Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ORzyOeZZ50pN4e06eafcIY4H_QE.roa
File: ORzyOeZZ50pN4e06eafcIY4H_QE.roa (raw, json)
Hash identifier: EktdPg/GSZMSo0tjGQxKnteEbK5WfLhsHP2o2aXeLYw=
Subject key identifier: 39:1C:F2:39:E6:59:E7:4A:4D:E1:ED:3A:79:A7:DC:21:8E:07:FD:01
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E291C6472D5B8A1D8B1BC3B250667B2AC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ORzyOeZZ50pN4e06eafcIY4H_QE.roa
Signing time: Sun 10 Mar 2024 16:05:10 +0000
ROA not before: Sun 10 Mar 2024 16:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:291b:97cb/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:29:1c:64:72:d5:b8:a1:d8:b1:bc:3b:25:06:67:b2:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 10 16:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=391cf239e659e74a4de1ed3a79a7dc218e07fd01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:48:a0:3d:a7:38:90:6d:4d:4d:5d:68:2f:3f:
4f:04:cf:75:91:96:74:f2:89:b0:dc:6f:32:22:b3:
4d:13:50:f7:57:bb:b3:a5:cd:eb:9b:8b:e6:1b:0f:
76:ca:69:e6:17:f9:4c:db:03:f9:40:8d:fc:6a:b4:
e2:17:3e:9f:a9:8f:91:f9:88:79:e3:d4:81:0e:4c:
99:b3:e7:ef:c2:33:e6:b9:5a:75:bf:20:7a:89:7a:
9b:e3:46:02:bb:4b:b1:ee:9c:b4:32:19:bc:5e:7e:
eb:7c:e9:0c:18:ec:b7:5c:fb:d6:a7:f0:13:3d:8a:
ad:30:5e:d1:09:3e:4b:aa:2c:75:27:eb:9c:63:d5:
49:73:c3:a4:90:5b:2b:ee:79:ce:b3:b0:d9:14:63:
f3:d0:73:27:f8:b5:d1:d3:e1:0b:00:de:74:46:0b:
b9:78:e6:c8:5c:13:fc:57:69:be:1d:d2:72:fb:ff:
e2:37:3a:7f:96:92:29:b9:8b:ac:fc:fd:b1:f8:59:
3e:d4:9f:53:c4:a5:91:b4:df:50:8e:77:3c:e7:36:
f4:dc:0e:9f:aa:bc:a8:ef:24:e6:03:0d:43:fc:cd:
30:5c:34:80:1d:20:17:1a:eb:56:a4:bc:56:57:0f:
34:f0:df:b4:27:7d:49:41:ab:16:f2:d8:35:22:99:
8a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:1C:F2:39:E6:59:E7:4A:4D:E1:ED:3A:79:A7:DC:21:8E:07:FD:01
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ORzyOeZZ50pN4e06eafcIY4H_QE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:2d:9b:fe:1f:1f:8b:55:c2:35:28:d9:d0:8c:b0:c0:51:2f:
ef:d9:9a:29:c8:65:8f:70:8f:03:51:e6:46:39:3c:12:70:e5:
93:06:dd:f4:23:07:cc:7c:1a:71:2a:2e:1e:a0:d6:0c:28:a6:
11:bb:51:10:c9:d2:68:ac:89:bf:83:0e:a8:b9:e0:f4:17:ec:
15:0d:ec:9b:39:a1:96:8a:97:ae:82:79:3f:3e:20:3b:62:e1:
6e:38:b3:a6:44:30:33:2e:4d:83:18:0b:bc:db:2a:2d:6d:1e:
0f:34:d4:61:dc:97:d4:8c:6b:de:78:9b:07:fe:61:c1:88:94:
f0:42:1d:26:4c:4e:23:d2:5a:dd:f4:16:b4:a8:15:3d:54:a7:
05:3e:99:66:f6:21:23:29:2b:42:c2:63:06:f0:0d:a1:6b:98:
6c:48:45:2c:a4:14:de:23:26:af:70:4e:bd:b9:dc:45:32:f0:
a2:7b:41:6e:c0:48:d3:b2:33:82:d7:4d:67:4a:cb:43:62:d6:
e2:21:5e:d3:cc:f8:78:f0:d2:a3:fc:37:71:50:7b:21:3c:b8:
26:6f:f3:a1:48:64:3f:73:a5:c8:1a:ed:8a:ad:d7:c6:c7:36:
0d:71:78:0b:bf:12:f6:6a:32:53:a8:93:90:f0:f4:29:01:aa:
cd:c3:e1:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4pHGRy1bih2LG8OyUGZ7KsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEwMTYwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTFjZjIzOWU2NTllNzRhNGRlMWVkM2E3OWE3ZGMyMThlMDdmZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0igPac4kG1NTV1oLz9PBM91kZZ0
8omw3G8yIrNNE1D3V7uzpc3rm4vmGw92ymnmF/lM2wP5QI38arTiFz6fqY+R+Yh5
49SBDkyZs+fvwjPmuVp1vyB6iXqb40YCu0ux7py0Mhm8Xn7rfOkMGOy3XPvWp/AT
PYqtMF7RCT5Lqix1J+ucY9VJc8OkkFsr7nnOs7DZFGPz0HMn+LXR0+ELAN50Rgu5
eObIXBP8V2m+HdJy+//iNzp/lpIpuYus/P2x+Fk+1J9TxKWRtN9Qjnc85zb03A6f
qryo7yTmAw1D/M0wXDSAHSAXGutWpLxWVw808N+0J31JQasW8tg1IpmKLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDkc8jnmWedKTeHtOnmn3CGOB/0BMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvT1J6eU9lWlo1MHBONGUwNmVhZmNJWTRIX1FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFgtm/4fH4tVwjUo2dCM
sMBRL+/ZminIZY9wjwNR5kY5PBJw5ZMG3fQjB8x8GnEqLh6g1gwophG7URDJ0mis
ib+DDqi54PQX7BUN7Js5oZaKl66CeT8+IDti4W44s6ZEMDMuTYMYC7zbKi1tHg80
1GHcl9SMa954mwf+YcGIlPBCHSZMTiPSWt30FrSoFT1UpwU+mWb2ISMpK0LCYwbw
DaFrmGxIRSykFN4jJq9wTr253EUy8KJ7QW7ASNOyM4LXTWdKy0Ni1uIhXtPM+Hjw
0qP8N3FQeyE8uCZv86FIZD9zpcga7Yqt18bHNg1xeAu/EvZqMlOok5Dw9CkBqs3D
4fs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org