Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NRehprsjvzk136mIY8ju5qcJSVw.roa
File: NRehprsjvzk136mIY8ju5qcJSVw.roa (raw, json)
Hash identifier: WoDNFM0EBELSVwaYN7eF4POiBTquwWTEF4kCH29n28U=
Subject key identifier: 35:17:A1:A6:BB:23:BF:39:35:DF:A9:88:63:C8:EE:E6:A7:09:49:5C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D57ECE62EAC360CBD1120EDDE278489E9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NRehprsjvzk136mIY8ju5qcJSVw.roa
Signing time: Tue 30 Jan 2024 01:12:39 +0000
ROA not before: Tue 30 Jan 2024 01:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:57:ec:e6:2e:ac:36:0c:bd:11:20:ed:de:27:84:89:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 30 01:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3517a1a6bb23bf3935dfa98863c8eee6a709495c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e3:9f:43:4e:f5:42:17:9b:0d:f2:b7:54:03:
f9:da:35:3b:b0:37:2d:c9:cf:e6:51:42:79:3b:bd:
4a:93:9f:0c:8c:ee:0f:af:4c:9e:9a:66:41:cf:76:
6e:28:75:0d:c6:56:49:54:c2:8c:86:b4:83:71:2f:
21:ac:23:ae:ed:2b:d1:de:56:55:b4:30:0c:49:1f:
53:8e:f2:a4:72:43:d1:3e:8b:07:91:d9:cb:85:ec:
1f:a7:83:22:de:1a:b6:1b:8a:c0:80:19:64:df:71:
5c:22:3b:44:af:d4:ee:ca:c4:72:11:03:47:69:4b:
38:15:92:12:11:b2:d9:57:66:ca:20:0b:ff:71:cf:
61:4f:a7:15:5b:f2:f3:76:d3:6c:a8:82:58:ae:22:
c0:f9:48:d0:8e:9c:9c:c6:39:8f:d6:79:f8:a4:71:
ea:31:81:80:ef:61:53:e2:10:90:fb:9f:84:b0:d5:
8a:41:99:5f:51:eb:f2:2c:59:2e:b4:b3:9e:06:5f:
d3:9f:44:61:27:94:88:d9:8d:87:c4:6a:df:c0:93:
74:1b:6d:20:6a:1e:7a:a1:df:41:a9:19:34:65:30:
b7:e3:94:32:99:03:6a:e0:cc:8a:1b:12:97:e4:b7:
f9:0e:31:f7:29:d7:ce:dc:8f:a7:da:d4:df:a5:96:
da:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:17:A1:A6:BB:23:BF:39:35:DF:A9:88:63:C8:EE:E6:A7:09:49:5C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NRehprsjvzk136mIY8ju5qcJSVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:fe:74:5f:c9:81:e7:b0:f9:5f:d8:c2:9e:4a:a3:a7:17:a3:
e8:44:bf:f2:c5:9e:8a:a5:f3:c2:52:dc:af:94:63:97:b0:e5:
12:4c:1c:b8:70:5d:9f:65:72:35:e0:2f:c8:02:a4:d0:2b:05:
87:c7:62:3f:78:6f:c0:f6:52:6b:19:1b:a2:57:01:62:7a:f6:
ec:d3:79:61:88:78:ef:16:13:33:fb:3a:27:12:60:ee:f4:be:
3b:a5:ed:a9:ef:9a:df:d5:2b:40:b6:ed:5d:b8:e0:aa:18:a5:
50:58:03:c4:f5:f5:18:d4:c6:86:2b:f4:75:2d:94:4b:1f:50:
30:d2:0f:e6:b7:31:55:08:bb:35:d5:d6:aa:18:c5:bd:53:d0:
15:d5:23:47:d6:4f:7c:4e:07:ae:f8:3c:17:26:0e:7b:0e:b0:
1b:f3:03:ef:5a:20:c2:b7:f6:f7:65:dc:63:e2:c6:54:65:46:
fd:58:26:80:0b:ab:35:fd:92:97:33:ef:74:0d:80:3c:d1:62:
51:52:a8:00:e9:ce:44:53:34:2b:8b:7a:19:c6:40:e1:7b:d9:
2a:08:25:7e:42:b0:ae:5b:18:3d:1d:76:fb:9e:09:6e:dc:cc:
14:3a:b8:3f:54:63:47:11:ca:01:67:8d:db:10:03:14:5f:4a:
39:75:13:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1X7OYurDYMvREg7d4nhInpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTMwMDExMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTE3YTFhNmJiMjNiZjM5MzVkZmE5ODg2M2M4ZWVlNmE3MDk0OTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuOfQ071QhebDfK3VAP52jU7sDct
yc/mUUJ5O71Kk58MjO4Pr0yemmZBz3ZuKHUNxlZJVMKMhrSDcS8hrCOu7SvR3lZV
tDAMSR9TjvKkckPRPosHkdnLhewfp4Mi3hq2G4rAgBlk33FcIjtEr9TuysRyEQNH
aUs4FZISEbLZV2bKIAv/cc9hT6cVW/LzdtNsqIJYriLA+UjQjpycxjmP1nn4pHHq
MYGA72FT4hCQ+5+EsNWKQZlfUevyLFkutLOeBl/Tn0RhJ5SI2Y2HxGrfwJN0G20g
ah56od9BqRk0ZTC345QymQNq4MyKGxKX5Lf5DjH3KdfO3I+n2tTfpZbaYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDUXoaa7I785Nd+piGPI7uanCUlcMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTlJlaHByc2p2emsxMzZtSVk4anU1cWNKU1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFj+dF/Jgeew+V/Ywp5K
o6cXo+hEv/LFnoql88JS3K+UY5ew5RJMHLhwXZ9lcjXgL8gCpNArBYfHYj94b8D2
UmsZG6JXAWJ69uzTeWGIeO8WEzP7OicSYO70vjul7anvmt/VK0C27V244KoYpVBY
A8T19RjUxoYr9HUtlEsfUDDSD+a3MVUIuzXV1qoYxb1T0BXVI0fWT3xOB674PBcm
DnsOsBvzA+9aIMK39vdl3GPixlRlRv1YJoALqzX9kpcz73QNgDzRYlFSqADpzkRT
NCuLehnGQOF72SoIJX5CsK5bGD0ddvueCW7czBQ6uD9UY0cRygFnjdsQAxRfSjl1
E2U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org