Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/LZaM2FQ5bLKC9iHVMgaHJYyghDQ.roa
File: LZaM2FQ5bLKC9iHVMgaHJYyghDQ.roa (raw, json)
Hash identifier: zpMAu2Ct6PKN31HeH5a25pdnFH0F7gRh4k27otIrAiM=
Subject key identifier: 2D:96:8C:D8:54:39:6C:B2:82:F6:21:D5:32:06:87:25:8C:A0:84:34
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DD988A830498035CC0995A944758DB1C7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/LZaM2FQ5bLKC9iHVMgaHJYyghDQ.roa
Signing time: Sat 24 Feb 2024 05:13:48 +0000
ROA not before: Sat 24 Feb 2024 05:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d9:88:a8:30:49:80:35:cc:09:95:a9:44:75:8d:b1:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 24 05:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d968cd854396cb282f621d5320687258ca08434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:65:22:eb:1f:8f:6e:ff:85:e9:e5:17:b0:da:
7d:c1:b1:66:98:82:fd:64:b0:4a:05:5d:f4:ad:48:
c1:4e:e7:77:ef:a5:32:09:ec:b1:b7:3c:04:7c:3f:
ba:8b:1d:25:fe:75:36:78:f6:a4:b7:79:7d:68:d8:
08:d3:42:40:62:ef:98:ab:ae:fd:18:d6:d6:7a:3f:
71:5a:0f:5d:a3:6e:58:5a:cf:0e:1f:2b:74:bf:17:
e2:b9:25:63:d1:3d:30:cb:d9:5d:46:af:92:51:7d:
37:82:8c:fb:d9:bf:ac:f8:a3:cb:0e:69:f5:dc:7d:
2c:8e:25:4c:65:7a:35:4a:64:02:dd:37:25:ea:d8:
d0:ed:09:90:96:8c:17:c0:de:14:20:1f:14:d2:63:
a1:69:a4:a0:a1:65:01:6b:c7:c6:56:9f:80:28:7d:
03:37:75:2a:fe:38:79:7b:d1:0a:d0:17:8c:e4:78:
48:af:32:b4:98:1d:59:d3:7c:dc:6c:96:d4:5f:9f:
b8:03:af:92:9b:f9:da:d9:f4:63:5d:02:e4:1c:f3:
12:a0:e2:1a:d5:e4:ce:75:b2:b0:38:14:49:d8:9c:
f0:2e:70:5d:81:62:f1:49:46:03:84:be:aa:fc:38:
20:ed:85:f5:9b:d0:f9:00:c0:f0:29:c8:9d:7a:a2:
a2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:96:8C:D8:54:39:6C:B2:82:F6:21:D5:32:06:87:25:8C:A0:84:34
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/LZaM2FQ5bLKC9iHVMgaHJYyghDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:83:f0:9c:ca:d6:f1:46:80:5e:d8:4f:8a:15:b1:ef:ac:18:
b4:c7:5d:1e:3e:11:8d:fe:a6:f0:86:5f:2a:77:25:97:f9:35:
f5:b3:13:f6:ca:9e:09:a0:2a:27:1c:c9:f9:29:53:d7:09:b7:
78:d3:86:ab:c2:54:72:52:0a:a0:14:c6:be:58:3a:e6:aa:2a:
f6:74:44:61:61:16:b1:a1:f4:d2:27:d1:2b:73:48:83:37:60:
01:17:54:55:9f:68:f2:ad:d0:95:21:c2:98:02:bc:fa:66:f8:
d3:31:ba:d8:64:8b:e6:0e:85:af:a6:f4:80:10:3d:96:61:84:
39:78:e3:9e:fb:0d:fc:78:55:0b:0b:6d:9e:12:c5:59:a7:bc:
59:12:76:75:a9:72:f5:4f:66:55:3d:43:11:cb:15:41:20:c8:
55:50:2f:a5:ff:b8:fd:a1:2c:5f:d3:25:13:77:de:47:e6:a3:
f7:35:60:62:e1:14:9f:3d:28:06:a0:80:b7:39:cb:a8:cd:e1:
5e:e7:ef:43:95:74:de:f5:15:7d:38:55:6d:41:7b:8b:93:bf:
13:f1:53:40:e8:03:0a:89:8c:26:fe:26:a0:33:e6:a4:a8:ab:
dc:6b:8f:ab:bf:3a:96:4b:ff:5c:56:b6:0f:90:17:4b:4b:8b:
f4:cb:57:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3ZiKgwSYA1zAmVqUR1jbHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI0MDUxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDk2OGNkODU0Mzk2Y2IyODJmNjIxZDUzMjA2ODcyNThjYTA4NDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2Ui6x+Pbv+F6eUXsNp9wbFmmIL9
ZLBKBV30rUjBTud376UyCeyxtzwEfD+6ix0l/nU2ePakt3l9aNgI00JAYu+Yq679
GNbWej9xWg9do25YWs8OHyt0vxfiuSVj0T0wy9ldRq+SUX03goz72b+s+KPLDmn1
3H0sjiVMZXo1SmQC3Tcl6tjQ7QmQlowXwN4UIB8U0mOhaaSgoWUBa8fGVp+AKH0D
N3Uq/jh5e9EK0BeM5HhIrzK0mB1Z03zcbJbUX5+4A6+Sm/na2fRjXQLkHPMSoOIa
1eTOdbKwOBRJ2JzwLnBdgWLxSUYDhL6q/Dgg7YX1m9D5AMDwKcideqKiBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC2WjNhUOWyygvYh1TIGhyWMoIQ0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTFphTTJGUTViTEtDOWlIVk1nYUhKWXlnaERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF+D8JzK1vFGgF7YT4oV
se+sGLTHXR4+EY3+pvCGXyp3JZf5NfWzE/bKngmgKiccyfkpU9cJt3jThqvCVHJS
CqAUxr5YOuaqKvZ0RGFhFrGh9NIn0StzSIM3YAEXVFWfaPKt0JUhwpgCvPpm+NMx
uthki+YOha+m9IAQPZZhhDl44577Dfx4VQsLbZ4SxVmnvFkSdnWpcvVPZlU9QxHL
FUEgyFVQL6X/uP2hLF/TJRN33kfmo/c1YGLhFJ89KAaggLc5y6jN4V7n70OVdN71
FX04VW1Be4uTvxPxU0DoAwqJjCb+JqAz5qSoq9xrj6u/OpZL/1xWtg+QF0tLi/TL
V6U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org