Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DitHJeOnpRBnSUUhOzZxFwenq7k.roa
File: DitHJeOnpRBnSUUhOzZxFwenq7k.roa (raw, json)
Hash identifier: 7KQRUNi1+aIhR1OzfRIkbk9+UYTASArVnuxxRMK7u+k=
Subject key identifier: 0E:2B:47:25:E3:A7:A5:10:67:49:45:21:3B:36:71:17:07:A7:AB:B9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DA974D1C2771692969D99F907D9D32A1A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DitHJeOnpRBnSUUhOzZxFwenq7k.roa
Signing time: Wed 14 Feb 2024 21:10:21 +0000
ROA not before: Wed 14 Feb 2024 21:10:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a9:74:d1:c2:77:16:92:96:9d:99:f9:07:d9:d3:2a:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 14 21:10:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e2b4725e3a7a510674945213b36711707a7abb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ca:94:7d:e4:c1:d6:13:e2:06:c4:f9:83:fc:
e9:82:b6:13:7c:1e:eb:f2:9a:c3:3d:7e:a2:66:f8:
f5:40:ff:06:e8:48:9a:2f:28:82:16:06:46:56:e6:
7d:55:38:98:76:72:76:50:ef:d3:2e:a8:d0:2b:84:
29:61:97:08:9c:b4:dc:92:fb:8b:ca:e8:94:83:19:
5f:d5:b7:45:0e:69:fa:cf:c2:69:c0:bf:34:d8:97:
7e:f7:ad:eb:9e:da:95:7b:79:48:15:4d:64:d1:40:
67:ca:d7:e5:15:cb:92:8d:b8:be:da:c1:55:42:fa:
82:53:34:04:d4:ba:b3:18:61:a6:c9:3d:c3:72:f9:
e3:3e:7e:7a:f6:98:bd:6a:bf:48:21:d1:79:f2:7a:
34:ef:1c:44:4b:54:60:f5:c0:cc:67:96:56:01:f4:
c0:db:58:d8:c4:c1:ff:1e:74:ee:93:05:cf:00:81:
5d:ee:c8:b9:34:8e:b2:1b:28:16:61:2e:3a:93:fb:
b5:e4:45:cd:dc:d7:2e:6c:12:4b:b9:ff:ee:8a:3a:
87:a0:a2:2e:bb:9f:0b:06:8d:f3:3a:19:7a:74:de:
a7:01:2a:13:25:af:35:9d:5b:cb:04:54:65:67:36:
dc:c4:1e:13:9c:83:63:24:cb:f6:3f:08:4a:c9:85:
9b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2B:47:25:E3:A7:A5:10:67:49:45:21:3B:36:71:17:07:A7:AB:B9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DitHJeOnpRBnSUUhOzZxFwenq7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:75:a7:b4:0f:eb:95:5c:4c:28:14:5e:8a:fd:b5:61:18:d4:
7d:af:33:c8:84:75:00:89:9d:0b:69:0f:02:e2:35:0f:1d:0c:
1f:de:9b:76:b4:97:33:a6:7e:4b:e8:eb:c0:54:a0:e8:e9:02:
2f:fc:1e:32:aa:14:81:94:3b:5a:53:aa:9b:6f:7b:1f:dc:30:
32:f9:8c:5a:2c:3c:cd:7e:80:3c:48:37:cc:ed:53:ba:c5:fb:
bc:d5:7a:b1:6f:46:af:15:11:31:bf:51:5f:9c:f0:21:d4:01:
04:59:a3:eb:e9:e7:84:a6:21:d6:2b:69:92:48:4d:a9:d9:d5:
01:8a:b3:25:e8:d2:1a:15:b6:60:bc:1c:3c:b6:92:6f:67:ae:
e9:2b:cb:48:77:34:28:78:17:94:59:94:01:27:7a:df:af:0d:
33:72:18:9d:97:c7:a2:2b:0a:1e:08:76:f9:03:61:f1:84:73:
5a:d1:72:40:15:0c:a9:50:aa:34:91:3d:32:ac:ad:5a:30:d9:
e8:c7:e7:c0:33:46:b7:b9:6c:f7:b4:ac:7c:ca:a5:7d:81:11:
51:53:b5:d4:eb:48:23:ba:56:df:7f:71:72:65:44:fd:4b:9d:
90:fe:78:24:61:f7:a9:bf:fe:85:95:71:47:f8:02:c3:ed:86:
51:6d:7c:2b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2pdNHCdxaSlp2Z+QfZ0yoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE0MjExMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTJiNDcyNWUzYTdhNTEwNjc0OTQ1MjEzYjM2NzExNzA3YTdhYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsqUfeTB1hPiBsT5g/zpgrYTfB7r
8prDPX6iZvj1QP8G6EiaLyiCFgZGVuZ9VTiYdnJ2UO/TLqjQK4QpYZcInLTckvuL
yuiUgxlf1bdFDmn6z8JpwL802Jd+963rntqVe3lIFU1k0UBnytflFcuSjbi+2sFV
QvqCUzQE1LqzGGGmyT3DcvnjPn569pi9ar9IIdF58no07xxES1Rg9cDMZ5ZWAfTA
21jYxMH/HnTukwXPAIFd7si5NI6yGygWYS46k/u15EXN3NcubBJLuf/uijqHoKIu
u58LBo3zOhl6dN6nASoTJa81nVvLBFRlZzbcxB4TnINjJMv2PwhKyYWbDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA4rRyXjp6UQZ0lFITs2cRcHp6u5MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRGl0SEplT25wUkJuU1VVaE96WnhGd2VucTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJN1p7QP65VcTCgUXor9
tWEY1H2vM8iEdQCJnQtpDwLiNQ8dDB/em3a0lzOmfkvo68BUoOjpAi/8HjKqFIGU
O1pTqptvex/cMDL5jFosPM1+gDxIN8ztU7rF+7zVerFvRq8VETG/UV+c8CHUAQRZ
o+vp54SmIdYraZJITanZ1QGKsyXo0hoVtmC8HDy2km9nrukry0h3NCh4F5RZlAEn
et+vDTNyGJ2Xx6IrCh4IdvkDYfGEc1rRckAVDKlQqjSRPTKsrVow2ejH58AzRre5
bPe0rHzKpX2BEVFTtdTrSCO6Vt9/cXJlRP1LnZD+eCRh96m//oWVcUf4AsPthlFt
fCs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:49 2024 by rpki-client on console-ams.rpki-client.org