Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DjHNlkeN889mzpGxyCMeDSXxhKw.roa
File: DjHNlkeN889mzpGxyCMeDSXxhKw.roa (raw, json)
Hash identifier: VkOMuVSn3wSWv+S/3kWzHg+IUq25nLsac9ORCDhBl2c=
Subject key identifier: 0E:31:CD:96:47:8D:F3:CF:66:CE:91:B1:C8:23:1E:0D:25:F1:84:AC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CEB5A6D0A633892E19E087107DF20F94F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DjHNlkeN889mzpGxyCMeDSXxhKw.roa
Signing time: Mon 08 Jan 2024 23:13:41 +0000
ROA not before: Mon 08 Jan 2024 23:13:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:eb:5a:6d:0a:63:38:92:e1:9e:08:71:07:df:20:f9:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 8 23:13:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e31cd96478df3cf66ce91b1c8231e0d25f184ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:56:7f:fc:a0:38:0e:77:50:7e:98:fa:75:13:
5a:17:92:be:41:6f:17:2e:b1:59:fe:af:4f:72:1e:
24:73:ea:39:7c:42:d6:69:2a:4f:70:ed:82:c3:09:
9a:f6:43:c0:0c:3f:2b:3e:de:b4:99:4f:e1:be:1b:
cf:ad:90:c7:c3:78:3e:3b:e8:eb:8f:6e:a6:af:24:
a9:4a:a7:33:83:be:e0:d2:b1:fe:11:0a:d1:c4:69:
11:b5:c3:53:24:fd:36:4a:a1:33:12:c4:61:73:df:
0d:63:de:38:fd:09:a6:64:b6:eb:27:8d:b7:b5:bb:
d6:fb:5a:c2:b0:eb:1e:15:7e:6a:17:c4:8d:2c:36:
59:0b:06:88:da:6c:af:35:ed:d0:d3:71:59:bd:5c:
df:86:ca:aa:82:06:0a:eb:15:c5:bd:83:12:17:72:
d0:75:26:b2:6b:ea:53:40:08:c1:e9:37:a9:f5:92:
1b:24:9b:62:97:a3:8b:58:6d:77:09:dd:94:01:37:
21:2a:30:d3:f1:a9:cb:22:d8:e6:84:8b:67:64:55:
29:17:f9:7b:97:9f:4f:ad:02:f7:9a:67:f9:b3:9d:
af:17:69:75:a0:2b:54:4b:07:cc:9b:17:b9:81:c5:
bd:e9:d3:07:b9:92:29:d2:a4:a1:c1:b4:90:e0:9d:
74:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:31:CD:96:47:8D:F3:CF:66:CE:91:B1:C8:23:1E:0D:25:F1:84:AC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DjHNlkeN889mzpGxyCMeDSXxhKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:09:15:61:d0:36:a1:3a:f7:0f:85:ec:cc:18:24:b8:7f:c8:
e2:62:fa:91:87:98:40:08:10:fd:ed:44:a9:07:1e:12:ee:f6:
fe:62:ff:e7:7c:db:b0:a6:ba:11:33:57:61:eb:db:dd:c7:09:
64:bc:9d:cd:93:90:ec:b6:ab:39:f0:93:a3:75:d8:14:cb:28:
6c:95:d2:67:f1:ee:a0:39:91:08:0c:97:6b:1e:52:80:e8:aa:
dc:46:05:56:19:b3:4b:19:8d:a0:3b:69:04:36:95:1f:86:10:
e6:be:5e:20:79:dc:42:d3:ff:e7:6d:78:e2:54:dd:4e:4e:e5:
a3:8a:65:7c:93:cf:a4:72:95:0c:6d:0d:b3:13:19:60:9d:b3:
45:05:fe:52:cb:62:e4:cf:c9:4d:d6:a5:cc:4c:28:f6:87:f3:
0c:03:6c:c7:d1:ab:78:f3:f9:b2:aa:34:50:53:5e:e4:44:cb:
3e:eb:05:1f:4d:c1:6a:9c:6e:73:15:31:29:c2:c8:6a:72:b7:
83:64:3a:07:fe:1f:4f:f4:43:26:2c:d0:0a:42:35:87:78:d3:
d2:05:86:09:de:a3:23:85:46:20:e3:a6:9f:ad:b7:01:59:16:
83:e7:0b:34:f7:d3:c3:e2:5e:f5:14:ac:6a:6d:5b:26:22:22:
20:1d:82:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzrWm0KYziS4Z4IcQffIPlPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA4MjMxMzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTMxY2Q5NjQ3OGRmM2NmNjZjZTkxYjFjODIzMWUwZDI1ZjE4NGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlZ//KA4DndQfpj6dRNaF5K+QW8X
LrFZ/q9Pch4kc+o5fELWaSpPcO2Cwwma9kPADD8rPt60mU/hvhvPrZDHw3g+O+jr
j26mrySpSqczg77g0rH+EQrRxGkRtcNTJP02SqEzEsRhc98NY944/QmmZLbrJ423
tbvW+1rCsOseFX5qF8SNLDZZCwaI2myvNe3Q03FZvVzfhsqqggYK6xXFvYMSF3LQ
dSaya+pTQAjB6Tep9ZIbJJtil6OLWG13Cd2UATchKjDT8anLItjmhItnZFUpF/l7
l59PrQL3mmf5s52vF2l1oCtUSwfMmxe5gcW96dMHuZIp0qShwbSQ4J10gwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA4xzZZHjfPPZs6RscgjHg0l8YSsMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRGpITmxrZU44ODltenBHeHlDTWVEU1h4aEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGEJFWHQNqE69w+F7MwY
JLh/yOJi+pGHmEAIEP3tRKkHHhLu9v5i/+d827CmuhEzV2Hr293HCWS8nc2TkOy2
qznwk6N12BTLKGyV0mfx7qA5kQgMl2seUoDoqtxGBVYZs0sZjaA7aQQ2lR+GEOa+
XiB53ELT/+dteOJU3U5O5aOKZXyTz6RylQxtDbMTGWCds0UF/lLLYuTPyU3WpcxM
KPaH8wwDbMfRq3jz+bKqNFBTXuREyz7rBR9NwWqcbnMVMSnCyGpyt4NkOgf+H0/0
QyYs0ApCNYd409IFhgneoyOFRiDjpp+ttwFZFoPnCzT308PiXvUUrGptWyYiIiAd
gtE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:49 2024 by rpki-client on console-ams.rpki-client.org