Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/I97PB0tPjxc5L1HhF2MaPcwTPrc.roa
File: I97PB0tPjxc5L1HhF2MaPcwTPrc.roa (raw, json)
Hash identifier: JOf/Oc30NNcotmIsOU4gYV8u2UBbzktuPMj0SO95qVY=
Subject key identifier: 23:DE:CF:07:4B:4F:8F:17:39:2F:51:E1:17:63:1A:3D:CC:13:3E:B7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9C2BFF5C3BBC68BEC036C639751C522C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/I97PB0tPjxc5L1HhF2MaPcwTPrc.roa
Signing time: Sun 24 Dec 2023 14:12:58 +0000
ROA not before: Sun 24 Dec 2023 14:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9c:2b:ff:5c:3b:bc:68:be:c0:36:c6:39:75:1c:52:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 24 14:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23decf074b4f8f17392f51e117631a3dcc133eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:95:0a:bd:99:4a:a0:b7:60:ef:f9:ac:04:cc:
0d:61:57:04:f9:cc:08:bd:47:12:91:b9:76:a5:28:
b7:ac:6d:4e:a4:3b:37:0c:31:73:8e:7a:c7:3d:68:
30:78:c9:30:ef:37:ba:de:cc:41:68:d8:d1:5e:bc:
8c:08:dc:1f:ac:b5:5b:b7:2e:79:1d:f4:ab:cf:7e:
94:5c:4f:9c:d6:63:62:42:ec:00:24:0a:ae:66:68:
58:e5:02:42:57:00:4d:f5:84:ff:30:87:7f:34:1e:
9a:c6:97:1d:ac:1e:26:26:81:72:04:ec:10:f3:d9:
31:e0:58:ad:ef:4c:4f:05:c5:15:25:48:15:6c:24:
66:96:02:88:eb:cd:c0:5d:c5:6d:48:ab:63:30:ad:
d3:16:d4:0d:3d:16:1d:4d:c4:aa:99:07:c7:b9:25:
c2:c0:5b:1f:6f:80:1e:f2:8f:0e:82:5b:c2:2d:a1:
02:f9:27:6d:d2:ed:3b:6b:61:60:ef:8d:87:03:f9:
70:d5:49:8a:87:9c:33:ab:9a:ff:69:ca:07:a4:20:
62:ba:f6:10:27:7d:7d:30:2a:a4:45:15:85:60:f4:
ca:fe:79:bf:c4:e3:dc:9e:10:29:d3:f6:51:96:e6:
23:41:db:8b:32:0b:76:13:ba:ab:76:31:dc:ad:5b:
e1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:DE:CF:07:4B:4F:8F:17:39:2F:51:E1:17:63:1A:3D:CC:13:3E:B7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/I97PB0tPjxc5L1HhF2MaPcwTPrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:9c:e5:a9:8f:b6:45:e1:6c:18:59:de:22:76:28:d0:8d:7b:
47:d8:f8:7b:89:7d:d7:65:70:1a:a1:44:92:a1:4e:f0:48:ab:
25:5c:ec:6b:be:cf:17:57:37:72:84:b2:a8:60:77:b0:4b:53:
a7:54:11:44:05:d7:7c:50:f2:c3:86:27:8a:7e:53:88:74:d3:
9f:be:c1:fa:bc:7f:b3:05:4d:28:e8:2a:42:ef:6e:b1:3d:60:
a4:a0:00:6c:0e:e1:12:73:f0:83:8d:19:c3:19:07:07:fc:cb:
6b:62:d4:b3:5a:86:29:8b:da:98:5c:92:9c:28:b6:53:da:87:
d7:c7:aa:90:c3:1b:08:d7:65:6b:ac:87:e4:2b:5a:4e:6d:fb:
d9:ef:c3:30:88:c1:98:55:5f:45:41:c2:0e:00:d2:02:7f:cb:
e7:5f:4e:d8:02:25:a8:e6:c8:bf:03:6a:74:a7:c1:78:e5:bc:
d2:6d:0c:2b:9e:ca:25:5a:2f:25:3a:b0:4a:18:0c:d4:d6:a1:
e2:e7:93:64:9d:08:bf:b9:76:4c:d6:be:99:b1:14:5b:05:1e:
cc:ea:44:9d:35:52:fc:50:ae:44:67:48:18:16:78:02:8c:86:
25:72:6c:3c:d5:0d:dc:48:d7:86:70:fc:f4:88:ea:33:79:4e:
6c:81:78:06
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYycK/9cO7xovsA2xjl1HFIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI0MTQxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2RlY2YwNzRiNGY4ZjE3MzkyZjUxZTExNzYzMWEzZGNjMTMzZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppUKvZlKoLdg7/msBMwNYVcE+cwI
vUcSkbl2pSi3rG1OpDs3DDFzjnrHPWgweMkw7ze63sxBaNjRXryMCNwfrLVbty55
HfSrz36UXE+c1mNiQuwAJAquZmhY5QJCVwBN9YT/MId/NB6axpcdrB4mJoFyBOwQ
89kx4Fit70xPBcUVJUgVbCRmlgKI683AXcVtSKtjMK3TFtQNPRYdTcSqmQfHuSXC
wFsfb4Ae8o8OglvCLaEC+Sdt0u07a2Fg742HA/lw1UmKh5wzq5r/acoHpCBiuvYQ
J319MCqkRRWFYPTK/nm/xOPcnhAp0/ZRluYjQduLMgt2E7qrdjHcrVvh/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCPezwdLT48XOS9R4RdjGj3MEz63MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSTk3UEIwdFBqeGM1TDFIaEYyTWFQY3dUUHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKOc5amPtkXhbBhZ3iJ2
KNCNe0fY+HuJfddlcBqhRJKhTvBIqyVc7Gu+zxdXN3KEsqhgd7BLU6dUEUQF13xQ
8sOGJ4p+U4h005++wfq8f7MFTSjoKkLvbrE9YKSgAGwO4RJz8IONGcMZBwf8y2ti
1LNahimL2phckpwotlPah9fHqpDDGwjXZWush+QrWk5t+9nvwzCIwZhVX0VBwg4A
0gJ/y+dfTtgCJajmyL8DanSnwXjlvNJtDCueyiVaLyU6sEoYDNTWoeLnk2SdCL+5
dkzWvpmxFFsFHszqRJ01UvxQrkRnSBgWeAKMhiVybDzVDdxI14Zw/PSI6jN5TmyB
eAY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org