Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AfctgLriE_b6Ew0ytWbZEZX2kV8.roa
File: AfctgLriE_b6Ew0ytWbZEZX2kV8.roa (raw, json)
Hash identifier: TdjZO9zjRXvr0UavwaeZgu8ptUdyY9Kopa2yo9XKEjc=
Subject key identifier: 01:F7:2D:80:BA:E2:13:F6:FA:13:0D:32:B5:66:D9:11:95:F6:91:5F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E1720FADBD5ED1EA7DB571A6EFFF8C04D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AfctgLriE_b6Ew0ytWbZEZX2kV8.roa
Signing time: Thu 07 Mar 2024 04:17:01 +0000
ROA not before: Thu 07 Mar 2024 04:17:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:17:20:fa:db:d5:ed:1e:a7:db:57:1a:6e:ff:f8:c0:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 7 04:17:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01f72d80bae213f6fa130d32b566d91195f6915f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6f:3e:cf:7b:b0:e2:94:23:69:22:bf:ba:59:
c1:e2:99:a8:96:8a:3a:5d:c9:c0:7b:e1:8d:23:b3:
52:a7:76:c7:34:e0:8b:5a:0c:12:cb:92:2b:3d:04:
22:78:57:de:68:2c:ef:58:33:1e:b0:68:74:b5:80:
e1:d1:56:33:bd:48:28:b3:c0:d8:26:3c:da:c3:62:
10:42:a4:0b:27:d2:ec:4c:10:b2:21:08:a9:21:d2:
b2:bc:10:1b:0e:9c:5a:5d:85:8a:1c:f5:4b:3e:54:
a9:ce:37:59:8c:77:23:c8:c4:8a:32:73:e5:7a:1e:
ae:d6:f7:56:c0:87:05:8c:fd:27:97:8a:d7:d0:c8:
5b:50:b8:e6:db:23:8a:13:61:e4:bb:f4:3c:cc:7d:
7d:28:0a:c8:3d:4c:8a:5c:6b:da:b4:90:21:fe:0b:
a3:e2:35:40:b7:31:95:bd:27:bd:fd:f8:cc:11:89:
d7:ce:bc:4d:48:82:8f:aa:e1:1d:68:f2:49:b4:dd:
4b:ab:c4:45:b7:46:6b:4f:c1:b3:39:95:7c:bc:04:
e6:67:d8:df:25:11:ce:17:61:1c:a8:96:bf:ae:a4:
56:f7:56:a6:c6:af:dc:f2:be:03:51:a9:e5:26:2e:
d8:67:00:79:a5:46:00:68:ce:73:06:55:4e:81:96:
e1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F7:2D:80:BA:E2:13:F6:FA:13:0D:32:B5:66:D9:11:95:F6:91:5F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AfctgLriE_b6Ew0ytWbZEZX2kV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:92:8e:83:1f:2b:f3:e2:ee:05:25:e4:b8:2d:2a:81:c1:2e:
33:5c:5f:cb:30:3c:4e:ee:8c:28:00:9f:7a:cb:8d:c9:90:16:
32:cc:b3:0d:f9:8b:9a:b7:67:ab:c3:9d:24:55:28:16:13:d9:
ed:ab:6e:c6:f3:c9:79:4f:88:5b:f2:b0:2d:ac:25:7a:53:38:
11:35:d8:c9:ac:71:83:1a:56:d7:b0:97:c9:c5:e8:5d:ca:c9:
4b:d5:be:fd:50:22:93:21:16:2c:b6:57:79:55:ba:c9:20:8e:
a6:2a:ef:23:6b:e9:9d:64:ac:af:ae:bd:d7:ca:cb:56:2b:56:
b2:61:92:f4:48:c5:8b:ee:fa:48:63:83:4f:4c:ea:10:01:5a:
09:6a:7e:b4:07:e8:ff:e9:60:ce:9d:b8:fc:e8:06:48:29:8a:
cb:1a:9a:fb:fc:5f:d7:49:81:a7:71:67:15:8f:dd:6e:b9:8e:
70:0c:a4:de:87:bb:ed:57:0f:ac:3a:26:00:fe:75:32:a4:ef:
1f:53:ef:4f:47:85:0f:d8:13:3a:5c:8d:24:b0:9c:52:1e:65:
0b:12:a0:7b:3e:69:88:b7:55:19:5e:e4:75:d0:ef:f6:74:20:
5f:44:2c:76:e3:ab:00:c9:dd:fb:1b:ad:78:52:09:62:21:f1:
b3:d2:e8:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4XIPrb1e0ep9tXGm7/+MBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA3MDQxNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY3MmQ4MGJhZTIxM2Y2ZmExMzBkMzJiNTY2ZDkxMTk1ZjY5MTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm8+z3uw4pQjaSK/ulnB4pmoloo6
XcnAe+GNI7NSp3bHNOCLWgwSy5IrPQQieFfeaCzvWDMesGh0tYDh0VYzvUgos8DY
Jjzaw2IQQqQLJ9LsTBCyIQipIdKyvBAbDpxaXYWKHPVLPlSpzjdZjHcjyMSKMnPl
eh6u1vdWwIcFjP0nl4rX0MhbULjm2yOKE2Hku/Q8zH19KArIPUyKXGvatJAh/guj
4jVAtzGVvSe9/fjMEYnXzrxNSIKPquEdaPJJtN1Lq8RFt0ZrT8GzOZV8vATmZ9jf
JRHOF2EcqJa/rqRW91amxq/c8r4DUanlJi7YZwB5pUYAaM5zBlVOgZbh4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAH3LYC64hP2+hMNMrVm2RGV9pFfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQWZjdGdMcmlFX2I2RXcweXRXYlpFWlgya1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIaSjoMfK/Pi7gUl5Lgt
KoHBLjNcX8swPE7ujCgAn3rLjcmQFjLMsw35i5q3Z6vDnSRVKBYT2e2rbsbzyXlP
iFvysC2sJXpTOBE12MmscYMaVtewl8nF6F3KyUvVvv1QIpMhFiy2V3lVuskgjqYq
7yNr6Z1krK+uvdfKy1YrVrJhkvRIxYvu+khjg09M6hABWglqfrQH6P/pYM6duPzo
Bkgpissamvv8X9dJgadxZxWP3W65jnAMpN6Hu+1XD6w6JgD+dTKk7x9T709HhQ/Y
EzpcjSSwnFIeZQsSoHs+aYi3VRle5HXQ7/Z0IF9ELHbjqwDJ3fsbrXhSCWIh8bPS
6Kg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:02 2025 by rpki-client