Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KDYAkKpbY60PpKlzHGyuNQEVX20.roa
File: KDYAkKpbY60PpKlzHGyuNQEVX20.roa (raw, json)
Hash identifier: UXcM0aEXpkG+kWSujyzg/NK87hwVJSdFh6/oCUDOdrM=
Subject key identifier: 28:36:00:90:AA:5B:63:AD:0F:A4:A9:73:1C:6C:AE:35:01:15:5F:6D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CDB3BD108063A2EC42E1A244962D0151B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KDYAkKpbY60PpKlzHGyuNQEVX20.roa
Signing time: Fri 05 Jan 2024 20:06:19 +0000
ROA not before: Fri 05 Jan 2024 20:06:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:db39:ecc4/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:db:3b:d1:08:06:3a:2e:c4:2e:1a:24:49:62:d0:15:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 5 20:06:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28360090aa5b63ad0fa4a9731c6cae3501155f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2b:79:03:ab:0d:2f:76:cb:75:1b:4b:a8:e5:
5e:8c:d1:33:71:79:44:b4:f5:d7:e5:b3:4d:dc:06:
8a:5e:df:c2:f1:16:d1:c6:c6:49:e1:02:1b:22:9c:
6c:41:d1:d6:29:c6:e2:bb:28:39:91:6f:c7:4e:db:
d3:d1:7f:f6:e6:29:70:d2:3f:47:2a:ce:8f:f9:27:
4c:6f:11:d1:0e:7d:8c:79:2c:78:0e:80:67:b7:66:
f2:b1:74:91:64:68:28:01:e3:24:89:ca:56:2e:b3:
b6:d1:41:f8:b1:fc:29:fb:2e:c8:5d:49:89:d3:e4:
6b:71:cd:f4:af:ab:4c:d2:85:ea:87:a6:fc:86:85:
2a:26:20:b4:46:62:69:21:08:2d:20:3e:0e:ff:96:
f9:44:b3:2f:dd:d0:03:8b:39:ef:f2:62:73:06:36:
15:6e:63:01:01:94:70:6d:e7:ef:84:41:1d:86:22:
05:63:f4:8e:ae:1d:02:a6:71:69:33:68:09:4e:43:
2b:16:1f:e1:e3:53:a9:76:da:87:a8:b7:d3:b0:ca:
82:4f:bb:07:2e:a0:a1:bc:7b:2c:84:71:16:fe:aa:
f4:6a:5b:fb:ee:f7:68:c2:77:6d:3d:81:c0:1a:44:
6d:86:50:29:75:7a:99:e8:8b:57:25:84:1a:5b:27:
8f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:36:00:90:AA:5B:63:AD:0F:A4:A9:73:1C:6C:AE:35:01:15:5F:6D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KDYAkKpbY60PpKlzHGyuNQEVX20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:c4:bf:e3:af:9e:00:fa:48:42:26:c1:da:e2:15:5f:6e:f3:
b6:90:03:b5:1f:20:81:d1:b7:11:e9:f3:58:03:29:4b:ab:ca:
2e:f1:61:4b:98:b8:57:68:d1:98:ee:8d:b3:99:b8:24:4c:fb:
3e:de:08:c7:59:c5:63:65:d4:03:bd:04:8b:f2:1c:63:e9:20:
98:e5:9a:c6:1b:06:6c:c5:c5:a6:60:fc:8d:e0:5e:1b:ce:13:
89:ee:4f:1e:6b:33:dd:04:c2:6d:ab:f3:bb:51:72:49:af:f0:
70:81:ae:d3:eb:95:4d:5c:10:48:41:80:05:ad:76:30:42:be:
0f:fb:26:a0:af:af:cc:f4:68:3a:ac:d5:1e:8e:e2:18:21:01:
a6:39:c5:47:31:2a:95:85:1c:05:fe:31:a2:79:d4:a3:a9:d7:
de:16:4b:6e:e1:b8:d0:ea:4f:5f:ec:8a:3b:c7:77:b8:e9:4b:
48:b9:8d:3e:24:c5:0a:23:29:07:1e:d5:d0:b5:4e:5c:3c:c5:
85:b1:93:0e:79:ac:91:f7:ab:17:8a:56:3e:af:67:01:3f:dd:
d6:2e:89:f2:2e:a6:ec:03:f8:92:66:ef:3a:0d:44:1f:38:20:
6f:06:7d:c9:13:54:5b:4c:94:8c:a2:64:8c:dc:82:6d:c6:ab:
71:7f:f3:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzbO9EIBjouxC4aJEli0BUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA1MjAwNjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODM2MDA5MGFhNWI2M2FkMGZhNGE5NzMxYzZjYWUzNTAxMTU1ZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSt5A6sNL3bLdRtLqOVejNEzcXlE
tPXX5bNN3AaKXt/C8RbRxsZJ4QIbIpxsQdHWKcbiuyg5kW/HTtvT0X/25ilw0j9H
Ks6P+SdMbxHRDn2MeSx4DoBnt2bysXSRZGgoAeMkicpWLrO20UH4sfwp+y7IXUmJ
0+Rrcc30r6tM0oXqh6b8hoUqJiC0RmJpIQgtID4O/5b5RLMv3dADiznv8mJzBjYV
bmMBAZRwbefvhEEdhiIFY/SOrh0CpnFpM2gJTkMrFh/h41OpdtqHqLfTsMqCT7sH
LqChvHsshHEW/qr0alv77vdowndtPYHAGkRthlApdXqZ6ItXJYQaWyePGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCg2AJCqW2OtD6SpcxxsrjUBFV9tMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS0RZQWtLcGJZNjBQcEtsekhHeXVOUUVWWDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHTEv+OvngD6SEImwdri
FV9u87aQA7UfIIHRtxHp81gDKUuryi7xYUuYuFdo0ZjujbOZuCRM+z7eCMdZxWNl
1AO9BIvyHGPpIJjlmsYbBmzFxaZg/I3gXhvOE4nuTx5rM90Ewm2r87tRckmv8HCB
rtPrlU1cEEhBgAWtdjBCvg/7JqCvr8z0aDqs1R6O4hghAaY5xUcxKpWFHAX+MaJ5
1KOp194WS27huNDqT1/sijvHd7jpS0i5jT4kxQojKQce1dC1Tlw8xYWxkw55rJH3
qxeKVj6vZwE/3dYuifIupuwD+JJm7zoNRB84IG8GfckTVFtMlIyiZIzcgm3Gq3F/
80o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org