Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Jetm9beWRm9RLD4Tg2ApitFCW2Q.roa
File: Jetm9beWRm9RLD4Tg2ApitFCW2Q.roa (raw, json)
Hash identifier: VrkC2o3iWguoljqVU5XGODzFsPzk4lOeoTho6ZLMtdk=
Subject key identifier: 25:EB:66:F5:B7:96:46:6F:51:2C:3E:13:83:60:29:8A:D1:42:5B:64
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ECA7F5752101D15A1E8FC10EBB1183028
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Jetm9beWRm9RLD4Tg2ApitFCW2Q.roa
Signing time: Thu 11 Apr 2024 00:12:06 +0000
ROA not before: Thu 11 Apr 2024 00:12:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ca:7f:57:52:10:1d:15:a1:e8:fc:10:eb:b1:18:30:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 11 00:12:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25eb66f5b796466f512c3e138360298ad1425b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:f5:ff:c7:35:02:f1:98:90:64:fd:43:2b:02:
dc:51:74:ab:9f:3d:27:77:9c:c3:02:af:99:d6:eb:
b7:aa:fb:1d:bc:b4:df:73:75:f3:89:68:54:67:79:
28:02:85:b3:b6:1c:74:53:0e:b8:c8:a3:db:ac:c6:
4f:a3:31:97:3c:63:e4:7f:5c:f9:a0:57:e4:1d:05:
97:60:a0:79:bb:ee:39:76:cb:7a:ba:87:12:10:c0:
c2:9d:2f:22:fc:d9:e7:61:44:41:23:5b:d2:3d:c1:
5e:f8:46:35:78:a3:a3:9a:6d:49:6d:01:1d:5b:ae:
ab:7f:28:49:e7:83:b9:40:78:23:d5:bd:8b:f8:d9:
a9:9f:86:d1:56:0e:25:16:23:59:73:7b:ae:38:bb:
23:7d:1d:3e:c9:45:a0:66:5f:3d:e6:2f:66:1b:b2:
a7:d9:1d:b0:61:75:22:41:59:6d:2b:19:a8:96:da:
e2:76:e7:cc:23:2d:f9:d7:43:38:ce:c7:07:7a:92:
cb:54:c6:a8:cd:df:1c:8c:56:88:18:cc:eb:a9:4c:
09:d1:46:86:7e:b1:f4:78:88:55:73:de:da:d3:6d:
2b:c8:38:21:da:89:25:94:58:bc:56:6f:f9:34:bf:
8c:81:08:b3:f8:c1:ab:bf:a5:71:2d:89:0a:f1:85:
22:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:EB:66:F5:B7:96:46:6F:51:2C:3E:13:83:60:29:8A:D1:42:5B:64
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Jetm9beWRm9RLD4Tg2ApitFCW2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:4d:58:6d:24:b2:f5:9d:d4:15:92:65:5d:b0:66:eb:6e:56:
cb:d1:89:bd:20:98:4e:a6:a4:78:88:67:cc:99:fc:2d:58:ec:
e8:fc:e2:8b:06:8f:29:79:a0:9b:e6:64:9f:86:1b:d5:3d:19:
95:b3:c1:07:07:88:08:c4:93:70:9d:db:22:5b:5f:37:bb:e3:
c6:31:c0:59:a6:94:c1:db:ac:e1:fb:17:f2:52:38:aa:f6:96:
1c:7d:ab:79:95:10:2a:df:b7:b7:48:de:8e:dd:6e:e4:26:34:
ab:21:3a:95:ab:37:bc:df:91:c6:57:76:d7:d4:de:f2:3c:06:
67:ee:b3:5c:0d:c8:19:57:fa:57:d6:14:3d:21:2a:8f:9a:8c:
4b:50:55:6a:7e:0d:78:42:45:39:5d:9c:37:91:08:84:85:7e:
71:1c:76:a1:b3:eb:4d:01:e1:ba:35:bd:9b:7b:a9:b6:2e:7b:
79:4d:15:1a:4d:62:24:77:dc:82:f2:e3:3f:40:64:82:4e:1b:
dc:a5:71:44:71:68:1c:33:25:6b:38:ba:04:61:f0:7e:2c:56:
06:05:3e:69:4e:af:79:e7:15:9c:30:a6:9a:d5:83:68:f4:cd:
ea:fa:18:73:c7:a1:20:ec:30:19:39:88:7a:ee:bb:41:99:82:
e5:2d:d5:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7Kf1dSEB0Voej8EOuxGDAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDExMDAxMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWViNjZmNWI3OTY0NjZmNTEyYzNlMTM4MzYwMjk4YWQxNDI1YjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vX/xzUC8ZiQZP1DKwLcUXSrnz0n
d5zDAq+Z1uu3qvsdvLTfc3XziWhUZ3koAoWzthx0Uw64yKPbrMZPozGXPGPkf1z5
oFfkHQWXYKB5u+45dst6uocSEMDCnS8i/NnnYURBI1vSPcFe+EY1eKOjmm1JbQEd
W66rfyhJ54O5QHgj1b2L+Nmpn4bRVg4lFiNZc3uuOLsjfR0+yUWgZl895i9mG7Kn
2R2wYXUiQVltKxmoltridufMIy3510M4zscHepLLVMaozd8cjFaIGMzrqUwJ0UaG
frH0eIhVc97a020ryDgh2okllFi8Vm/5NL+MgQiz+MGrv6VxLYkK8YUiBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCXrZvW3lkZvUSw+E4NgKYrRQltkMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSmV0bTliZVdSbTlSTEQ0VGcyQXBpdEZDVzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF1NWG0ksvWd1BWSZV2w
ZutuVsvRib0gmE6mpHiIZ8yZ/C1Y7Oj84osGjyl5oJvmZJ+GG9U9GZWzwQcHiAjE
k3Cd2yJbXze748YxwFmmlMHbrOH7F/JSOKr2lhx9q3mVECrft7dI3o7dbuQmNKsh
OpWrN7zfkcZXdtfU3vI8Bmfus1wNyBlX+lfWFD0hKo+ajEtQVWp+DXhCRTldnDeR
CISFfnEcdqGz600B4bo1vZt7qbYue3lNFRpNYiR33ILy4z9AZIJOG9ylcURxaBwz
JWs4ugRh8H4sVgYFPmlOr3nnFZwwpprVg2j0zer6GHPHoSDsMBk5iHruu0GZguUt
1Qc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org