Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Onp0WaI5BKPgACRodFrsSXzZZfE.roa
File: Onp0WaI5BKPgACRodFrsSXzZZfE.roa (raw, json)
Hash identifier: 8ZN4fZGGHtDDQ8jF8M1gmu7bWG39V6xTclUYdezvg+g=
Subject key identifier: 3A:7A:74:59:A2:39:04:A3:E0:00:24:68:74:5A:EC:49:7C:D9:65:F1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF75CC3390627F0A9A509F549FC627730
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Onp0WaI5BKPgACRodFrsSXzZZfE.roa
Signing time: Thu 11 Jan 2024 07:11:40 +0000
ROA not before: Thu 11 Jan 2024 07:11:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f7:5c:c3:39:06:27:f0:a9:a5:09:f5:49:fc:62:77:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 11 07:11:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a7a7459a23904a3e0002468745aec497cd965f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:04:ee:b8:75:23:7f:68:46:f6:56:22:97:8c:
b7:b5:cd:5b:13:fe:4d:3d:8d:d6:e3:16:20:9d:7c:
32:c2:fc:19:3d:2d:0f:0a:c3:09:8c:02:4a:4c:b3:
9f:cf:1a:a7:19:0b:9a:34:b0:ec:15:56:7d:0e:c7:
51:0c:7f:58:d1:22:37:69:81:1b:ad:83:11:78:d4:
a8:3e:e1:a4:3a:22:27:9c:6e:f3:c8:81:e6:16:35:
b5:80:a5:94:56:17:a6:c9:fa:bd:2d:f0:aa:78:e6:
c9:c0:c8:c9:1d:a3:ef:db:a2:57:e6:cc:67:43:08:
13:4c:5e:8e:fa:d3:1e:aa:20:6d:b0:2a:ec:08:a9:
99:fa:0f:55:6d:8a:b6:59:46:37:0e:2e:9c:10:b6:
62:50:bc:a3:54:29:07:e5:29:95:e6:8e:b8:bd:82:
05:fb:86:dc:17:76:75:95:fd:5a:17:74:a8:a2:5d:
89:23:ee:c3:e4:80:77:2a:dd:3b:8f:35:45:7d:a0:
e8:bc:e0:73:74:77:af:93:aa:ee:55:d0:eb:6c:de:
8b:81:2c:d0:46:a5:65:92:92:20:0d:1a:4f:02:fb:
82:c8:a2:4c:93:6d:4c:9e:d0:48:f1:2e:1d:1c:70:
16:ff:2a:37:37:55:b5:64:b7:62:a0:aa:ec:09:44:
7e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7A:74:59:A2:39:04:A3:E0:00:24:68:74:5A:EC:49:7C:D9:65:F1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Onp0WaI5BKPgACRodFrsSXzZZfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:51:23:c7:88:ea:b6:86:23:a2:77:56:f6:9b:87:63:f6:2a:
9f:f5:46:60:09:3d:d8:12:8c:98:37:0e:cd:13:ab:99:ff:dc:
22:b4:d4:80:24:47:e3:6a:eb:33:67:50:e8:da:a8:40:61:d2:
0b:9d:c1:b8:57:b3:13:04:e1:7d:27:7f:dd:8c:87:0a:22:6f:
9e:b8:9e:67:94:84:36:a4:a5:49:de:3c:32:25:22:fe:b1:82:
df:3a:ae:37:59:a5:9e:3a:a5:52:d0:b6:11:35:18:f9:8f:40:
63:12:4d:d2:b0:89:ec:9d:0b:27:80:8e:d0:5e:77:1f:1c:c6:
14:13:3c:7c:0d:37:ac:71:38:23:b2:38:c8:21:bc:98:39:27:
80:2e:7d:7f:40:49:2f:26:f7:86:5b:2a:11:9a:72:81:d2:80:
91:fb:ee:a7:46:65:0d:60:4a:36:fe:b0:83:5d:60:32:3d:39:
f7:8d:d8:32:b6:1a:27:74:ae:63:73:3c:46:d2:ae:0a:94:27:
74:dc:c9:22:0c:b0:a1:be:79:6b:ce:ae:9b:66:1a:11:6c:07:
65:17:7d:0d:47:a1:06:bc:4d:d6:f7:4c:6d:a0:35:91:a9:45:
00:ef:9d:84:38:1a:f4:d5:2b:67:b7:c6:e0:86:41:a3:92:68:
bb:f3:82:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz3XMM5BifwqaUJ9Un8YncwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTExMDcxMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTdhNzQ1OWEyMzkwNGEzZTAwMDI0Njg3NDVhZWM0OTdjZDk2NWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmATuuHUjf2hG9lYil4y3tc1bE/5N
PY3W4xYgnXwywvwZPS0PCsMJjAJKTLOfzxqnGQuaNLDsFVZ9DsdRDH9Y0SI3aYEb
rYMReNSoPuGkOiInnG7zyIHmFjW1gKWUVhemyfq9LfCqeObJwMjJHaPv26JX5sxn
QwgTTF6O+tMeqiBtsCrsCKmZ+g9VbYq2WUY3Di6cELZiULyjVCkH5SmV5o64vYIF
+4bcF3Z1lf1aF3Sool2JI+7D5IB3Kt07jzVFfaDovOBzdHevk6ruVdDrbN6LgSzQ
RqVlkpIgDRpPAvuCyKJMk21MntBI8S4dHHAW/yo3N1W1ZLdioKrsCUR+FwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDp6dFmiOQSj4AAkaHRa7El82WXxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvT25wMFdhSTVCS1BnQUNSb2RGcnNTWHpaWmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGRRI8eI6raGI6J3Vvab
h2P2Kp/1RmAJPdgSjJg3Ds0Tq5n/3CK01IAkR+Nq6zNnUOjaqEBh0gudwbhXsxME
4X0nf92Mhwoib564nmeUhDakpUnePDIlIv6xgt86rjdZpZ46pVLQthE1GPmPQGMS
TdKwieydCyeAjtBedx8cxhQTPHwNN6xxOCOyOMghvJg5J4AufX9ASS8m94ZbKhGa
coHSgJH77qdGZQ1gSjb+sINdYDI9OfeN2DK2Gid0rmNzPEbSrgqUJ3TcySIMsKG+
eWvOrptmGhFsB2UXfQ1HoQa8Tdb3TG2gNZGpRQDvnYQ4GvTVK2e3xuCGQaOSaLvz
gtk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org