Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CdmmuGMzTTyORZzD6rSpz_h14CU.roa
File: CdmmuGMzTTyORZzD6rSpz_h14CU.roa (raw, json)
Hash identifier: uICf1+af5IMGx8UpPx/Hfjqbv4Cqiq95d71IQpaUIes=
Subject key identifier: 09:D9:A6:B8:63:33:4D:3C:8E:45:9C:C3:EA:B4:A9:CF:F8:75:E0:25
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9C63D8666008BCE9FBABF303B2899BA6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CdmmuGMzTTyORZzD6rSpz_h14CU.roa
Signing time: Sun 24 Dec 2023 15:13:58 +0000
ROA not before: Sun 24 Dec 2023 15:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9c:63:d8:66:60:08:bc:e9:fb:ab:f3:03:b2:89:9b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 24 15:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09d9a6b863334d3c8e459cc3eab4a9cff875e025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7a:59:c9:0a:19:f6:60:d0:47:85:d4:60:57:
19:da:a4:b8:62:c4:dc:80:0a:c1:7e:b1:7e:5a:46:
c6:d6:34:5e:17:4d:0f:2c:48:17:f6:74:a2:c0:33:
83:58:39:03:6a:a5:e9:31:db:aa:ef:13:28:7c:4e:
1a:ca:48:9a:5c:9e:89:ef:cb:4b:32:c5:bd:61:c2:
5b:c2:a3:f4:ba:92:cf:83:fa:d7:42:4a:39:0c:95:
5e:c3:f7:92:9f:84:2f:bc:d2:a5:cf:7c:80:5f:6c:
f0:4e:de:0e:fd:c2:ca:58:0f:d2:1a:8f:87:ec:15:
72:b0:89:4e:b6:96:70:b7:17:37:dd:fb:a6:0d:73:
48:57:15:85:ab:4f:81:60:e7:9f:11:63:3e:03:4a:
7a:4d:24:35:aa:dc:9a:3d:10:84:51:0a:ba:e0:26:
79:63:e7:97:2a:11:ae:5c:87:d4:94:83:36:5e:58:
60:cb:16:2a:6f:88:37:5d:55:a1:5c:4b:bb:bf:20:
2f:08:e2:55:11:05:0b:14:af:2e:e7:1d:ed:ce:84:
bc:67:75:c9:f3:98:f8:50:f2:2c:19:ee:99:0a:fb:
d2:5b:db:51:92:9a:0d:c1:47:2a:f2:02:69:cc:7f:
16:e9:91:eb:2e:6c:98:53:84:56:e9:f8:3b:28:e6:
ad:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D9:A6:B8:63:33:4D:3C:8E:45:9C:C3:EA:B4:A9:CF:F8:75:E0:25
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CdmmuGMzTTyORZzD6rSpz_h14CU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:bc:7d:38:ed:08:98:c7:2e:bc:b0:5c:b8:a9:bd:30:d1:10:
b6:f6:ba:cc:86:50:52:6b:1b:3e:1b:03:ff:3b:0b:8e:84:10:
73:f8:5a:d9:38:e2:aa:47:d5:84:37:ee:0f:21:b6:93:47:f2:
72:d3:e8:cf:2a:d3:44:af:6f:c0:e0:84:53:66:77:f5:44:2a:
09:c4:de:b2:d7:ec:87:25:e1:ff:da:e0:da:bd:7d:49:fb:92:
17:94:60:c2:b5:a8:98:86:3d:0e:b0:b0:54:39:39:df:49:fe:
b0:5a:0a:c0:75:d6:f9:2c:ce:55:5a:3a:42:a5:22:36:cc:29:
e5:fb:58:83:31:b4:18:7c:9a:af:1f:36:44:ce:6c:28:30:f0:
df:a3:e5:83:53:bf:2c:2d:b5:07:a9:01:34:d3:55:23:24:2e:
95:29:8f:9e:11:e5:d5:da:ed:f6:f2:59:7d:1b:41:65:7b:1b:
9e:e7:9d:0d:4d:9f:61:ba:f9:ae:40:3e:9a:e4:54:ea:d2:99:
9f:ca:0d:b5:ac:ae:f4:39:91:37:00:b7:9d:6f:c1:64:53:0e:
6f:7d:ef:a2:6e:0b:df:c3:e6:36:05:cb:2c:58:be:ba:51:8c:
c2:f7:84:c4:9b:98:75:9e:d6:78:f7:0e:48:28:5e:75:73:bf:
d5:a5:5e:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYycY9hmYAi86fur8wOyiZumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI0MTUxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQ5YTZiODYzMzM0ZDNjOGU0NTljYzNlYWI0YTljZmY4NzVlMDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0npZyQoZ9mDQR4XUYFcZ2qS4YsTc
gArBfrF+WkbG1jReF00PLEgX9nSiwDODWDkDaqXpMduq7xMofE4aykiaXJ6J78tL
MsW9YcJbwqP0upLPg/rXQko5DJVew/eSn4QvvNKlz3yAX2zwTt4O/cLKWA/SGo+H
7BVysIlOtpZwtxc33fumDXNIVxWFq0+BYOefEWM+A0p6TSQ1qtyaPRCEUQq64CZ5
Y+eXKhGuXIfUlIM2XlhgyxYqb4g3XVWhXEu7vyAvCOJVEQULFK8u5x3tzoS8Z3XJ
85j4UPIsGe6ZCvvSW9tRkpoNwUcq8gJpzH8W6ZHrLmyYU4RW6fg7KOatHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAnZprhjM008jkWcw+q0qc/4deAlMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ2RtbXVHTXpUVHlPUlp6RDZyU3B6X2gxNENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACS8fTjtCJjHLrywXLip
vTDRELb2usyGUFJrGz4bA/87C46EEHP4Wtk44qpH1YQ37g8htpNH8nLT6M8q00Sv
b8DghFNmd/VEKgnE3rLX7Icl4f/a4Nq9fUn7kheUYMK1qJiGPQ6wsFQ5Od9J/rBa
CsB11vkszlVaOkKlIjbMKeX7WIMxtBh8mq8fNkTObCgw8N+j5YNTvywttQepATTT
VSMkLpUpj54R5dXa7fbyWX0bQWV7G57nnQ1Nn2G6+a5APprkVOrSmZ/KDbWsrvQ5
kTcAt51vwWRTDm9976JuC9/D5jYFyyxYvrpRjML3hMSbmHWe1nj3DkgoXnVzv9Wl
Xqo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:49 2024 by rpki-client on console-ams.rpki-client.org