Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BrYAg-yW6T-IPZZdijps73m2-uU.roa
File: BrYAg-yW6T-IPZZdijps73m2-uU.roa (raw, json)
Hash identifier: W1sgtAKd5qPWMr3DBotYFWIk/ZcJrNgtVrdN7soGm6M=
Subject key identifier: 06:B6:00:83:EC:96:E9:3F:88:3D:96:5D:8A:3A:6C:EF:79:B6:FA:E5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6010005DDAF63285A3019839110B6F90
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BrYAg-yW6T-IPZZdijps73m2-uU.roa
Signing time: Thu 21 Mar 2024 08:10:45 +0000
ROA not before: Thu 21 Mar 2024 08:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:60:10:00:5d:da:f6:32:85:a3:01:98:39:11:0b:6f:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 21 08:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06b60083ec96e93f883d965d8a3a6cef79b6fae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:68:41:c9:88:a3:38:07:5f:73:03:5c:3e:8e:
c2:71:c6:60:b9:a1:64:9f:69:68:db:2e:ef:0e:79:
1a:87:8d:9e:78:49:4a:7c:54:a5:2e:31:b5:38:57:
f5:40:0e:85:65:e6:bd:61:86:79:a7:ba:b7:9b:8d:
cc:7c:7f:91:e4:36:e0:52:f2:bf:1c:66:fc:52:9b:
e1:c8:88:1a:93:5b:59:48:fc:3a:34:32:d5:1d:f5:
7d:c1:6b:3b:0b:3b:1d:f7:1f:b5:4b:68:c5:0a:05:
b3:49:ef:18:01:a8:a4:e9:c6:b4:a8:25:f2:6c:55:
7d:f2:76:b6:8a:9d:54:09:d0:78:c7:9a:db:1e:4e:
68:8b:b4:26:1e:e8:ec:8a:52:f8:e6:49:ff:90:04:
20:fd:9d:e0:9f:24:a3:c1:08:07:09:18:86:68:36:
bf:d3:4b:70:1f:25:31:2e:ba:ad:48:02:f2:1f:b5:
93:35:d8:77:2e:0d:3a:e9:bc:9d:03:02:0d:d6:12:
56:4c:af:aa:81:91:21:ce:99:63:d4:46:d7:3f:4a:
e1:ed:d7:05:be:d8:01:f5:06:83:45:e0:0a:24:db:
9d:b0:f1:ef:e1:8c:17:a0:a4:e5:26:2f:28:87:42:
51:68:59:54:54:f9:b8:73:6b:13:c0:d0:e8:11:51:
22:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B6:00:83:EC:96:E9:3F:88:3D:96:5D:8A:3A:6C:EF:79:B6:FA:E5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BrYAg-yW6T-IPZZdijps73m2-uU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:d3:3f:51:d1:f1:96:fb:e0:e9:42:90:e5:e1:96:27:7a:8a:
58:b1:7f:96:f5:47:97:30:94:3c:70:54:43:3d:2f:43:01:eb:
29:77:ae:f5:b3:39:86:43:a2:46:d6:dc:21:55:b3:7b:6a:a8:
8c:23:9d:70:41:44:f6:66:a9:db:9a:6c:ec:be:d8:50:33:30:
60:26:61:c0:72:e6:d9:a4:b9:e5:ef:9b:23:2f:32:50:d8:66:
a3:30:b6:13:be:1a:6d:19:df:0c:58:80:ab:4a:8c:e0:b6:b9:
4b:79:d7:c4:3b:71:7b:42:0a:df:b9:85:41:ba:22:c6:31:cf:
71:58:75:ba:6d:74:f9:64:5d:89:0b:1e:fc:59:f1:e2:a1:8b:
54:22:d2:ce:73:d7:6d:bd:08:2d:ff:8f:df:fa:8f:f4:db:24:
f4:5b:99:34:b1:e6:04:c5:d8:ab:0e:e3:08:65:9d:79:db:ef:
79:91:6d:1a:ba:9b:e3:1b:b3:af:ce:25:da:9a:f7:4a:d4:86:
0e:a9:e8:70:fd:ee:72:ce:fa:27:68:ec:66:55:f8:11:e1:3a:
51:48:d5:e5:4d:b8:07:d2:b2:14:19:a9:2d:60:84:44:00:b9:
b3:ec:0d:09:8e:ea:b8:29:fa:d7:1b:08:e2:8f:ad:89:e7:0b:
3a:c1:68:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5gEABd2vYyhaMBmDkRC2+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIxMDgxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmI2MDA4M2VjOTZlOTNmODgzZDk2NWQ4YTNhNmNlZjc5YjZmYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmhByYijOAdfcwNcPo7CccZguaFk
n2lo2y7vDnkah42eeElKfFSlLjG1OFf1QA6FZea9YYZ5p7q3m43MfH+R5DbgUvK/
HGb8UpvhyIgak1tZSPw6NDLVHfV9wWs7Czsd9x+1S2jFCgWzSe8YAaik6ca0qCXy
bFV98na2ip1UCdB4x5rbHk5oi7QmHujsilL45kn/kAQg/Z3gnySjwQgHCRiGaDa/
00twHyUxLrqtSALyH7WTNdh3Lg066bydAwIN1hJWTK+qgZEhzplj1EbXP0rh7dcF
vtgB9QaDReAKJNudsPHv4YwXoKTlJi8oh0JRaFlUVPm4c2sTwNDoEVEiywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAa2AIPsluk/iD2WXYo6bO95tvrlMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQnJZQWcteVc2VC1JUFpaZGlqcHM3M20yLXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABjTP1HR8Zb74OlCkOXh
lid6ilixf5b1R5cwlDxwVEM9L0MB6yl3rvWzOYZDokbW3CFVs3tqqIwjnXBBRPZm
qduabOy+2FAzMGAmYcBy5tmkueXvmyMvMlDYZqMwthO+Gm0Z3wxYgKtKjOC2uUt5
18Q7cXtCCt+5hUG6IsYxz3FYdbptdPlkXYkLHvxZ8eKhi1Qi0s5z1229CC3/j9/6
j/TbJPRbmTSx5gTF2KsO4whlnXnb73mRbRq6m+Mbs6/OJdqa90rUhg6p6HD97nLO
+ido7GZV+BHhOlFI1eVNuAfSshQZqS1ghEQAubPsDQmO6rgp+tcbCOKPrYnnCzrB
aGc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:30 2024 by rpki-client on console-fra.rpki-client.org