Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Du5RYG2-aByKoKXJX9bi4M9IJiQ.roa
File: Du5RYG2-aByKoKXJX9bi4M9IJiQ.roa (raw, json)
Hash identifier: vr8gEV2q82hytKTlBgXDKwMeZjsdI37THp0a9ynXQBw=
Subject key identifier: 0E:EE:51:60:6D:BE:68:1C:8A:A0:A5:C9:5F:D6:E2:E0:CF:48:26:24
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB43050CC0E0C6538A64781B150F2207B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Du5RYG2-aByKoKXJX9bi4M9IJiQ.roa
Signing time: Fri 16 Feb 2024 23:11:21 +0000
ROA not before: Fri 16 Feb 2024 23:11:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b4:30:50:cc:0e:0c:65:38:a6:47:81:b1:50:f2:20:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 16 23:11:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0eee51606dbe681c8aa0a5c95fd6e2e0cf482624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:87:2b:f2:a8:d9:ac:9e:77:f2:7c:58:1e:d4:
0d:d8:ba:23:a4:2d:1c:b8:f8:66:d3:91:df:59:cc:
55:11:f1:72:01:4e:e1:9c:d1:09:42:80:b2:e0:d7:
d2:01:d1:72:5f:54:ca:dc:92:42:fc:e4:40:90:5b:
e6:66:e9:3c:0d:c3:13:db:52:e2:b1:3d:f9:ee:ec:
cb:ec:54:71:c8:c4:bf:30:d5:f3:a4:fa:06:aa:a5:
c8:3b:7f:24:c3:77:09:8f:47:f8:6a:a8:68:61:0f:
32:19:9b:07:69:3b:55:e3:3c:38:d8:c6:a9:89:26:
66:09:dc:a8:ed:79:fb:21:29:f7:37:8d:7a:89:a4:
b0:e3:0f:10:7a:89:eb:de:8a:5b:bd:f4:a4:79:ae:
72:bd:cb:dd:57:1f:26:62:0b:17:54:39:65:3d:b1:
83:d9:fd:a9:d1:ff:d5:d0:61:9a:98:0d:6f:3e:73:
e7:a5:be:81:d6:ff:98:a5:42:c8:73:3b:e3:d5:82:
d6:22:8c:e2:66:91:c9:bb:37:26:b8:31:ee:02:54:
69:75:9b:dc:48:63:bf:9f:b7:a0:2a:32:dc:a8:ca:
4a:b0:c7:5e:da:a2:83:6b:bb:54:e0:19:0a:76:89:
28:d2:9a:0d:74:d9:18:e2:0d:b9:cb:6a:10:d6:49:
60:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:EE:51:60:6D:BE:68:1C:8A:A0:A5:C9:5F:D6:E2:E0:CF:48:26:24
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Du5RYG2-aByKoKXJX9bi4M9IJiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:5c:4e:ae:8e:4d:cd:3e:00:50:0a:79:af:30:fc:30:5a:9b:
64:25:81:25:0b:55:b3:33:b1:17:bb:e8:17:0a:b6:a1:9b:bd:
1b:7c:ef:42:6c:4f:13:a1:72:42:74:62:17:97:3e:c0:9b:e8:
36:03:6d:a4:d1:57:85:ca:14:60:62:56:8a:0b:63:f0:7b:66:
36:c6:3e:40:b9:29:6e:93:7a:5b:89:12:78:f4:8f:42:03:7b:
fa:c4:dd:fa:28:f6:0d:1b:dc:3a:5d:b1:fe:cd:ce:cf:f6:6a:
18:c5:b4:00:0b:de:66:4f:a5:4a:6d:c0:4c:0d:be:91:97:25:
81:5c:c6:b4:f5:8b:d1:e7:c2:bc:7c:b6:3a:c8:38:d1:18:2d:
d3:fb:a8:b9:4e:a1:f8:d2:09:1c:28:94:80:73:97:ba:55:29:
07:84:20:0f:63:81:b3:2e:07:8c:71:34:50:e1:65:2c:0e:24:
e4:bf:76:90:b3:fd:f2:0a:6b:ae:cc:cb:4e:4b:e7:cd:f0:d2:
12:a7:ea:f1:ae:de:16:fd:67:aa:45:ff:a2:65:03:1e:0c:68:
cb:72:11:06:1c:2a:87:79:ce:80:f2:84:8f:a5:a4:ab:6f:93:
40:e3:79:70:f2:71:2a:6f:bc:9a:a0:e9:61:f5:7e:3d:f6:8d:
6b:58:4f:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY20MFDMDgxlOKZHgbFQ8iB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE2MjMxMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWVlNTE2MDZkYmU2ODFjOGFhMGE1Yzk1ZmQ2ZTJlMGNmNDgyNjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIcr8qjZrJ538nxYHtQN2LojpC0c
uPhm05HfWcxVEfFyAU7hnNEJQoCy4NfSAdFyX1TK3JJC/ORAkFvmZuk8DcMT21Li
sT357uzL7FRxyMS/MNXzpPoGqqXIO38kw3cJj0f4aqhoYQ8yGZsHaTtV4zw42Map
iSZmCdyo7Xn7ISn3N416iaSw4w8Qeonr3opbvfSkea5yvcvdVx8mYgsXVDllPbGD
2f2p0f/V0GGamA1vPnPnpb6B1v+YpULIczvj1YLWIoziZpHJuzcmuDHuAlRpdZvc
SGO/n7egKjLcqMpKsMde2qKDa7tU4BkKdoko0poNdNkY4g25y2oQ1klgCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA7uUWBtvmgciqClyV/W4uDPSCYkMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRHU1UllHMi1hQnlLb0tYSlg5Ymk0TTlJSmlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAlcTq6OTc0+AFAKea8w
/DBam2QlgSULVbMzsRe76BcKtqGbvRt870JsTxOhckJ0YheXPsCb6DYDbaTRV4XK
FGBiVooLY/B7ZjbGPkC5KW6TeluJEnj0j0IDe/rE3foo9g0b3Dpdsf7Nzs/2ahjF
tAAL3mZPpUptwEwNvpGXJYFcxrT1i9Hnwrx8tjrIONEYLdP7qLlOofjSCRwolIBz
l7pVKQeEIA9jgbMuB4xxNFDhZSwOJOS/dpCz/fIKa67My05L583w0hKn6vGu3hb9
Z6pF/6JlAx4MaMtyEQYcKod5zoDyhI+lpKtvk0DjeXDycSpvvJqg6WH1fj32jWtY
T+s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:49 2024 by rpki-client on console-ams.rpki-client.org