Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PMthvTFZYWM89v7OHoTb1aidv6Y.roa
File: PMthvTFZYWM89v7OHoTb1aidv6Y.roa (raw, json)
Hash identifier: X8THbP2jOb7qwuBdAja7x/IK1x2s5kPj+aZH9g8emkY=
Subject key identifier: 3C:CB:61:BD:31:59:61:63:3C:F6:FE:CE:1E:84:DB:D5:A8:9D:BF:A6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9C928A0FEE409C0F13ECA893710F973C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PMthvTFZYWM89v7OHoTb1aidv6Y.roa
Signing time: Sun 24 Dec 2023 16:04:58 +0000
ROA not before: Sun 24 Dec 2023 16:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:9c91:cb03/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9c:92:8a:0f:ee:40:9c:0f:13:ec:a8:93:71:0f:97:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 24 16:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ccb61bd315961633cf6fece1e84dbd5a89dbfa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5a:b5:da:0f:6d:8a:b9:d1:3f:e0:68:3d:8f:
3f:68:e1:a1:7a:a3:21:05:2b:b5:2e:62:6a:3a:f0:
ed:fb:8e:2f:98:e5:cd:30:4f:4f:04:7d:25:46:31:
12:7a:65:fb:48:be:b1:5a:ab:26:81:59:5b:5a:81:
9c:ab:6d:3c:a8:26:b5:d1:38:0c:b7:10:f1:3b:5b:
ef:5e:4a:27:20:dc:b7:d2:bb:36:d0:9e:30:bd:8b:
fb:83:63:a3:89:f6:04:0e:33:93:72:b0:a7:9c:36:
21:d3:06:5e:d0:45:a3:dc:e4:66:8e:ce:cb:82:61:
0c:db:ee:74:11:c5:76:8b:bc:c1:cd:ee:23:6a:fb:
0f:da:cd:54:a0:f0:b2:f0:4c:b5:55:32:1f:3e:e6:
0f:7c:b4:aa:8d:5a:a8:b1:ea:dc:fb:27:61:f0:eb:
5a:36:e5:51:48:04:f2:2d:36:bb:ca:8c:74:a3:89:
42:4a:5e:4a:a1:ed:85:1f:89:b7:40:73:41:2a:6f:
50:2f:27:03:db:91:91:bc:e4:fc:52:df:c1:fa:bd:
6b:bc:20:62:49:fa:b8:99:bd:de:e9:21:93:85:5b:
e0:b4:df:57:65:55:52:88:d7:83:5c:e3:73:a4:05:
3f:7e:2b:70:7d:ff:47:e0:38:91:e1:c7:91:37:2f:
fd:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CB:61:BD:31:59:61:63:3C:F6:FE:CE:1E:84:DB:D5:A8:9D:BF:A6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PMthvTFZYWM89v7OHoTb1aidv6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:ef:1e:cb:cd:9d:94:ff:28:30:f2:7c:36:5e:ee:2f:d9:f1:
92:aa:a9:36:de:89:d9:42:6a:89:4a:ad:7f:d4:23:24:88:6a:
29:dd:2b:77:6d:35:8e:4b:95:e6:f0:9b:25:01:09:c9:af:0a:
16:d4:51:ac:32:8a:fd:7e:9a:b3:ff:b0:1d:42:26:9f:e8:70:
f5:2b:62:49:0c:bd:60:88:06:e0:d2:35:7a:e9:7f:54:a0:76:
59:55:f3:2e:11:fa:23:16:0d:e0:b7:bc:1c:7a:26:91:82:d8:
9c:8f:f8:91:9b:02:ba:f7:6d:e3:0c:d9:8d:f5:fe:c9:4c:91:
1a:98:88:15:8c:e0:cf:98:da:8b:83:11:1b:92:93:34:3f:64:
fc:c7:48:9b:81:17:71:c5:1f:05:46:92:82:0b:e5:23:8c:0f:
54:dc:62:fd:d0:63:a4:bd:95:69:cd:f9:af:0a:e8:cf:21:50:
1d:58:a3:5a:e2:df:76:fa:02:51:df:9b:d5:99:9f:83:ab:e0:
a8:69:e4:ac:dd:ab:ca:a4:7e:18:43:c6:03:ed:30:0b:15:64:
d6:f7:a1:dc:98:98:e9:9f:b8:db:81:4a:87:6b:1a:bd:35:b3:
e2:91:53:32:0f:44:24:18:a2:2a:49:39:a1:51:a5:c7:6c:08:
02:a5:5f:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyckooP7kCcDxPsqJNxD5c8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI0MTYwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2NiNjFiZDMxNTk2MTYzM2NmNmZlY2UxZTg0ZGJkNWE4OWRiZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlq12g9tirnRP+BoPY8/aOGheqMh
BSu1LmJqOvDt+44vmOXNME9PBH0lRjESemX7SL6xWqsmgVlbWoGcq208qCa10TgM
txDxO1vvXkonINy30rs20J4wvYv7g2OjifYEDjOTcrCnnDYh0wZe0EWj3ORmjs7L
gmEM2+50EcV2i7zBze4javsP2s1UoPCy8Ey1VTIfPuYPfLSqjVqoserc+ydh8Ota
NuVRSATyLTa7yox0o4lCSl5Koe2FH4m3QHNBKm9QLycD25GRvOT8Ut/B+r1rvCBi
Sfq4mb3e6SGThVvgtN9XZVVSiNeDXONzpAU/fitwff9H4DiR4ceRNy/9VQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDzLYb0xWWFjPPb+zh6E29Wonb+mMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUE10aHZURlpZV004OXY3T0hvVGIxYWlkdjZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHLvHsvNnZT/KDDyfDZe
7i/Z8ZKqqTbeidlCaolKrX/UIySIaindK3dtNY5LlebwmyUBCcmvChbUUawyiv1+
mrP/sB1CJp/ocPUrYkkMvWCIBuDSNXrpf1SgdllV8y4R+iMWDeC3vBx6JpGC2JyP
+JGbArr3beMM2Y31/slMkRqYiBWM4M+Y2ouDERuSkzQ/ZPzHSJuBF3HFHwVGkoIL
5SOMD1TcYv3QY6S9lWnN+a8K6M8hUB1Yo1ri33b6AlHfm9WZn4Or4Khp5Kzdq8qk
fhhDxgPtMAsVZNb3odyYmOmfuNuBSodrGr01s+KRUzIPRCQYoipJOaFRpcdsCAKl
X8Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org