Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FzlahNU9hTzUgRpRTXK5kmz52Do.roa
File: FzlahNU9hTzUgRpRTXK5kmz52Do.roa (raw, json)
Hash identifier: HHhOpIMqI+yGXfibtiv12MgWun5l1s1bC4Hx4ynnoJI=
Subject key identifier: 17:39:5A:84:D5:3D:85:3C:D4:81:1A:51:4D:72:B9:92:6C:F9:D8:3A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D962A5E7AAABD4B0422738B112C1B4624
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FzlahNU9hTzUgRpRTXK5kmz52Do.roa
Signing time: Sun 11 Feb 2024 03:16:15 +0000
ROA not before: Sun 11 Feb 2024 03:16:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:96:2a:5e:7a:aa:bd:4b:04:22:73:8b:11:2c:1b:46:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 11 03:16:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17395a84d53d853cd4811a514d72b9926cf9d83a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1b:c5:9b:cb:64:81:88:7d:7e:9e:11:57:48:
e4:22:b6:a2:4e:c0:28:4a:88:de:35:43:06:af:20:
10:a7:8a:0b:80:41:82:08:af:7c:6c:48:f9:f8:3e:
95:9b:2a:f3:c0:79:68:08:5e:aa:01:de:20:a5:00:
4c:93:dd:13:90:e0:79:2b:5e:a2:11:51:83:d8:1f:
ac:76:5b:78:72:0c:43:13:07:53:74:6a:13:8d:60:
99:74:eb:41:41:11:45:11:cf:d3:1d:00:a0:ce:5e:
87:f1:f9:89:0e:aa:f3:61:c0:fb:3b:36:40:2a:3e:
82:2e:57:6f:de:32:c8:45:2b:80:b2:73:d2:69:26:
03:b7:a7:79:dc:79:21:5a:d2:5f:f2:41:01:cf:8c:
de:89:75:e4:9c:bf:41:fb:72:64:7d:33:63:65:b6:
e1:d9:29:0c:d3:84:18:f9:87:73:c5:25:b5:0f:97:
41:5a:29:a5:46:7b:c7:e6:2c:0a:c4:a8:85:63:bc:
b7:b1:fe:56:e1:f9:4d:a1:cf:d0:10:a9:21:ca:3b:
46:14:ae:20:09:20:a1:54:d2:85:2c:23:49:b7:7c:
0f:fc:75:91:dc:4a:d7:fb:20:9c:42:bd:4d:8f:5c:
3e:89:c3:ab:9f:15:42:13:6d:e9:17:46:1a:ef:68:
43:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:39:5A:84:D5:3D:85:3C:D4:81:1A:51:4D:72:B9:92:6C:F9:D8:3A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/FzlahNU9hTzUgRpRTXK5kmz52Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:31:8c:86:7d:67:8c:be:cb:60:06:70:c1:7e:82:e5:5b:8b:
d7:29:8c:6c:19:bc:9b:67:c4:f5:59:2a:bd:ca:e0:80:0b:a4:
90:df:b0:5c:da:fd:0c:1e:68:e6:d8:2c:1d:96:9b:5f:80:44:
14:11:d1:ca:4f:33:9d:bc:de:47:43:af:8f:5e:a0:32:3e:4a:
e7:09:e2:22:32:76:f4:1d:72:5a:a3:0c:09:a9:a2:bd:50:9a:
3c:72:a9:90:b3:b1:36:51:80:cd:ac:51:33:5e:04:a3:e2:62:
3c:f4:c7:69:cd:47:bc:ea:a4:4e:85:f5:a7:4e:76:56:62:13:
a7:99:47:5a:79:c8:a5:5b:df:57:d3:3c:32:fb:31:82:05:03:
12:0b:91:0e:99:ee:41:58:f3:a4:50:4f:3a:5e:17:cd:73:a4:
68:d4:f3:6e:a6:d6:aa:97:bb:54:b8:9c:80:92:e2:64:2a:66:
9f:de:27:bf:ee:71:eb:3c:c3:7c:94:d5:b3:a1:27:40:d6:8f:
80:69:04:11:2d:34:16:8a:f6:d9:30:23:7b:29:24:83:33:f2:
a2:4f:95:70:c7:0c:32:bc:ce:f5:98:b8:40:c0:c0:94:dd:7f:
51:ff:c9:7a:78:c3:79:59:13:95:2c:1c:35:8d:f4:e3:15:bd:
b7:4a:3a:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2WKl56qr1LBCJzixEsG0YkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjExMDMxNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzM5NWE4NGQ1M2Q4NTNjZDQ4MTFhNTE0ZDcyYjk5MjZjZjlkODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBvFm8tkgYh9fp4RV0jkIraiTsAo
SojeNUMGryAQp4oLgEGCCK98bEj5+D6VmyrzwHloCF6qAd4gpQBMk90TkOB5K16i
EVGD2B+sdlt4cgxDEwdTdGoTjWCZdOtBQRFFEc/THQCgzl6H8fmJDqrzYcD7OzZA
Kj6CLldv3jLIRSuAsnPSaSYDt6d53HkhWtJf8kEBz4zeiXXknL9B+3JkfTNjZbbh
2SkM04QY+YdzxSW1D5dBWimlRnvH5iwKxKiFY7y3sf5W4flNoc/QEKkhyjtGFK4g
CSChVNKFLCNJt3wP/HWR3ErX+yCcQr1Nj1w+icOrnxVCE23pF0Ya72hDRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBc5WoTVPYU81IEaUU1yuZJs+dg6MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRnpsYWhOVTloVHpVZ1JwUlRYSzVrbXo1MkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIAxjIZ9Z4y+y2AGcMF+
guVbi9cpjGwZvJtnxPVZKr3K4IALpJDfsFza/QweaObYLB2Wm1+ARBQR0cpPM528
3kdDr49eoDI+SucJ4iIydvQdclqjDAmpor1QmjxyqZCzsTZRgM2sUTNeBKPiYjz0
x2nNR7zqpE6F9adOdlZiE6eZR1p5yKVb31fTPDL7MYIFAxILkQ6Z7kFY86RQTzpe
F81zpGjU826m1qqXu1S4nICS4mQqZp/eJ7/uces8w3yU1bOhJ0DWj4BpBBEtNBaK
9tkwI3spJIMz8qJPlXDHDDK8zvWYuEDAwJTdf1H/yXp4w3lZE5UsHDWN9OMVvbdK
OiQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org