Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Idk9Ik02lpj6jPv00mg5eSfLdF8.roa
File: Idk9Ik02lpj6jPv00mg5eSfLdF8.roa (raw, json)
Hash identifier: tRFLq2RjMCP2x6vhl2yz9JV+klNvbGBUejdKTRzZfM0=
Subject key identifier: 21:D9:3D:22:4D:36:96:98:FA:8C:FB:F4:D2:68:39:79:27:CB:74:5F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DEE2043F430C05ED3AC8A2AB9DA510B57
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Idk9Ik02lpj6jPv00mg5eSfLdF8.roa
Signing time: Wed 28 Feb 2024 05:11:48 +0000
ROA not before: Wed 28 Feb 2024 05:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ee:20:43:f4:30:c0:5e:d3:ac:8a:2a:b9:da:51:0b:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 28 05:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21d93d224d369698fa8cfbf4d268397927cb745f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:87:90:b0:d6:d9:24:d4:7b:70:d3:5d:46:cc:
b7:5e:72:b8:43:1a:38:d2:0b:bd:46:78:d3:8d:d7:
8d:dc:f9:2b:38:d3:e9:6d:82:5e:91:00:b9:76:71:
45:7c:ce:62:f1:80:0a:0d:09:1c:29:94:c2:47:f1:
66:3a:bf:5b:a6:b1:5d:3f:95:d6:75:f3:a1:bc:bb:
ad:36:c0:32:9e:2f:aa:91:83:2e:c7:57:32:d5:2e:
c5:57:02:bc:bb:51:39:2b:35:93:46:dd:da:23:c0:
b9:9d:5a:55:f2:0f:72:e3:0a:b8:dd:1a:00:83:72:
75:09:78:cc:d3:18:79:0a:5f:7c:75:79:ff:53:86:
db:77:c2:c3:4c:22:97:80:ce:fc:64:c5:77:df:5d:
9c:f1:01:9c:a6:fe:de:a8:83:f3:5a:bf:75:ae:93:
bd:3a:c6:16:70:60:a4:56:92:3a:ff:59:a5:d8:97:
94:b4:9d:15:e5:f3:78:8e:c1:6c:0c:7f:71:a9:71:
16:8b:20:6e:a8:72:d6:bf:6c:bc:1e:0a:ee:a1:3b:
26:2e:ba:70:5a:5e:98:ed:5e:22:da:d2:61:4c:46:
1c:91:dd:d9:a5:a1:08:43:e5:81:f3:bb:5c:0b:3f:
a9:bf:40:7f:ee:c7:a8:69:58:75:36:93:d2:f0:da:
cc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D9:3D:22:4D:36:96:98:FA:8C:FB:F4:D2:68:39:79:27:CB:74:5F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Idk9Ik02lpj6jPv00mg5eSfLdF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:65:43:5c:88:2d:9e:cf:80:fe:f2:17:99:52:96:5d:6b:48:
bf:8c:6a:25:8f:6b:a1:24:f7:a4:47:a2:9f:f6:8b:f2:a6:b6:
ff:8e:82:f2:e7:3b:68:a2:8a:89:4e:c2:3d:bd:6f:32:57:f5:
5c:a9:0b:5c:ce:4b:44:81:ed:ca:67:d8:31:b3:58:bf:d1:03:
0f:88:50:fb:0c:48:12:80:e8:f9:b3:30:8b:2e:06:c9:b0:d6:
48:1a:28:c6:6d:2f:c1:10:55:e5:44:b4:ba:4e:c9:5b:a7:ec:
87:66:b6:85:01:2a:5d:3b:cc:cc:70:0a:01:6a:e0:56:45:72:
49:f5:75:86:10:a2:6a:91:80:51:f2:64:20:53:c5:a3:55:06:
33:4e:b5:4f:98:37:09:f3:80:93:ce:06:0f:3c:c0:68:b9:44:
06:ee:34:b2:75:d7:ea:63:88:95:ee:76:d7:23:39:82:29:0c:
35:cc:bf:c9:9f:3d:dd:89:b6:1d:a1:26:b6:14:bc:30:d4:fc:
a3:f8:07:f6:1c:31:34:28:cf:d5:11:12:b7:40:11:34:1b:03:
a7:f1:e4:2b:78:94:7f:80:09:22:35:9d:01:18:8d:4e:b6:28:
1c:67:3a:0c:55:f9:de:9d:b7:e9:b0:bf:11:39:f0:e7:6c:de:
8d:e1:df:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3uIEP0MMBe06yKKrnaUQtXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI4MDUxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQ5M2QyMjRkMzY5Njk4ZmE4Y2ZiZjRkMjY4Mzk3OTI3Y2I3NDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YeQsNbZJNR7cNNdRsy3XnK4Qxo4
0gu9RnjTjdeN3PkrONPpbYJekQC5dnFFfM5i8YAKDQkcKZTCR/FmOr9bprFdP5XW
dfOhvLutNsAyni+qkYMux1cy1S7FVwK8u1E5KzWTRt3aI8C5nVpV8g9y4wq43RoA
g3J1CXjM0xh5Cl98dXn/U4bbd8LDTCKXgM78ZMV3312c8QGcpv7eqIPzWr91rpO9
OsYWcGCkVpI6/1ml2JeUtJ0V5fN4jsFsDH9xqXEWiyBuqHLWv2y8HgruoTsmLrpw
Wl6Y7V4i2tJhTEYckd3ZpaEIQ+WB87tcCz+pv0B/7seoaVh1NpPS8NrMDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCHZPSJNNpaY+oz79NJoOXkny3RfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSWRrOUlrMDJscGo2alB2MDBtZzVlU2ZMZEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJllQ1yILZ7PgP7yF5lS
ll1rSL+MaiWPa6Ek96RHop/2i/Kmtv+OgvLnO2iiiolOwj29bzJX9VypC1zOS0SB
7cpn2DGzWL/RAw+IUPsMSBKA6PmzMIsuBsmw1kgaKMZtL8EQVeVEtLpOyVun7Idm
toUBKl07zMxwCgFq4FZFckn1dYYQomqRgFHyZCBTxaNVBjNOtU+YNwnzgJPOBg88
wGi5RAbuNLJ11+pjiJXudtcjOYIpDDXMv8mfPd2Jth2hJrYUvDDU/KP4B/YcMTQo
z9URErdAETQbA6fx5Ct4lH+ACSI1nQEYjU62KBxnOgxV+d6dt+mwvxE58Ods3o3h
304=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org