Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KVpPAyYHgTQ-W3LXbMv7DEnAg78.roa
File: KVpPAyYHgTQ-W3LXbMv7DEnAg78.roa (raw, json)
Hash identifier: FydBM6oTgHnf4clOXADIrKYudHb9j95sx5aIIN3PIe0=
Subject key identifier: 29:5A:4F:03:26:07:81:34:3E:5B:72:D7:6C:CB:FB:0C:49:C0:83:BF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D073E9E45C34EBACB77516865E4E383BD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KVpPAyYHgTQ-W3LXbMv7DEnAg78.roa
Signing time: Sun 14 Jan 2024 09:12:40 +0000
ROA not before: Sun 14 Jan 2024 09:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:07:3e:9e:45:c3:4e:ba:cb:77:51:68:65:e4:e3:83:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 14 09:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=295a4f03260781343e5b72d76ccbfb0c49c083bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:aa:e9:8c:27:01:a8:94:4c:e0:a0:b6:75:41:
5d:49:9c:b7:9b:87:c1:35:c3:4c:d6:8d:e9:8a:92:
a3:3a:76:87:05:92:c1:84:26:cf:0d:c2:62:7a:27:
bb:6d:37:63:e5:42:3d:cc:d5:02:67:54:9b:9f:08:
d4:b8:eb:78:7c:88:64:71:30:e4:fa:e6:df:d1:4f:
fa:c8:fd:cc:99:ef:04:ac:1b:c4:b6:8a:66:f3:70:
3e:06:ea:0e:38:b2:44:75:40:1b:0d:a6:52:70:9d:
0e:19:00:a4:70:a2:56:4b:7f:76:f7:52:6d:16:0e:
eb:f0:a9:c2:f9:2a:3e:92:d2:2c:ce:dd:1c:42:bf:
6b:f2:fe:d3:5c:8a:98:db:a7:73:ee:58:d9:f5:2f:
9d:22:72:b8:8c:62:85:c2:02:9b:c2:a5:b1:c4:ac:
07:13:fb:51:f1:7c:ce:bd:41:83:f3:c2:a8:11:35:
76:6b:c8:fb:c4:83:d9:cb:2f:4c:33:39:b1:0c:c0:
1d:71:36:e2:cb:3d:9e:9d:23:69:8a:11:2f:9a:df:
e4:62:5f:52:ed:67:85:46:3f:3a:56:39:2d:dd:c0:
46:ec:07:ff:79:88:8f:34:08:50:b6:db:a0:8e:7f:
8b:81:9b:94:31:54:3e:74:b7:21:0b:4a:e9:ab:5d:
29:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5A:4F:03:26:07:81:34:3E:5B:72:D7:6C:CB:FB:0C:49:C0:83:BF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KVpPAyYHgTQ-W3LXbMv7DEnAg78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:f4:b6:47:69:07:fe:96:1c:cf:1c:6c:63:5d:64:f9:1e:77:
7c:67:0c:59:82:d5:8f:37:3d:1f:eb:d5:8d:27:18:02:4c:a8:
4f:d7:ec:54:59:c5:63:c9:0a:d3:ca:38:94:16:cb:21:6a:6e:
eb:ff:ce:8e:21:f5:3e:07:a5:3e:f7:81:0d:60:f5:97:82:94:
2f:2f:5a:77:b8:a1:7e:89:5e:1f:12:c4:71:31:a0:75:5b:04:
7c:b2:bb:3a:14:1c:42:fb:03:8f:57:c6:84:eb:22:60:55:b8:
d5:f3:75:46:b1:5c:26:a7:a3:a1:da:94:25:e0:a2:99:08:7e:
e9:b8:52:e6:f7:68:68:f8:a0:43:53:1e:45:5e:bd:93:0d:62:
a7:b1:d7:fa:25:e9:8e:60:0d:48:47:9e:93:c6:44:93:37:d4:
72:ae:65:7a:51:3a:cf:fc:32:85:7f:81:54:52:65:11:1d:2a:
cf:57:b0:96:bf:00:a6:bf:b4:70:2f:e3:d3:75:10:de:02:16:
ae:c1:0d:c5:69:07:c4:de:34:4a:e9:8c:8d:8a:f4:87:92:35:
07:15:1b:8b:26:14:f4:c1:fa:5d:94:af:00:3d:63:aa:f0:db:
48:5e:db:6b:22:60:af:68:8f:1c:f7:5d:36:39:88:f3:4e:c0:
8f:15:63:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0HPp5Fw066y3dRaGXk44O9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE0MDkxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTVhNGYwMzI2MDc4MTM0M2U1YjcyZDc2Y2NiZmIwYzQ5YzA4M2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqrpjCcBqJRM4KC2dUFdSZy3m4fB
NcNM1o3pipKjOnaHBZLBhCbPDcJieie7bTdj5UI9zNUCZ1SbnwjUuOt4fIhkcTDk
+ubf0U/6yP3Mme8ErBvEtopm83A+BuoOOLJEdUAbDaZScJ0OGQCkcKJWS39291Jt
Fg7r8KnC+So+ktIszt0cQr9r8v7TXIqY26dz7ljZ9S+dInK4jGKFwgKbwqWxxKwH
E/tR8XzOvUGD88KoETV2a8j7xIPZyy9MMzmxDMAdcTbiyz2enSNpihEvmt/kYl9S
7WeFRj86Vjkt3cBG7Af/eYiPNAhQttugjn+LgZuUMVQ+dLchC0rpq10p/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFClaTwMmB4E0Plty12zL+wxJwIO/MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS1ZwUEF5WUhnVFEtVzNMWGJNdjdERW5BZzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAr0tkdpB/6WHM8cbGNd
ZPked3xnDFmC1Y83PR/r1Y0nGAJMqE/X7FRZxWPJCtPKOJQWyyFqbuv/zo4h9T4H
pT73gQ1g9ZeClC8vWne4oX6JXh8SxHExoHVbBHyyuzoUHEL7A49XxoTrImBVuNXz
dUaxXCano6HalCXgopkIfum4Uub3aGj4oENTHkVevZMNYqex1/ol6Y5gDUhHnpPG
RJM31HKuZXpROs/8MoV/gVRSZREdKs9XsJa/AKa/tHAv49N1EN4CFq7BDcVpB8Te
NErpjI2K9IeSNQcVG4smFPTB+l2UrwA9Y6rw20he22siYK9ojxz3XTY5iPNOwI8V
Yyw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org