Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OyWKuwoFxoElWld8Ua83PDKZ_NQ.roa
File: OyWKuwoFxoElWld8Ua83PDKZ_NQ.roa (raw, json)
Hash identifier: owkSP7dwGX8ThEkMHQ2L+JIVE37nY9E7CpNjO9xUkMQ=
Subject key identifier: 3B:25:8A:BB:0A:05:C6:81:25:5A:57:7C:51:AF:37:3C:32:99:FC:D4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D2D3BD1FEE8E50C04E22A80786F0C8086
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OyWKuwoFxoElWld8Ua83PDKZ_NQ.roa
Signing time: Sun 21 Jan 2024 18:15:11 +0000
ROA not before: Sun 21 Jan 2024 18:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:3b:d1:fe:e8:e5:0c:04:e2:2a:80:78:6f:0c:80:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 21 18:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b258abb0a05c681255a577c51af373c3299fcd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:54:1a:25:6f:52:28:0e:68:cd:6b:95:87:81:
36:f7:e9:41:ac:a7:1b:39:78:14:56:8a:cf:b5:1d:
6f:c4:56:fc:9d:07:ef:d4:ed:0e:2c:09:5a:83:2f:
57:7a:e0:73:1a:8b:ae:6b:36:7c:02:3f:0f:9c:cc:
0f:3d:4e:2d:ba:66:d9:f1:7c:7d:5c:98:54:37:69:
d3:45:d8:58:60:b3:5f:62:ca:d5:ab:7a:66:dd:85:
ac:84:a2:32:0a:e5:99:fe:49:be:e4:13:e2:71:ae:
af:f2:d9:48:b6:12:be:6a:55:0c:8b:f1:35:5f:8d:
16:fd:a9:e8:e4:0a:7a:3c:ad:1b:53:43:f7:72:1d:
c2:dd:dc:06:45:c1:48:47:20:a3:e1:f1:79:f3:e9:
38:48:43:99:79:c8:88:d5:8c:f6:93:df:9d:bb:44:
4b:de:44:88:cd:96:d5:ed:9e:3e:30:ee:3d:7d:fb:
b1:ab:32:7d:2e:b9:0d:46:94:da:01:65:34:31:6a:
2d:14:46:61:d9:d1:ca:62:fe:d1:30:29:c3:67:ae:
5b:6b:7f:10:17:cf:dd:04:6d:4b:97:22:99:1a:36:
40:b3:56:b1:f5:18:0b:8b:23:3f:7b:8e:08:2c:90:
fc:86:1a:30:64:10:fc:40:dd:bc:e0:ff:1f:9a:9a:
32:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:25:8A:BB:0A:05:C6:81:25:5A:57:7C:51:AF:37:3C:32:99:FC:D4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OyWKuwoFxoElWld8Ua83PDKZ_NQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:39:6e:f4:ab:11:ab:e6:ac:1a:9f:19:75:52:7f:7e:fa:f0:
7b:fc:6e:dd:89:49:85:d6:40:1f:71:3c:51:b2:bc:c9:3e:5c:
ac:19:3f:0c:62:9f:81:a4:6f:4e:22:e0:0e:c8:37:b8:c6:9f:
91:fe:f6:ea:e6:3e:b8:72:bd:7d:c1:c5:65:0e:72:76:47:0e:
92:b5:67:18:2e:d9:fb:9e:5b:20:bf:2c:f2:8d:77:da:2c:54:
2a:d7:15:03:c4:32:cd:ab:86:9c:47:e3:a4:d7:bd:22:0b:eb:
c5:91:75:eb:f5:3b:d2:77:c8:f8:d3:ec:59:e4:98:15:d0:c5:
9f:d0:e2:32:6e:0c:f3:ff:7b:39:19:68:06:a5:3a:07:29:64:
7d:c9:ff:8b:78:79:36:21:4e:81:00:41:63:44:91:64:8e:73:
f0:07:71:73:0d:fa:57:a6:09:54:f6:40:e7:76:c4:41:d1:3e:
e9:c0:3e:bc:3a:5c:be:59:2f:6e:46:ee:00:1b:c4:9c:1c:76:
6f:35:0d:dc:f5:d1:e8:4d:f4:89:fb:a0:c5:1c:cc:fc:88:74:
61:00:14:1c:80:7a:a3:ca:d0:63:87:e5:a3:f2:52:4c:f6:1f:
af:bb:4a:15:2e:6d:2f:5c:c3:9c:31:c7:b4:e0:25:dc:94:52:
ed:63:59:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0tO9H+6OUMBOIqgHhvDICGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIxMTgxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjI1OGFiYjBhMDVjNjgxMjU1YTU3N2M1MWFmMzczYzMyOTlmY2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFQaJW9SKA5ozWuVh4E29+lBrKcb
OXgUVorPtR1vxFb8nQfv1O0OLAlagy9XeuBzGouuazZ8Aj8PnMwPPU4tumbZ8Xx9
XJhUN2nTRdhYYLNfYsrVq3pm3YWshKIyCuWZ/km+5BPica6v8tlIthK+alUMi/E1
X40W/ano5Ap6PK0bU0P3ch3C3dwGRcFIRyCj4fF58+k4SEOZeciI1Yz2k9+du0RL
3kSIzZbV7Z4+MO49ffuxqzJ9LrkNRpTaAWU0MWotFEZh2dHKYv7RMCnDZ65ba38Q
F8/dBG1LlyKZGjZAs1ax9RgLiyM/e44ILJD8hhowZBD8QN284P8fmpoylQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDslirsKBcaBJVpXfFGvNzwymfzUMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvT3lXS3V3b0Z4b0VsV2xkOFVhODNQREtaX05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHQ5bvSrEavmrBqfGXVS
f3768Hv8bt2JSYXWQB9xPFGyvMk+XKwZPwxin4Gkb04i4A7IN7jGn5H+9urmPrhy
vX3BxWUOcnZHDpK1Zxgu2fueWyC/LPKNd9osVCrXFQPEMs2rhpxH46TXvSIL68WR
dev1O9J3yPjT7FnkmBXQxZ/Q4jJuDPP/ezkZaAalOgcpZH3J/4t4eTYhToEAQWNE
kWSOc/AHcXMN+lemCVT2QOd2xEHRPunAPrw6XL5ZL25G7gAbxJwcdm81Ddz10ehN
9In7oMUczPyIdGEAFByAeqPK0GOH5aPyUkz2H6+7ShUubS9cw5wxx7TgJdyUUu1j
WT8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org