Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KYNf6hW4z3tVbpBNNPB4urNLQeg.roa
File: KYNf6hW4z3tVbpBNNPB4urNLQeg.roa (raw, json)
Hash identifier: P4Jd3vtp3y4/aXIAw2wIISTo/A3lErVfVOsM7niYpiE=
Subject key identifier: 29:83:5F:EA:15:B8:CF:7B:55:6E:90:4D:34:F0:78:BA:B3:4B:41:E8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D998F344EC043D391727FA89D713683B5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KYNf6hW4z3tVbpBNNPB4urNLQeg.roa
Signing time: Sun 11 Feb 2024 19:05:15 +0000
ROA not before: Sun 11 Feb 2024 19:05:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:998e:7098/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:99:8f:34:4e:c0:43:d3:91:72:7f:a8:9d:71:36:83:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 11 19:05:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29835fea15b8cf7b556e904d34f078bab34b41e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:39:19:64:3c:19:29:33:da:65:3f:11:ee:72:
08:a0:a3:8a:4f:e8:69:b6:73:ea:bf:58:f7:24:de:
59:5d:75:e9:f2:af:a4:a9:27:3d:aa:30:28:15:dc:
50:f4:af:0f:8b:09:c4:5a:7d:d2:28:80:23:7e:02:
dd:f3:4e:84:ff:96:97:f9:5a:da:87:ac:e3:d7:45:
cc:fe:7e:2d:97:08:1a:3f:db:5b:b9:6a:06:ce:b2:
cf:b7:10:51:f2:1c:cc:c0:c3:9c:a8:da:08:a1:b2:
38:2b:df:39:8a:4a:83:7e:d6:fd:88:21:e8:cc:43:
ad:84:6e:8d:7d:c2:2b:89:89:1a:2e:5f:53:ee:86:
5d:ee:18:15:1d:7c:60:91:e6:1d:e1:09:2f:10:2e:
e3:19:fe:66:21:ca:d6:56:12:9a:31:9f:81:8f:32:
13:e5:12:57:e1:59:7a:76:d1:6a:11:6c:52:0f:35:
0d:5d:ac:f4:64:ce:70:1b:c0:73:0f:7d:0e:80:f0:
e1:29:65:59:a3:f8:7e:f4:50:b8:31:3b:ed:bb:0e:
34:68:f9:18:e4:a8:0c:a3:ef:05:80:5d:51:09:67:
13:c1:a7:d3:24:ab:c4:f7:03:b1:3e:3b:83:b6:a6:
85:fb:06:f9:ea:ad:d9:ec:2a:3b:78:72:55:a2:f9:
9c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:83:5F:EA:15:B8:CF:7B:55:6E:90:4D:34:F0:78:BA:B3:4B:41:E8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KYNf6hW4z3tVbpBNNPB4urNLQeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:ae:e0:06:37:e6:47:93:68:eb:00:21:2a:d2:45:62:ea:de:
e3:dd:82:be:d8:cc:d2:2d:1d:e3:bf:73:a8:b2:64:05:b6:f0:
90:8a:e2:3e:88:bd:46:b3:15:6b:05:e9:7d:48:15:49:01:54:
82:e8:2b:5b:61:99:2b:30:37:fa:cc:58:d4:ec:62:2e:41:b9:
0b:45:7b:30:0b:37:fc:3d:80:03:43:d0:32:ad:5c:03:87:3e:
ac:5e:ac:65:9d:95:2b:55:e6:91:3a:46:0a:f7:9d:e5:b6:34:
35:29:d0:b6:63:1b:62:36:5c:49:0d:5f:c4:ef:74:ed:0a:74:
a8:fe:fa:f2:eb:38:7a:2a:00:ae:1b:3d:cc:a1:02:89:d2:d9:
98:ec:4f:fc:de:53:31:fd:15:41:1d:01:be:f7:91:4b:31:7c:
d0:de:79:26:d8:2a:c9:ad:67:39:68:4e:8f:a0:b9:de:45:9d:
f4:09:6d:4b:b6:95:d8:a1:d8:74:51:ce:0b:c0:24:4d:a8:5c:
d7:4f:5a:82:78:b7:59:41:67:52:90:dd:dc:fa:83:9d:6b:fc:
a6:e7:4a:97:17:4a:7e:05:b2:4d:cf:bb:00:dd:2a:df:e7:e6:
d3:f0:99:58:92:e1:65:ea:26:72:6b:22:df:e2:b9:16:0b:34:
a8:2b:62:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2ZjzROwEPTkXJ/qJ1xNoO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjExMTkwNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTgzNWZlYTE1YjhjZjdiNTU2ZTkwNGQzNGYwNzhiYWIzNGI0MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDkZZDwZKTPaZT8R7nIIoKOKT+hp
tnPqv1j3JN5ZXXXp8q+kqSc9qjAoFdxQ9K8PiwnEWn3SKIAjfgLd806E/5aX+Vra
h6zj10XM/n4tlwgaP9tbuWoGzrLPtxBR8hzMwMOcqNoIobI4K985ikqDftb9iCHo
zEOthG6NfcIriYkaLl9T7oZd7hgVHXxgkeYd4QkvEC7jGf5mIcrWVhKaMZ+BjzIT
5RJX4Vl6dtFqEWxSDzUNXaz0ZM5wG8BzD30OgPDhKWVZo/h+9FC4MTvtuw40aPkY
5KgMo+8FgF1RCWcTwafTJKvE9wOxPjuDtqaF+wb56q3Z7Co7eHJVovmcRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCmDX+oVuM97VW6QTTTweLqzS0HoMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS1lOZjZoVzR6M3RWYnBCTk5QQjR1ck5MUWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIqu4AY35keTaOsAISrS
RWLq3uPdgr7YzNItHeO/c6iyZAW28JCK4j6IvUazFWsF6X1IFUkBVILoK1thmSsw
N/rMWNTsYi5BuQtFezALN/w9gAND0DKtXAOHPqxerGWdlStV5pE6Rgr3neW2NDUp
0LZjG2I2XEkNX8TvdO0KdKj++vLrOHoqAK4bPcyhAonS2ZjsT/zeUzH9FUEdAb73
kUsxfNDeeSbYKsmtZzloTo+gud5FnfQJbUu2ldih2HRRzgvAJE2oXNdPWoJ4t1lB
Z1KQ3dz6g51r/KbnSpcXSn4Fsk3PuwDdKt/n5tPwmViS4WXqJnJrIt/iuRYLNKgr
YtU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org