Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KCTMFVHtitRN6S2VeA-NcDDs73s.roa
File: KCTMFVHtitRN6S2VeA-NcDDs73s.roa (raw, json)
Hash identifier: z7dnIb+Fq3jK62hljS/jj/b/CpSAMnWWlWuu6q2isaQ=
Subject key identifier: 28:24:CC:15:51:ED:8A:D4:4D:E9:2D:95:78:0F:8D:70:30:EC:EF:7B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D517DDD61E16AF5DDCD22BD5A1D4ECF60
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KCTMFVHtitRN6S2VeA-NcDDs73s.roa
Signing time: Sun 28 Jan 2024 19:13:39 +0000
ROA not before: Sun 28 Jan 2024 19:13:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:51:7d:dd:61:e1:6a:f5:dd:cd:22:bd:5a:1d:4e:cf:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 28 19:13:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2824cc1551ed8ad44de92d95780f8d7030ecef7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:10:5c:52:d7:04:ac:ea:fe:39:94:a1:2c:21:
b5:e7:ff:3c:24:5b:71:3d:e3:94:e7:19:bd:06:21:
9d:9c:b6:86:96:1c:a9:d9:48:18:45:e1:b0:bc:8f:
66:0d:0c:81:0d:44:20:3d:df:58:c6:53:25:ec:7b:
9c:1e:a3:4c:32:25:5b:99:6d:28:b8:3c:80:d4:36:
14:64:a8:e4:86:d9:83:cb:e6:31:bf:4b:7e:2b:77:
97:94:08:9a:00:8a:8a:a0:e6:6a:bc:c6:b9:59:a2:
b0:87:48:ca:6e:df:9b:bc:dd:34:e1:79:8f:3d:a4:
3c:82:f6:79:e5:73:40:7a:3a:e3:78:53:c5:b5:6d:
a3:a7:f5:9c:99:5b:4c:b2:63:23:a5:80:22:09:ce:
e2:d3:dd:56:e4:49:77:4f:44:e7:28:ab:8e:e9:1a:
ff:28:22:e1:7b:3b:12:e8:7d:bf:5f:6c:0f:63:35:
2c:e6:f4:0f:c6:ba:a4:d3:43:3b:1e:53:09:27:3c:
1f:7d:35:da:14:5c:48:25:46:9e:7d:63:fc:0c:e2:
d2:b2:39:e8:60:50:af:82:79:18:e7:b3:6e:0b:e4:
51:b4:a1:cc:05:b2:75:e4:84:e4:67:a8:e2:80:b8:
a7:d2:4f:27:37:b9:93:5d:dc:8c:41:a6:f9:48:63:
56:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:24:CC:15:51:ED:8A:D4:4D:E9:2D:95:78:0F:8D:70:30:EC:EF:7B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KCTMFVHtitRN6S2VeA-NcDDs73s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:57:17:4c:12:4a:01:f4:7a:10:a8:fd:93:eb:97:83:b6:15:
e4:d8:01:7e:f6:33:8c:56:09:ea:20:e7:5a:14:a5:b1:20:f4:
1b:44:65:2e:f3:fb:5e:3c:9b:64:94:4a:02:d7:f5:8f:cc:17:
b3:63:5a:a4:65:04:61:e2:b6:81:86:ac:02:46:55:f4:95:99:
ac:68:0c:32:3b:fb:c1:76:67:23:77:d7:51:dc:9c:46:cc:68:
32:23:07:b0:70:0f:fc:5c:6f:10:32:ce:92:19:75:c3:04:bc:
43:72:15:ce:77:d9:88:27:a1:96:ff:d5:39:12:0d:42:54:69:
59:0f:50:4d:bb:55:6c:ac:af:b1:43:0d:a6:81:7c:6d:5e:41:
71:d6:88:a5:6d:62:a6:3e:77:b4:06:b1:3b:32:3d:12:c5:17:
10:20:f0:64:ce:42:0c:05:81:c7:23:45:e4:10:a2:43:13:88:
bf:5b:5b:a3:74:38:4b:b9:fa:54:eb:e3:e9:ae:20:04:03:15:
d1:f1:72:5d:07:d8:90:a5:4d:e8:9a:08:ab:ed:db:db:49:b7:
3b:36:5c:4a:ff:c9:86:e1:a1:2c:fd:16:d0:61:42:1c:a9:5f:
af:6f:4e:9a:9d:0d:5e:42:e2:da:18:3a:f9:f1:2f:cb:7f:6a:
29:a0:d8:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1Rfd1h4Wr13c0ivVodTs9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI4MTkxMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODI0Y2MxNTUxZWQ4YWQ0NGRlOTJkOTU3ODBmOGQ3MDMwZWNlZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRBcUtcErOr+OZShLCG15/88JFtx
PeOU5xm9BiGdnLaGlhyp2UgYReGwvI9mDQyBDUQgPd9YxlMl7HucHqNMMiVbmW0o
uDyA1DYUZKjkhtmDy+Yxv0t+K3eXlAiaAIqKoOZqvMa5WaKwh0jKbt+bvN004XmP
PaQ8gvZ55XNAejrjeFPFtW2jp/WcmVtMsmMjpYAiCc7i091W5El3T0TnKKuO6Rr/
KCLhezsS6H2/X2wPYzUs5vQPxrqk00M7HlMJJzwffTXaFFxIJUaefWP8DOLSsjno
YFCvgnkY57NuC+RRtKHMBbJ15ITkZ6jigLin0k8nN7mTXdyMQab5SGNW5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCgkzBVR7YrUTektlXgPjXAw7O97MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS0NUTUZWSHRpdFJONlMyVmVBLU5jRERzNzNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABZXF0wSSgH0ehCo/ZPr
l4O2FeTYAX72M4xWCeog51oUpbEg9BtEZS7z+148m2SUSgLX9Y/MF7NjWqRlBGHi
toGGrAJGVfSVmaxoDDI7+8F2ZyN311HcnEbMaDIjB7BwD/xcbxAyzpIZdcMEvENy
Fc532YgnoZb/1TkSDUJUaVkPUE27VWysr7FDDaaBfG1eQXHWiKVtYqY+d7QGsTsy
PRLFFxAg8GTOQgwFgccjReQQokMTiL9bW6N0OEu5+lTr4+muIAQDFdHxcl0H2JCl
TeiaCKvt29tJtzs2XEr/yYbhoSz9FtBhQhypX69vTpqdDV5C4toYOvnxL8t/aimg
2Gc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:33 2025 by rpki-client