Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KtNnL9IZZWo4j22mIiM3u6mVr64.roa
File: KtNnL9IZZWo4j22mIiM3u6mVr64.roa (raw, json)
Hash identifier: 0UHWwDLwbaxVUL/iYuARB72dda4NrGLxCsEsLVv2rnU=
Subject key identifier: 2A:D3:67:2F:D2:19:65:6A:38:8F:6D:A6:22:23:37:BB:A9:95:AF:AE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D1ABE8B85F1F9558CA5B579880E35D5B8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KtNnL9IZZWo4j22mIiM3u6mVr64.roa
Signing time: Thu 18 Jan 2024 04:05:11 +0000
ROA not before: Thu 18 Jan 2024 04:05:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:1abd:a86b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1a:be:8b:85:f1:f9:55:8c:a5:b5:79:88:0e:35:d5:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 18 04:05:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ad3672fd219656a388f6da6222337bba995afae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:86:be:47:b4:3c:85:29:a4:c0:79:ab:bf:72:
62:0c:01:7e:c2:19:af:44:a4:bf:67:51:bb:b2:4c:
fa:08:28:1a:6d:f4:12:9f:fd:53:d7:73:4e:ff:aa:
2d:03:6b:8b:7f:38:21:89:d6:8b:d0:b1:b2:df:06:
3e:51:38:84:14:c9:84:07:0f:52:a3:ba:de:da:c1:
5c:de:bf:45:55:2a:f0:8d:81:8d:22:da:81:21:78:
d2:fd:8b:2d:0f:33:60:81:37:d9:52:61:91:bf:7c:
3b:c6:3f:ac:4e:2b:61:aa:9f:e6:35:47:d8:47:0d:
84:4a:7f:7c:48:bf:a0:6e:32:2a:31:44:98:ec:0f:
24:dc:2c:bf:82:57:41:ac:54:07:1a:ee:9a:ec:db:
a9:94:c8:2e:5c:d9:a2:cf:1b:ed:8d:54:03:26:39:
a2:57:8f:9b:1b:75:18:71:27:5b:8f:e5:f4:f7:b6:
30:9d:c4:49:7a:bd:d6:c9:34:23:c5:a1:78:77:a4:
8a:fc:78:d1:a2:83:ad:25:aa:ed:69:ba:1e:c5:da:
5c:c9:d0:aa:3e:2b:f0:94:fd:1b:ee:ae:05:cc:b0:
e9:22:01:d3:ca:b9:c1:8e:33:7c:68:a9:8b:fa:aa:
8d:27:94:33:ef:16:01:34:7b:a6:23:56:ce:17:f3:
34:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D3:67:2F:D2:19:65:6A:38:8F:6D:A6:22:23:37:BB:A9:95:AF:AE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KtNnL9IZZWo4j22mIiM3u6mVr64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:4b:3f:83:d7:2c:a5:dc:8a:c2:8f:4f:f5:2c:70:03:55:ef:
eb:95:90:78:95:85:f2:65:13:b9:e6:1e:9a:0f:b7:e8:a9:6b:
4f:c8:e4:49:54:fb:6d:f7:cd:2b:d1:ca:86:62:59:3c:de:c6:
7e:ab:f4:5f:63:70:07:a4:f8:0a:db:bd:3f:28:5c:a6:15:9a:
f2:9f:4d:9a:8d:fd:37:c1:6b:f6:2f:fc:2d:67:9e:5f:d4:af:
01:8d:52:de:db:b0:cb:23:eb:d4:5c:5c:35:4f:24:36:0e:2a:
4d:53:f3:3a:c4:cf:82:4b:bf:de:09:e1:ed:b0:75:cd:c4:1d:
93:48:20:8b:e0:ef:f8:29:10:b8:48:8c:f5:90:d1:f8:64:a6:
f9:93:ab:dd:ae:bb:cb:e1:d6:01:d0:2e:f0:b3:da:a4:21:92:
6e:fb:91:34:ef:df:54:68:28:46:13:27:7a:b6:fc:4c:9f:fa:
38:70:dc:a1:52:00:8a:a3:ec:11:44:41:66:90:70:23:24:6e:
7a:71:0e:3d:3c:23:e3:a6:18:c8:6c:a1:ae:08:fa:55:4a:cc:
8f:64:0f:c5:bf:cd:34:c4:21:d4:82:71:39:34:91:e0:9b:71:
a4:bb:24:63:9f:0d:9c:4c:c9:49:92:e7:de:9b:55:30:87:c9:
89:02:0f:ea
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0avouF8flVjKW1eYgONdW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE4MDQwNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQzNjcyZmQyMTk2NTZhMzg4ZjZkYTYyMjIzMzdiYmE5OTVhZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Ia+R7Q8hSmkwHmrv3JiDAF+whmv
RKS/Z1G7skz6CCgabfQSn/1T13NO/6otA2uLfzghidaL0LGy3wY+UTiEFMmEBw9S
o7re2sFc3r9FVSrwjYGNItqBIXjS/YstDzNggTfZUmGRv3w7xj+sTithqp/mNUfY
Rw2ESn98SL+gbjIqMUSY7A8k3Cy/gldBrFQHGu6a7NuplMguXNmizxvtjVQDJjmi
V4+bG3UYcSdbj+X097YwncRJer3WyTQjxaF4d6SK/HjRooOtJartaboexdpcydCq
PivwlP0b7q4FzLDpIgHTyrnBjjN8aKmL+qqNJ5Qz7xYBNHumI1bOF/M0UQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCrTZy/SGWVqOI9tpiIjN7upla+uMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS3RObkw5SVpaV280ajIybUlpTTN1Nm1WcjY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAZLP4PXLKXcisKPT/Us
cANV7+uVkHiVhfJlE7nmHpoPt+ipa0/I5ElU+233zSvRyoZiWTzexn6r9F9jcAek
+ArbvT8oXKYVmvKfTZqN/TfBa/Yv/C1nnl/UrwGNUt7bsMsj69RcXDVPJDYOKk1T
8zrEz4JLv94J4e2wdc3EHZNIIIvg7/gpELhIjPWQ0fhkpvmTq92uu8vh1gHQLvCz
2qQhkm77kTTv31RoKEYTJ3q2/Eyf+jhw3KFSAIqj7BFEQWaQcCMkbnpxDj08I+Om
GMhsoa4I+lVKzI9kD8W/zTTEIdSCcTk0keCbcaS7JGOfDZxMyUmS596bVTCHyYkC
D+o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org