Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AwSXN9hTl-srG_1xWiJQZQivIqk.roa
File: AwSXN9hTl-srG_1xWiJQZQivIqk.roa (raw, json)
Hash identifier: BKwSgUW4erev7AD54VKBJyudBw+69plRivIIGRosqyQ=
Subject key identifier: 03:04:97:37:D8:53:97:EB:2B:1B:FD:71:5A:22:50:65:08:AF:22:A9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DD04CC3CCD89FCE59BFEF633D095888D2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AwSXN9hTl-srG_1xWiJQZQivIqk.roa
Signing time: Thu 22 Feb 2024 10:11:48 +0000
ROA not before: Thu 22 Feb 2024 10:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:4c:c3:cc:d8:9f:ce:59:bf:ef:63:3d:09:58:88:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 22 10:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03049737d85397eb2b1bfd715a22506508af22a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3a:6c:8b:be:8e:c6:56:30:a6:c5:a7:b2:c0:
82:c1:df:ee:c2:23:f7:7f:74:03:be:2e:67:67:b2:
af:28:ac:6c:a0:4d:5e:64:c0:1e:5a:79:02:4b:eb:
4f:a5:7f:d5:c1:4a:4d:ff:a4:e4:b4:0c:4e:47:b8:
15:5b:d2:7c:33:30:0a:a9:1c:2b:53:33:20:b0:31:
d7:49:5b:67:99:79:51:71:e1:06:f7:14:80:58:60:
b5:7b:11:16:86:ba:1b:a2:67:6a:a5:b5:e1:db:f5:
17:f5:52:77:df:ef:c9:c0:36:0d:23:0b:0e:c0:5a:
d1:93:cc:25:a7:a6:d8:41:fe:6a:8e:ff:13:a1:eb:
13:a3:32:7b:60:57:04:ab:ed:8e:c3:eb:6a:f9:4c:
c5:53:69:e1:70:d1:85:bb:8f:96:43:c7:4b:59:50:
04:7e:5d:20:58:7b:e9:c4:77:46:60:3a:bf:35:15:
67:02:dd:82:f2:0c:22:90:0b:88:1b:b1:b2:89:f2:
af:83:2f:e5:0b:df:60:c2:7c:36:77:1a:17:9e:f8:
17:b6:40:c5:ab:38:29:68:12:64:01:f1:bb:a2:fc:
57:c6:66:19:75:07:55:57:b2:c8:ba:a3:c5:df:7e:
d5:82:33:49:4a:c7:58:43:9e:81:12:47:d8:96:6b:
6e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:04:97:37:D8:53:97:EB:2B:1B:FD:71:5A:22:50:65:08:AF:22:A9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AwSXN9hTl-srG_1xWiJQZQivIqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:91:2b:2b:6c:d3:00:d4:fa:15:04:42:d6:7f:73:18:9f:a4:
fe:96:34:a0:d0:16:19:63:50:05:a2:f2:d9:5b:1c:86:00:5e:
73:e0:d5:bc:2a:91:04:bc:4e:4e:72:2c:1e:44:e0:d5:c2:38:
46:63:dd:3d:4e:45:56:64:52:b3:37:8a:e8:25:37:62:e1:28:
6b:db:05:cb:25:b2:c4:08:e9:0f:ce:f3:a5:4e:c6:35:eb:9b:
4f:5a:3b:bb:04:11:72:ad:f3:8c:56:0f:e9:10:a9:48:30:df:
d2:a3:5e:41:b5:99:d1:4d:90:62:d9:b8:05:78:72:54:58:a7:
d7:00:89:86:95:93:e7:d4:1b:5f:28:2c:12:aa:52:08:0f:11:
40:90:a6:2b:7b:24:9c:a0:6b:95:6f:92:06:a0:88:bc:80:aa:
9f:bd:01:ca:42:9f:b8:93:6a:b1:1b:fd:35:25:79:4a:0d:6b:
92:05:b7:d4:2a:6c:04:f6:59:36:d5:7d:f3:a4:83:a7:08:3c:
21:37:46:c8:5d:5a:d1:b3:a8:24:ac:6b:70:9e:4b:10:47:6a:
a9:81:4b:20:0c:de:97:4d:31:6c:47:b7:2a:65:f7:fa:44:60:
af:de:3c:88:e2:dd:cf:04:d9:b3:e4:2c:3a:8f:0f:f1:83:76:
69:86:9c:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3QTMPM2J/OWb/vYz0JWIjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIyMTAxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzA0OTczN2Q4NTM5N2ViMmIxYmZkNzE1YTIyNTA2NTA4YWYyMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Tpsi76OxlYwpsWnssCCwd/uwiP3
f3QDvi5nZ7KvKKxsoE1eZMAeWnkCS+tPpX/VwUpN/6TktAxOR7gVW9J8MzAKqRwr
UzMgsDHXSVtnmXlRceEG9xSAWGC1exEWhrobomdqpbXh2/UX9VJ33+/JwDYNIwsO
wFrRk8wlp6bYQf5qjv8ToesTozJ7YFcEq+2Ow+tq+UzFU2nhcNGFu4+WQ8dLWVAE
fl0gWHvpxHdGYDq/NRVnAt2C8gwikAuIG7GyifKvgy/lC99gwnw2dxoXnvgXtkDF
qzgpaBJkAfG7ovxXxmYZdQdVV7LIuqPF337VgjNJSsdYQ56BEkfYlmtuUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAMElzfYU5frKxv9cVoiUGUIryKpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQXdTWE45aFRsLXNyR18xeFdpSlFaUWl2SXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIiRKyts0wDU+hUEQtZ/
cxifpP6WNKDQFhljUAWi8tlbHIYAXnPg1bwqkQS8Tk5yLB5E4NXCOEZj3T1ORVZk
UrM3iuglN2LhKGvbBcslssQI6Q/O86VOxjXrm09aO7sEEXKt84xWD+kQqUgw39Kj
XkG1mdFNkGLZuAV4clRYp9cAiYaVk+fUG18oLBKqUggPEUCQpit7JJyga5Vvkgag
iLyAqp+9AcpCn7iTarEb/TUleUoNa5IFt9QqbAT2WTbVffOkg6cIPCE3RshdWtGz
qCSsa3CeSxBHaqmBSyAM3pdNMWxHtypl9/pEYK/ePIji3c8E2bPkLDqPD/GDdmmG
nHg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:49 2024 by rpki-client on console-ams.rpki-client.org