Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OFtxMeqWySWkAq38QRgpWEGg3EU.roa
File: OFtxMeqWySWkAq38QRgpWEGg3EU.roa (raw, json)
Hash identifier: 7Dn0bP7kTYR2de/eYJ4jlSDonGvheGRwqHmvoOuQBWo=
Subject key identifier: 38:5B:71:31:EA:96:C9:25:A4:02:AD:FC:41:18:29:58:41:A0:DC:45
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E717176BED3D16D8F4F41DF719D766520
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OFtxMeqWySWkAq38QRgpWEGg3EU.roa
Signing time: Sun 24 Mar 2024 17:10:45 +0000
ROA not before: Sun 24 Mar 2024 17:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:71:71:76:be:d3:d1:6d:8f:4f:41:df:71:9d:76:65:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 24 17:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=385b7131ea96c925a402adfc4118295841a0dc45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cb:ad:92:7a:10:d9:6d:81:ae:46:dd:e6:08:
32:b0:60:e2:7d:9c:66:39:d2:87:18:06:fa:cc:7e:
67:69:cf:ea:80:44:0e:b4:66:73:40:d0:ea:ed:54:
4e:15:ed:5f:64:eb:aa:48:e0:41:fe:8b:a7:b1:f8:
14:74:61:13:fc:51:44:a7:0b:e1:d6:3c:0f:f7:e9:
6a:95:f2:30:6c:61:af:d2:af:14:97:0e:6c:1b:2c:
bc:1c:ae:bf:0f:4f:f0:26:5e:bd:0b:27:b5:18:65:
b2:11:92:90:d8:e2:e0:ba:aa:5f:aa:98:c4:b8:b2:
54:f0:0c:08:c7:fa:ce:a2:b8:ba:c1:3e:f1:a8:a6:
ee:37:1c:bf:de:31:af:eb:d5:25:fd:f7:75:7f:86:
7b:7a:f1:d9:1b:a1:d2:a2:2f:9d:db:35:01:c1:e8:
a5:7f:2d:2c:b9:03:f1:bc:a1:47:4e:49:ed:e2:bf:
d5:c7:f5:d3:92:b8:00:b1:64:90:58:78:c7:ce:24:
fd:ef:73:5a:6d:bc:04:54:09:a6:3b:8d:0b:d4:46:
21:0e:48:0d:62:72:84:82:bb:6a:8f:c0:06:c1:c9:
77:8a:74:9a:f1:05:8c:cf:52:a9:8a:b2:ab:e1:4e:
57:0d:e4:b6:17:a0:58:3b:a7:a9:08:58:36:0c:67:
0f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:5B:71:31:EA:96:C9:25:A4:02:AD:FC:41:18:29:58:41:A0:DC:45
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OFtxMeqWySWkAq38QRgpWEGg3EU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:d7:ee:1b:ad:9f:b4:70:af:a6:ac:72:b8:db:de:64:df:c2:
31:ac:36:f3:7b:53:87:52:d2:4f:52:7a:e8:2f:ba:f3:a2:1d:
47:d2:62:d6:90:de:61:f5:b4:de:fa:a3:15:28:34:67:e9:80:
bf:26:cd:e5:3a:95:44:33:48:a3:a5:26:99:c1:37:26:50:d8:
1b:94:e1:f9:9f:54:63:51:8a:b3:0b:21:50:40:4a:e2:43:3e:
f4:7d:7a:05:86:0c:7a:75:50:24:0d:86:fc:36:b5:03:de:43:
27:3e:ea:70:5b:89:38:45:2c:71:38:1d:5d:86:be:aa:91:b8:
7b:18:80:09:d1:08:7f:bf:e0:09:e2:ba:76:a8:57:2d:8d:d1:
12:75:7c:36:8e:3d:9e:12:c2:f2:29:3a:72:bc:31:92:77:61:
15:23:0c:40:f2:b0:10:cd:1b:40:62:dd:f6:47:6d:b9:b8:fb:
3b:8a:5a:6f:75:2e:c1:36:04:15:44:b9:89:6d:0b:71:0e:54:
f3:18:81:89:2c:01:b6:63:f3:f1:28:73:ae:5c:53:06:6d:60:
c5:47:cf:07:35:f8:3b:6f:c5:e7:e9:ba:aa:f3:6b:2a:63:82:
a7:94:a3:89:5d:5f:1a:d7:2d:c6:0e:45:50:48:bd:1c:a3:e1:
4f:a3:c3:8b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5xcXa+09Ftj09B33GddmUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI0MTcxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODViNzEzMWVhOTZjOTI1YTQwMmFkZmM0MTE4Mjk1ODQxYTBkYzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcutknoQ2W2Brkbd5ggysGDifZxm
OdKHGAb6zH5nac/qgEQOtGZzQNDq7VROFe1fZOuqSOBB/ounsfgUdGET/FFEpwvh
1jwP9+lqlfIwbGGv0q8Ulw5sGyy8HK6/D0/wJl69Cye1GGWyEZKQ2OLguqpfqpjE
uLJU8AwIx/rOori6wT7xqKbuNxy/3jGv69Ul/fd1f4Z7evHZG6HSoi+d2zUBweil
fy0suQPxvKFHTknt4r/Vx/XTkrgAsWSQWHjHziT973NabbwEVAmmO40L1EYhDkgN
YnKEgrtqj8AGwcl3inSa8QWMz1KpirKr4U5XDeS2F6BYO6epCFg2DGcP+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDhbcTHqlsklpAKt/EEYKVhBoNxFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvT0Z0eE1lcVd5U1drQXEzOFFSZ3BXRUdnM0VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEvX7hutn7Rwr6ascrjb
3mTfwjGsNvN7U4dS0k9SeugvuvOiHUfSYtaQ3mH1tN76oxUoNGfpgL8mzeU6lUQz
SKOlJpnBNyZQ2BuU4fmfVGNRirMLIVBASuJDPvR9egWGDHp1UCQNhvw2tQPeQyc+
6nBbiThFLHE4HV2GvqqRuHsYgAnRCH+/4AniunaoVy2N0RJ1fDaOPZ4SwvIpOnK8
MZJ3YRUjDEDysBDNG0Bi3fZHbbm4+zuKWm91LsE2BBVEuYltC3EOVPMYgYksAbZj
8/Eoc65cUwZtYMVHzwc1+DtvxefpuqrzaypjgqeUo4ldXxrXLcYORVBIvRyj4U+j
w4s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org