Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KkJCG86ayTKOxHtGPF3gfg9Eke4.roa
File: KkJCG86ayTKOxHtGPF3gfg9Eke4.roa (raw, json)
Hash identifier: 5lMxy+0FHzdoVucx16EUswflnCRQVFTkihp/KJBpx0U=
Subject key identifier: 2A:42:42:1B:CE:9A:C9:32:8E:C4:7B:46:3C:5D:E0:7E:0F:44:91:EE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB7A54E3154184F5FBE0A59B265B384F1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KkJCG86ayTKOxHtGPF3gfg9Eke4.roa
Signing time: Sat 17 Feb 2024 15:18:00 +0000
ROA not before: Sat 17 Feb 2024 15:18:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b7:a5:4e:31:54:18:4f:5f:be:0a:59:b2:65:b3:84:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 17 15:18:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a42421bce9ac9328ec47b463c5de07e0f4491ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6b:ed:4f:42:c7:59:7f:89:22:94:36:88:31:
2a:11:d1:21:a0:32:2f:63:78:93:a4:22:3b:9e:81:
9f:0b:cb:ee:03:ab:ea:bb:05:ab:f7:d1:1e:53:41:
f4:28:b9:7e:64:3a:23:cc:95:4c:f5:a9:b3:d5:ab:
d2:65:9d:d4:24:ca:d9:82:3b:33:33:9a:ff:d6:c2:
35:be:18:27:21:5b:35:14:aa:43:82:ac:dd:d0:e2:
e4:a9:a2:f2:a0:34:47:69:37:04:75:79:dc:b2:32:
75:96:d7:03:59:f4:b4:3e:44:ad:ee:56:33:29:cb:
84:92:9f:71:2c:1d:71:ec:89:cc:c5:1d:a0:f1:07:
0d:5d:c6:5f:bc:be:2f:1d:9f:d0:11:fb:63:1b:a2:
f2:6d:33:f0:02:2a:c6:e2:39:b2:c8:65:12:50:34:
a4:3f:73:cc:71:7d:94:ec:f2:b4:df:74:a1:95:3e:
87:94:ed:7e:68:80:00:a9:8b:7a:ec:d5:50:43:f5:
97:83:bf:6b:38:8f:16:60:5a:f7:a1:69:44:5b:c5:
53:cf:98:e2:51:c2:52:4d:95:d7:50:a0:97:42:de:
9d:87:47:dc:fa:32:90:43:0f:6d:63:1c:52:fc:ad:
8f:d9:21:b5:61:0e:0a:e1:ce:09:fc:98:ac:38:73:
e9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:42:42:1B:CE:9A:C9:32:8E:C4:7B:46:3C:5D:E0:7E:0F:44:91:EE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KkJCG86ayTKOxHtGPF3gfg9Eke4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:95:ca:b5:25:9f:77:ec:6e:93:85:d5:79:9e:2c:04:0e:93:
c1:51:23:6f:50:68:76:ad:6e:87:04:4d:32:09:ad:f2:4e:e9:
76:4c:cd:2f:df:4e:6c:28:ca:28:9d:85:02:29:bd:91:2a:c8:
cc:64:0b:4a:c5:ca:95:78:2c:ed:3a:27:72:3e:a4:b4:8d:eb:
bc:21:75:bd:31:e9:67:00:20:87:9b:5d:85:7b:34:61:e6:97:
98:fc:41:3a:71:fc:a9:e3:e5:b1:ba:0d:89:5f:09:ca:3e:77:
23:94:12:20:d8:fd:8c:a4:4f:22:10:af:b6:58:dc:f4:80:76:
51:9e:bc:82:a4:d7:e8:7f:03:cf:e8:31:dc:b5:dd:7c:24:15:
b7:1d:a0:e4:5f:5f:e7:f6:83:b4:d4:89:14:05:b1:1a:fc:c7:
3a:8c:8b:d1:68:2b:2d:d2:e3:9e:0e:94:c2:ac:16:7f:b3:be:
3e:55:b2:cb:cc:9a:6e:c0:c7:0d:22:89:45:f9:79:c5:33:82:
6f:f4:3c:33:16:55:7f:05:7e:44:f9:98:78:6a:7b:70:fd:28:
cd:57:67:79:2b:09:83:5d:da:8f:ab:96:17:16:de:a4:33:32:
e3:98:d1:83:4e:16:52:b3:61:d6:a2:21:c4:43:ea:94:cf:18:
92:2c:3a:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY23pU4xVBhPX74KWbJls4TxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE3MTUxODAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQyNDIxYmNlOWFjOTMyOGVjNDdiNDYzYzVkZTA3ZTBmNDQ5MWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmvtT0LHWX+JIpQ2iDEqEdEhoDIv
Y3iTpCI7noGfC8vuA6vquwWr99EeU0H0KLl+ZDojzJVM9amz1avSZZ3UJMrZgjsz
M5r/1sI1vhgnIVs1FKpDgqzd0OLkqaLyoDRHaTcEdXncsjJ1ltcDWfS0PkSt7lYz
KcuEkp9xLB1x7InMxR2g8QcNXcZfvL4vHZ/QEftjG6LybTPwAirG4jmyyGUSUDSk
P3PMcX2U7PK033ShlT6HlO1+aIAAqYt67NVQQ/WXg79rOI8WYFr3oWlEW8VTz5ji
UcJSTZXXUKCXQt6dh0fc+jKQQw9tYxxS/K2P2SG1YQ4K4c4J/JisOHPpWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCpCQhvOmskyjsR7Rjxd4H4PRJHuMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS2tKQ0c4NmF5VEtPeEh0R1BGM2dmZzlFa2U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACKVyrUln3fsbpOF1Xme
LAQOk8FRI29QaHatbocETTIJrfJO6XZMzS/fTmwoyiidhQIpvZEqyMxkC0rFypV4
LO06J3I+pLSN67whdb0x6WcAIIebXYV7NGHml5j8QTpx/Knj5bG6DYlfCco+dyOU
EiDY/YykTyIQr7ZY3PSAdlGevIKk1+h/A8/oMdy13XwkFbcdoORfX+f2g7TUiRQF
sRr8xzqMi9FoKy3S454OlMKsFn+zvj5VssvMmm7Axw0iiUX5ecUzgm/0PDMWVX8F
fkT5mHhqe3D9KM1XZ3krCYNd2o+rlhcW3qQzMuOY0YNOFlKzYdaiIcRD6pTPGJIs
Oio=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org