Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/I4y2oIq997CL5zjV2cr9ubibIcQ.roa
File: I4y2oIq997CL5zjV2cr9ubibIcQ.roa (raw, json)
Hash identifier: Q871t95O6TBAJVChUAxp2gACM4ioUZ6CKUvmpdMhPo4=
Subject key identifier: 23:8C:B6:A0:8A:BD:F7:B0:8B:E7:38:D5:D9:CA:FD:B9:B8:9B:21:C4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DA7892E40CFBF1A698BE7DCF9F53E1341
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/I4y2oIq997CL5zjV2cr9ubibIcQ.roa
Signing time: Wed 14 Feb 2024 12:13:21 +0000
ROA not before: Wed 14 Feb 2024 12:13:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:89:2e:40:cf:bf:1a:69:8b:e7:dc:f9:f5:3e:13:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 14 12:13:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=238cb6a08abdf7b08be738d5d9cafdb9b89b21c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0d:45:ab:d8:27:d8:4b:95:9b:ae:c3:a2:c8:
4e:2c:ee:71:a5:df:82:f8:91:6a:78:ac:bb:3f:f8:
92:fb:6e:88:12:72:02:51:a6:00:13:f3:06:6c:f0:
99:ab:c7:83:90:72:31:a3:ee:88:42:8d:5a:d2:73:
63:40:df:50:a1:5f:17:6c:dc:1b:3c:a6:06:14:a6:
cd:b5:17:ed:d0:f9:cb:85:e5:c3:22:41:6d:83:80:
f2:e8:e3:c1:de:ac:c0:10:79:18:a4:4c:40:29:47:
3c:2c:fa:20:2e:70:80:f3:b8:f3:1f:c2:07:6b:1c:
d6:f7:51:6b:b3:c1:2b:6f:07:b7:62:0c:1d:97:32:
a6:16:24:63:27:51:61:24:d7:32:42:59:66:26:b7:
2a:86:5c:c1:ea:5c:f9:58:09:98:69:77:1d:48:05:
d2:60:ef:17:19:f4:e1:a9:34:0c:f0:78:6f:68:88:
f4:1e:08:d5:96:4b:a5:6e:44:3e:10:6f:04:b9:24:
e2:d7:27:0f:29:2a:15:16:bd:50:e6:64:d9:75:57:
1c:ca:85:c5:b5:ff:f4:6d:49:c0:e5:ae:80:6c:09:
a4:52:0a:ab:fb:9b:54:7e:83:98:b6:88:1a:19:c6:
40:5a:d5:bb:93:e8:fc:6f:cf:e3:ae:d9:35:2e:84:
64:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:8C:B6:A0:8A:BD:F7:B0:8B:E7:38:D5:D9:CA:FD:B9:B8:9B:21:C4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/I4y2oIq997CL5zjV2cr9ubibIcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:6e:73:92:32:fa:37:e8:9c:49:f0:ea:5a:08:31:4e:76:4c:
fd:95:91:c6:6d:06:d1:30:17:77:83:6d:b6:b1:bd:02:fd:98:
7a:66:7a:da:63:fe:74:2c:7e:ca:fa:8b:16:da:0a:a7:fd:3b:
8b:8a:13:37:b2:0b:03:83:71:cc:e9:71:fc:f0:58:ff:47:27:
5a:8d:4a:c0:f0:16:a3:cc:4f:e0:6e:aa:ce:5a:dd:30:ed:17:
2c:2d:6c:37:05:a5:d2:64:0e:a0:0d:e1:3c:7d:6a:68:7e:66:
54:46:2c:9a:b3:5d:94:05:f3:f5:84:0f:19:c6:dd:f8:db:b0:
86:34:90:55:44:4a:b1:c8:51:d2:1d:86:37:a6:d1:d9:b7:43:
7e:d1:89:a3:cc:ee:20:f8:d1:33:6a:28:29:7e:dc:3a:35:a0:
6d:3d:34:ce:2e:f7:e7:c2:ba:b5:e4:10:34:cf:be:34:8e:d9:
e6:3d:5e:49:31:59:09:e4:55:cb:e5:e7:fb:7d:57:ef:bf:c9:
33:e6:87:a3:33:e0:19:da:5c:8e:9f:a1:ce:48:5c:a1:b8:33:
9d:f1:3a:81:2a:8d:dd:4c:2d:11:de:e8:00:f2:47:7a:41:d7:
67:93:80:e7:2b:dc:08:ed:b0:3c:06:01:21:3f:68:5e:2f:6b:
3c:ba:68:b1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2niS5Az78aaYvn3Pn1PhNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE0MTIxMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzhjYjZhMDhhYmRmN2IwOGJlNzM4ZDVkOWNhZmRiOWI4OWIyMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2w1Fq9gn2EuVm67DoshOLO5xpd+C
+JFqeKy7P/iS+26IEnICUaYAE/MGbPCZq8eDkHIxo+6IQo1a0nNjQN9QoV8XbNwb
PKYGFKbNtRft0PnLheXDIkFtg4Dy6OPB3qzAEHkYpExAKUc8LPogLnCA87jzH8IH
axzW91Frs8Erbwe3YgwdlzKmFiRjJ1FhJNcyQllmJrcqhlzB6lz5WAmYaXcdSAXS
YO8XGfThqTQM8HhvaIj0HgjVlkulbkQ+EG8EuSTi1ycPKSoVFr1Q5mTZdVccyoXF
tf/0bUnA5a6AbAmkUgqr+5tUfoOYtogaGcZAWtW7k+j8b8/jrtk1LoRklwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCOMtqCKvfewi+c41dnK/bm4myHEMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSTR5Mm9JcTk5N0NMNXpqVjJjcjl1YmliSWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAJuc5Iy+jfonEnw6loI
MU52TP2VkcZtBtEwF3eDbbaxvQL9mHpmetpj/nQsfsr6ixbaCqf9O4uKEzeyCwOD
cczpcfzwWP9HJ1qNSsDwFqPMT+Buqs5a3TDtFywtbDcFpdJkDqAN4Tx9amh+ZlRG
LJqzXZQF8/WEDxnG3fjbsIY0kFVESrHIUdIdhjem0dm3Q37RiaPM7iD40TNqKCl+
3Do1oG09NM4u9+fCurXkEDTPvjSO2eY9XkkxWQnkVcvl5/t9V++/yTPmh6Mz4Bna
XI6foc5IXKG4M53xOoEqjd1MLRHe6ADyR3pB12eTgOcr3AjtsDwGASE/aF4vazy6
aLE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org