Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KlXl12qeUHuVvuVg1dLHZO9xmfs.roa
File: KlXl12qeUHuVvuVg1dLHZO9xmfs.roa (raw, json)
Hash identifier: ZYQlbeRizw8oi4Jcu8aT5qLDr3fhcOwTZAvl+ibAG9A=
Subject key identifier: 2A:55:E5:D7:6A:9E:50:7B:95:BE:E5:60:D5:D2:C7:64:EF:71:99:FB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D46F863A783F48BF83ED2850814F5E4DB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KlXl12qeUHuVvuVg1dLHZO9xmfs.roa
Signing time: Fri 26 Jan 2024 18:11:40 +0000
ROA not before: Fri 26 Jan 2024 18:11:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:46:f8:63:a7:83:f4:8b:f8:3e:d2:85:08:14:f5:e4:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 26 18:11:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a55e5d76a9e507b95bee560d5d2c764ef7199fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:80:d8:66:05:00:57:02:ff:c0:28:59:39:c6:
34:87:d0:f1:0d:2e:4b:3f:4b:6b:ea:cd:58:7a:e8:
a1:9c:8e:d6:ba:3d:d8:cf:5b:5c:0f:60:88:a2:49:
18:6e:73:33:79:8e:47:28:e9:93:5a:09:83:6f:b4:
75:d0:6f:09:e3:63:3c:07:a1:17:9d:75:e1:44:8f:
64:af:a7:53:e6:a4:9c:d4:11:70:53:47:a2:86:d3:
c3:61:b7:61:08:ec:cc:f1:10:12:88:13:ae:1a:d9:
94:8d:d4:07:b3:17:2d:e7:f7:04:c8:d8:43:e5:ea:
26:b6:2e:57:c5:f8:eb:7f:ff:79:3e:73:40:52:9f:
c2:7b:4c:ef:dc:09:78:95:11:89:a5:04:f4:37:ff:
33:3e:01:02:19:2d:3b:86:80:95:74:20:8f:37:ae:
c4:15:51:69:35:33:a1:8a:86:3e:a5:52:0e:0f:c6:
3f:e2:ad:4d:14:93:d1:c4:25:9a:2a:e3:2f:22:e1:
91:b6:04:a7:6b:b6:ab:5b:2b:dc:8e:72:14:ee:4b:
44:62:e8:50:b5:0b:7b:87:7b:4d:e1:db:e4:e9:02:
35:ee:97:cd:1e:e1:0f:68:80:0d:57:1b:54:be:1c:
e9:bc:c2:9a:06:04:01:c3:2d:97:73:de:a6:e2:01:
51:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:55:E5:D7:6A:9E:50:7B:95:BE:E5:60:D5:D2:C7:64:EF:71:99:FB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KlXl12qeUHuVvuVg1dLHZO9xmfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:de:98:51:b0:b8:94:6d:b0:a0:a4:87:b6:88:be:ad:18:8f:
7a:9c:dd:7c:08:b7:71:8c:80:3a:a8:2a:10:11:11:05:ed:ba:
0c:55:59:c6:9b:5e:5b:53:34:3b:3e:10:4d:9a:f0:df:1e:e5:
30:5f:58:3b:0b:53:02:85:23:37:af:29:1f:f6:1b:a2:cc:ee:
5b:a3:4c:b8:3a:a2:29:92:13:09:8e:d9:41:5e:3c:f1:58:bf:
03:47:e4:00:73:18:2b:70:90:1c:1e:8e:a5:4c:0f:81:43:08:
b2:a5:4f:3c:6c:86:18:95:7c:d6:1b:99:94:cc:cf:c2:19:3e:
60:9c:8b:63:80:96:81:f6:15:c3:91:c9:6b:9b:37:ee:25:c6:
d4:74:8a:a6:21:9e:f4:54:63:bb:42:dd:2b:61:d0:c5:86:3d:
0f:0b:58:ce:ec:8b:e2:2c:df:5e:07:73:8b:31:b9:2c:19:0f:
3c:8c:db:70:a2:a8:c4:b4:a5:6e:27:81:37:6f:ae:8d:d9:61:
a0:18:58:16:b5:4a:95:ce:80:f9:2f:a0:b5:e6:03:f8:ce:f2:
70:b0:fb:f1:b4:cd:10:28:84:02:2f:e1:70:51:77:7f:41:95:
e8:65:15:db:73:20:47:50:e6:8e:97:cb:cd:af:2c:40:38:9d:
2d:5f:6a:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1G+GOng/SL+D7ShQgU9eTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI2MTgxMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTU1ZTVkNzZhOWU1MDdiOTViZWU1NjBkNWQyYzc2NGVmNzE5OWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYDYZgUAVwL/wChZOcY0h9DxDS5L
P0tr6s1YeuihnI7Wuj3Yz1tcD2CIokkYbnMzeY5HKOmTWgmDb7R10G8J42M8B6EX
nXXhRI9kr6dT5qSc1BFwU0eihtPDYbdhCOzM8RASiBOuGtmUjdQHsxct5/cEyNhD
5eomti5Xxfjrf/95PnNAUp/Ce0zv3Al4lRGJpQT0N/8zPgECGS07hoCVdCCPN67E
FVFpNTOhioY+pVIOD8Y/4q1NFJPRxCWaKuMvIuGRtgSna7arWyvcjnIU7ktEYuhQ
tQt7h3tN4dvk6QI17pfNHuEPaIANVxtUvhzpvMKaBgQBwy2Xc96m4gFRUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCpV5ddqnlB7lb7lYNXSx2TvcZn7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS2xYbDEycWVVSHVWdnVWZzFkTEhaTzl4bWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEHemFGwuJRtsKCkh7aI
vq0Yj3qc3XwIt3GMgDqoKhAREQXtugxVWcabXltTNDs+EE2a8N8e5TBfWDsLUwKF
IzevKR/2G6LM7lujTLg6oimSEwmO2UFePPFYvwNH5ABzGCtwkBwejqVMD4FDCLKl
TzxshhiVfNYbmZTMz8IZPmCci2OAloH2FcORyWubN+4lxtR0iqYhnvRUY7tC3Sth
0MWGPQ8LWM7si+Is314Hc4sxuSwZDzyM23CiqMS0pW4ngTdvro3ZYaAYWBa1SpXO
gPkvoLXmA/jO8nCw+/G0zRAohAIv4XBRd39BlehlFdtzIEdQ5o6Xy82vLEA4nS1f
aqg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org