Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KFh4kAvLHHAspjokPHznoxR6Nvw.roa
File: KFh4kAvLHHAspjokPHznoxR6Nvw.roa (raw, json)
Hash identifier: XOdxqrD2zwflQTSoM9JCO8H9dbuiJEbnjqUoUM7PANM=
Subject key identifier: 28:58:78:90:0B:CB:1C:70:2C:A6:3A:24:3C:7C:E7:A3:14:7A:36:FC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EC635196D1059FB8428DE85F5E501E0A9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KFh4kAvLHHAspjokPHznoxR6Nvw.roa
Signing time: Wed 10 Apr 2024 04:12:32 +0000
ROA not before: Wed 10 Apr 2024 04:12:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c6:35:19:6d:10:59:fb:84:28:de:85:f5:e5:01:e0:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 10 04:12:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=285878900bcb1c702ca63a243c7ce7a3147a36fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4f:b7:c1:eb:53:6b:bf:4d:47:02:8b:ae:dc:
30:f5:64:20:78:23:48:5d:49:89:f4:ff:c2:99:4a:
c7:85:a1:48:f4:ba:d1:b5:75:3c:1c:0e:c4:45:2e:
27:eb:03:56:cb:61:be:63:75:8d:a1:d6:2c:2a:d0:
ae:00:dc:48:10:f5:a8:52:ab:27:08:72:9f:1f:f6:
05:87:af:29:2d:02:99:de:b0:d0:9b:14:4d:2c:b3:
62:e8:62:95:90:e7:42:9b:80:3d:f8:5f:f1:05:2d:
6a:94:e9:d3:6b:2b:40:de:8d:86:3b:23:96:a0:6f:
e4:85:8b:02:e0:87:1e:1b:a6:54:fb:8a:a2:1f:ab:
6c:96:94:dc:37:12:b4:07:dd:52:aa:47:3c:4b:c1:
3f:d0:6a:1d:28:ea:7f:fd:c3:58:a5:b5:e2:51:7e:
4f:ac:8a:23:e9:09:62:e5:44:88:6f:77:26:f9:20:
77:c0:00:91:1f:2d:fa:e5:c5:26:be:4f:d2:41:1f:
df:0d:cb:20:4d:8b:b3:b6:8f:3e:c2:e9:5b:46:d5:
b0:a7:7c:0b:3a:f4:95:cc:2b:cd:be:e6:3a:98:e5:
90:eb:03:1f:19:c8:73:11:de:c7:e7:ca:10:8b:45:
0a:0c:d2:b5:ac:f8:dd:de:42:c2:26:e8:7c:5c:0a:
bb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:58:78:90:0B:CB:1C:70:2C:A6:3A:24:3C:7C:E7:A3:14:7A:36:FC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KFh4kAvLHHAspjokPHznoxR6Nvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:3e:9b:f7:57:3b:9a:e9:d2:5d:08:76:ee:65:49:0c:2f:23:
6b:b0:fd:2c:6d:9a:d2:4e:b4:cf:22:64:f7:23:63:c4:cf:f9:
9f:b3:e3:75:16:73:ca:f0:0b:85:f6:a2:29:31:43:83:ce:a5:
d9:3a:7c:d9:3a:f4:be:7b:26:1f:a3:d5:4e:ad:31:6a:8b:50:
a3:9d:68:29:18:98:c5:0f:2c:9b:53:84:6d:14:8d:70:19:47:
ae:6c:58:d8:a6:89:40:1b:88:6a:a8:f4:07:6d:3b:6e:27:00:
41:36:8e:a9:dc:44:67:53:ae:4e:01:c4:ce:01:9f:53:e6:c1:
31:94:49:13:74:f3:dd:56:3f:69:09:48:a9:a1:17:2a:57:52:
53:22:d9:ab:97:47:cb:6b:02:20:55:95:a7:99:74:f7:76:76:
30:5a:b2:5b:12:49:39:e8:8b:c6:15:dc:9d:b3:5e:27:59:b2:
80:ee:60:0b:73:65:b0:5f:09:05:b2:29:c0:f0:6f:cb:7c:25:
14:ff:ea:26:d1:51:a0:ce:1e:c7:4a:65:6b:a7:75:be:8b:9e:
8b:93:ad:2c:a0:f3:08:5b:50:7d:9a:4f:5a:05:69:21:81:18:
01:49:03:99:2d:31:0f:b9:35:7b:b1:f9:59:04:5a:b6:bd:58:
e0:47:6e:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7GNRltEFn7hCjehfXlAeCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEwMDQxMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODU4Nzg5MDBiY2IxYzcwMmNhNjNhMjQzYzdjZTdhMzE0N2EzNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjE+3wetTa79NRwKLrtww9WQgeCNI
XUmJ9P/CmUrHhaFI9LrRtXU8HA7ERS4n6wNWy2G+Y3WNodYsKtCuANxIEPWoUqsn
CHKfH/YFh68pLQKZ3rDQmxRNLLNi6GKVkOdCm4A9+F/xBS1qlOnTaytA3o2GOyOW
oG/khYsC4IceG6ZU+4qiH6tslpTcNxK0B91Sqkc8S8E/0GodKOp//cNYpbXiUX5P
rIoj6Qli5USIb3cm+SB3wACRHy365cUmvk/SQR/fDcsgTYuzto8+wulbRtWwp3wL
OvSVzCvNvuY6mOWQ6wMfGchzEd7H58oQi0UKDNK1rPjd3kLCJuh8XAq7NQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFChYeJALyxxwLKY6JDx856MUejb8MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS0ZoNGtBdkxISEFzcGpva1BIem5veFI2TnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABo+m/dXO5rp0l0Idu5l
SQwvI2uw/SxtmtJOtM8iZPcjY8TP+Z+z43UWc8rwC4X2oikxQ4POpdk6fNk69L57
Jh+j1U6tMWqLUKOdaCkYmMUPLJtThG0UjXAZR65sWNimiUAbiGqo9AdtO24nAEE2
jqncRGdTrk4BxM4Bn1PmwTGUSRN0891WP2kJSKmhFypXUlMi2auXR8trAiBVlaeZ
dPd2djBaslsSSTnoi8YV3J2zXidZsoDuYAtzZbBfCQWyKcDwb8t8JRT/6ibRUaDO
HsdKZWundb6LnouTrSyg8whbUH2aT1oFaSGBGAFJA5ktMQ+5NXux+VkEWra9WOBH
bho=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org