eb:2e:
e0:48:bb:7c:0b:3e:d4:f4:4b:18:80:65:e5:76:24:6a:fa:db:
43:96:64:4f:55:c1:02:73:87:95:ea:d1:70:84:cb:d5:d7:dc:
54:84:94:54:30:0f:d8:e1:5e:7a:65:81:80:12:9a:50:a0:94:
29:19:3c:de:c0:ff:55:6c:6e:41:80:7c:79:ec:7d:29:c7:59:
29:ba:b8:d7:66:b7:f6:0f:18:31:34:20:94:5e:a9:12:ae:fc:
81:d8:7d:86:49:ea:ce:4c:47:4a:a3:54:f0:c2:e7:cf:63:9d:
9e:67:c2:ff:a2:95:a8:05:34:6e:f6:fd:90:a0:05:20:82:ce:
24:0b:07:f2:a1:2f:26:31:7d:a3:08:88:10:83:4b:1d:01:86:
dd:3f:a1:bc:52:59:7a:84:3d:d1:8e:d9:6f:ee:f9:74:2f:8d:
80:10:64:e6:83:4d:c7:93:8f:cd:15:d7:50:99:6c:da:a0:c5:
08:d6:fd:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1GhBxmJWQNnYfDti8jN53DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI2MTYwNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2M4OTM3MjNhNGZlY2Q5ZWE4NjcwMGY3ZWFjZjJlMjI1ODUyMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmW4wZIjV+GgjyzGP7CGh9FPjWKRO
ChB0zS7BcE1E0BK9raUK83rl/exBbYUdhjdqLnqkx5HMV0eY+QVS41mv2qQStHIX
R6W6L+06WjFicOwnMu3fvfAI74YxIihShMMiTViLFpmNXQvAYit79GQ2Vbyujbkn
Ko4EM7ilsalI2aZm1KCSbaPv2lCdoKinpERagDnkYjQaaLoRL07HxA/YYk3YU/nt
fA2KdL1d6jZmiWxL6qdAce+uUdoJ3+8lkaVF9RkjxyjRbTnYRzHI6ygJ9+1JFTUd
rU3SmmUV5+Dywr17wQX2hYHIE6Y2+CLHcsmGyXpEMgiiAjNwt3tL0LNiLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPfIk3I6T+zZ6oZwD36s8uIlhSIwMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOThpVGNqcFA3Tm5xaG5BUGZxenk0aVdGSWpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADVO2wcei4VVXu0Dcpnk
Dcgacqu418ZuNAE+pFVyeYd89VPqQM+isNbIU/QNKmvL9bQKYPJ75chR774jtZvc
vRZh3qlEo93rLuBIu3wLPtT0SxiAZeV2JGr620OWZE9VwQJzh5Xq0XCEy9XX3FSE
lFQwD9jhXnplgYASmlCglCkZPN7A/1VsbkGAfHnsfSnHWSm6uNdmt/YPGDE0IJRe
qRKu/IHYfYZJ6s5MR0qjVPDC589jnZ5nwv+ilagFNG72/ZCgBSCCziQLB/KhLyYx
faMIiBCDSx0Bht0/obxSWXqEPdGO2W/u+XQvjYAQZOaDTceTj80V11CZbNqgxQjW
/QA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:49 2024 by rpki-client on console-ams.rpki-client.org