Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NrC4RNz3UmCrcD_R8aDsE69H-Lk.roa
File: NrC4RNz3UmCrcD_R8aDsE69H-Lk.roa (raw, json)
Hash identifier: z6gx6BIzvWTITT895+BHUbFSeYcabq1aPm6BAeUuJ84=
Subject key identifier: 36:B0:B8:44:DC:F7:52:60:AB:70:3F:D1:F1:A0:EC:13:AF:47:F8:B9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E36A71BB02A8755AC61F9F281131DDC84
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NrC4RNz3UmCrcD_R8aDsE69H-Lk.roa
Signing time: Wed 13 Mar 2024 07:11:44 +0000
ROA not before: Wed 13 Mar 2024 07:11:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:36:a7:1b:b0:2a:87:55:ac:61:f9:f2:81:13:1d:dc:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 13 07:11:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36b0b844dcf75260ab703fd1f1a0ec13af47f8b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:74:ec:01:9a:57:26:e7:9e:34:1b:3a:22:83:
6c:5d:6f:a4:7c:dd:0f:15:48:79:cf:06:ad:3e:90:
3c:08:05:fd:7d:30:e6:c4:3b:15:44:6c:44:e1:05:
1a:f6:92:ed:fd:ab:37:bf:04:1c:e3:2e:07:04:12:
fe:7f:00:07:77:ab:0f:86:0d:87:fd:df:4a:35:e9:
3c:c7:df:1c:1f:a1:de:50:28:01:7b:a8:22:16:63:
98:86:41:15:24:72:1f:de:0c:4e:b7:f9:ff:6a:c0:
c2:ce:bf:7d:19:3f:fb:6c:23:0f:9c:e3:35:b9:2d:
82:be:ac:aa:a8:9c:cc:b7:80:8e:36:9f:43:0c:e1:
ae:d4:35:66:dc:55:8a:61:83:cc:1e:d5:d4:1d:dc:
3b:24:51:30:de:80:b5:5d:41:e6:59:4e:9d:4d:f0:
10:c8:cc:57:36:da:a6:f1:9f:96:a7:b8:65:cb:4a:
8b:1c:5c:d1:fc:fc:47:08:c9:7d:b9:ea:02:fc:5e:
98:9d:ff:0b:7c:93:e4:c0:4d:7d:8f:58:2c:0c:60:
a5:2e:28:ff:b8:4e:f3:ec:89:11:ec:19:74:40:a2:
65:47:6c:87:1f:68:24:61:e0:87:95:09:d3:c1:a1:
5b:f6:1c:7b:fe:be:8c:d0:f6:ff:a9:2c:64:f8:0b:
6a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B0:B8:44:DC:F7:52:60:AB:70:3F:D1:F1:A0:EC:13:AF:47:F8:B9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/NrC4RNz3UmCrcD_R8aDsE69H-Lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
25:9a:69:16:65:f6:7d:57:8a:a9:fe:67:be:67:14:53:44:8f:
75:9f:9c:6b:73:1a:3a:e4:86:f4:ce:cb:1f:a5:93:25:a2:87:
67:d6:8e:30:62:b4:2d:c9:a4:45:d4:18:e7:bb:1d:30:4d:b3:
98:ed:f8:37:04:da:cb:91:26:6a:01:3c:e2:a5:2c:43:9f:4f:
1e:df:ce:2e:ae:dd:a4:06:d1:d3:8b:69:8d:df:ec:ba:52:35:
5f:e8:af:5f:31:1e:b1:ce:9e:16:01:b9:1a:0f:55:d9:b9:74:
10:5a:e0:a7:c1:e1:72:22:00:89:11:06:ee:cd:3f:2b:6a:49:
62:f2:2a:bb:f2:ae:82:ab:ca:1a:90:32:65:f1:2a:56:e2:e1:
ee:60:e2:c6:99:0f:3f:10:e7:1a:25:ab:d1:cf:a9:52:21:bb:
e6:19:7f:78:0b:df:ef:e1:53:a7:9d:52:54:9f:49:b0:21:50:
95:ff:d8:22:b3:c1:a1:fa:18:b7:bc:31:86:de:ea:ac:2f:e4:
7d:45:33:71:ad:de:19:41:64:69:9d:65:bc:94:53:73:d5:a0:
7e:80:52:4b:f3:e0:8d:4b:19:f2:9b:7f:31:ed:57:6c:43:cc:
5a:16:f2:78:87:c5:2c:b8:aa:02:72:fa:c8:60:0d:0d:b1:f0:
f7:87:e2:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY42pxuwKodVrGH58oETHdyEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEzMDcxMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmIwYjg0NGRjZjc1MjYwYWI3MDNmZDFmMWEwZWMxM2FmNDdmOGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXTsAZpXJueeNBs6IoNsXW+kfN0P
FUh5zwatPpA8CAX9fTDmxDsVRGxE4QUa9pLt/as3vwQc4y4HBBL+fwAHd6sPhg2H
/d9KNek8x98cH6HeUCgBe6giFmOYhkEVJHIf3gxOt/n/asDCzr99GT/7bCMPnOM1
uS2CvqyqqJzMt4CONp9DDOGu1DVm3FWKYYPMHtXUHdw7JFEw3oC1XUHmWU6dTfAQ
yMxXNtqm8Z+Wp7hly0qLHFzR/PxHCMl9ueoC/F6Ynf8LfJPkwE19j1gsDGClLij/
uE7z7IkR7Bl0QKJlR2yHH2gkYeCHlQnTwaFb9hx7/r6M0Pb/qSxk+AtqfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDawuETc91Jgq3A/0fGg7BOvR/i5MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTnJDNFJOejNVbUNyY0RfUjhhRHNFNjlILUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACWaaRZl9n1Xiqn+Z75n
FFNEj3WfnGtzGjrkhvTOyx+lkyWih2fWjjBitC3JpEXUGOe7HTBNs5jt+DcE2suR
JmoBPOKlLEOfTx7fzi6u3aQG0dOLaY3f7LpSNV/or18xHrHOnhYBuRoPVdm5dBBa
4KfB4XIiAIkRBu7NPytqSWLyKrvyroKryhqQMmXxKlbi4e5g4saZDz8Q5xolq9HP
qVIhu+YZf3gL3+/hU6edUlSfSbAhUJX/2CKzwaH6GLe8MYbe6qwv5H1FM3Gt3hlB
ZGmdZbyUU3PVoH6AUkvz4I1LGfKbfzHtV2xDzFoW8niHxSy4qgJy+shgDQ2x8PeH
4mY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org