Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IU4iO0SwsLb_DdLddUoN8WnxQlM.roa
File: IU4iO0SwsLb_DdLddUoN8WnxQlM.roa (raw, json)
Hash identifier: FIjBtZ9u5SOayfuFm+ovG0R3QTxcLOaYofD9ed90vMQ=
Subject key identifier: 21:4E:22:3B:44:B0:B0:B6:FF:0D:D2:DD:75:4A:0D:F1:69:F1:42:53
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DAAF900C87CB1A7017AC21E3DF40F5079
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IU4iO0SwsLb_DdLddUoN8WnxQlM.roa
Signing time: Thu 15 Feb 2024 04:14:21 +0000
ROA not before: Thu 15 Feb 2024 04:14:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:aa:f9:00:c8:7c:b1:a7:01:7a:c2:1e:3d:f4:0f:50:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 15 04:14:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=214e223b44b0b0b6ff0dd2dd754a0df169f14253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3e:45:36:e1:82:17:4f:be:2e:64:ed:1a:f0:
5a:3e:a8:ac:1f:d8:c8:09:af:c3:0e:1d:23:41:7b:
6c:f6:7f:a3:09:75:a3:4d:ab:44:30:c6:91:86:a8:
b4:49:6a:d1:42:6a:38:07:c5:d3:ab:92:12:4e:0a:
95:4a:40:7f:47:a1:f2:34:67:fd:ef:21:a8:99:af:
5a:4c:20:63:27:e9:74:f7:97:32:2f:d3:f4:1c:98:
34:85:70:4f:a3:c4:0f:2f:d1:73:5e:b2:01:7b:f7:
ce:fa:f2:5f:f9:31:d9:e4:6c:1c:14:03:09:c8:66:
34:f3:0a:6a:90:b1:1c:a4:2f:36:34:00:52:4f:4f:
b4:c6:35:60:2f:37:d7:34:0d:d2:09:63:c8:3c:94:
39:94:cd:83:f0:1c:71:92:03:c3:38:45:60:93:86:
0d:7b:a2:a6:33:61:37:9a:09:fb:e3:d4:7e:eb:ed:
e9:39:15:08:76:f3:34:3d:9f:96:c6:a4:f7:5a:37:
09:cb:96:d9:6a:62:f2:8f:4d:1f:8b:ba:42:cc:75:
e2:9c:3d:b3:ca:19:7b:b0:8c:08:a4:37:83:41:83:
9c:61:d3:35:59:bc:d1:8d:e5:62:b9:34:86:c6:fe:
41:02:0d:1e:90:4d:71:1b:80:d9:2d:27:c8:ea:3f:
3a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4E:22:3B:44:B0:B0:B6:FF:0D:D2:DD:75:4A:0D:F1:69:F1:42:53
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IU4iO0SwsLb_DdLddUoN8WnxQlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:07:09:40:8e:f4:d3:f9:55:92:d9:25:3e:46:0d:af:5e:e7:
25:a5:2a:65:0b:e5:b9:49:1d:2f:e0:76:ac:3f:a1:d9:e2:3f:
ef:e1:9b:4b:43:a4:89:f6:f5:cd:ca:b3:db:25:c7:ab:c5:ae:
68:52:12:cd:7e:13:00:aa:75:3b:31:1e:d8:d5:63:9f:d1:57:
8f:b5:eb:de:37:fe:0d:a9:10:83:cd:6a:e0:1a:78:64:2e:10:
29:18:76:93:82:03:07:08:0c:23:67:7d:be:4b:fc:7b:b1:12:
61:61:2d:98:71:7b:24:07:56:d9:a7:f6:15:eb:94:97:a2:ec:
84:6b:5b:65:c4:c6:a5:6b:ac:35:2c:b2:14:22:d1:fa:bf:66:
4e:95:96:56:76:8b:d1:dd:43:31:68:9e:cc:80:b5:ae:36:76:
5c:32:a5:04:4d:e3:a7:a1:12:75:81:44:7d:87:4c:f0:d3:7e:
c4:68:19:2b:a6:56:e9:76:c5:98:eb:9b:1a:e7:a8:d2:99:27:
0c:61:ef:95:c6:ef:04:36:20:8b:1f:6a:27:fe:c2:5b:b9:48:
42:de:cc:dd:e9:61:a1:10:c4:c1:fb:40:68:85:44:f9:c7:cc:
71:8b:7a:94:9b:f7:35:c3:33:8d:03:23:5a:fa:73:28:5c:30:
4e:68:74:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2q+QDIfLGnAXrCHj30D1B5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE1MDQxNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTRlMjIzYjQ0YjBiMGI2ZmYwZGQyZGQ3NTRhMGRmMTY5ZjE0MjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD5FNuGCF0++LmTtGvBaPqisH9jI
Ca/DDh0jQXts9n+jCXWjTatEMMaRhqi0SWrRQmo4B8XTq5ISTgqVSkB/R6HyNGf9
7yGoma9aTCBjJ+l095cyL9P0HJg0hXBPo8QPL9FzXrIBe/fO+vJf+THZ5GwcFAMJ
yGY08wpqkLEcpC82NABST0+0xjVgLzfXNA3SCWPIPJQ5lM2D8BxxkgPDOEVgk4YN
e6KmM2E3mgn749R+6+3pORUIdvM0PZ+WxqT3WjcJy5bZamLyj00fi7pCzHXinD2z
yhl7sIwIpDeDQYOcYdM1WbzRjeViuTSGxv5BAg0ekE1xG4DZLSfI6j86MwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCFOIjtEsLC2/w3S3XVKDfFp8UJTMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSVU0aU8wU3dzTGJfRGRMZGRVb044V254UWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABAHCUCO9NP5VZLZJT5G
Da9e5yWlKmUL5blJHS/gdqw/odniP+/hm0tDpIn29c3Ks9slx6vFrmhSEs1+EwCq
dTsxHtjVY5/RV4+16943/g2pEIPNauAaeGQuECkYdpOCAwcIDCNnfb5L/HuxEmFh
LZhxeyQHVtmn9hXrlJei7IRrW2XExqVrrDUsshQi0fq/Zk6VllZ2i9HdQzFonsyA
ta42dlwypQRN46ehEnWBRH2HTPDTfsRoGSumVul2xZjrmxrnqNKZJwxh75XG7wQ2
IIsfaif+wlu5SELezN3pYaEQxMH7QGiFRPnHzHGLepSb9zXDM40DI1r6cyhcME5o
dPs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org