Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Pxa2Ct9xcXTXiL8DEtoATgZm9xY.roa
File: Pxa2Ct9xcXTXiL8DEtoATgZm9xY.roa (raw, json)
Hash identifier: lo+RBJkzyn3R8Olg7SV80nigw9Cb4ekVplTB+96q5HI=
Subject key identifier: 3F:16:B6:0A:DF:71:71:74:D7:88:BF:03:12:DA:00:4E:06:66:F7:16
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DD34FA386AD7411BF3426D40A7067AD6F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Pxa2Ct9xcXTXiL8DEtoATgZm9xY.roa
Signing time: Fri 23 Feb 2024 00:13:48 +0000
ROA not before: Fri 23 Feb 2024 00:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d3:4f:a3:86:ad:74:11:bf:34:26:d4:0a:70:67:ad:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 23 00:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f16b60adf717174d788bf0312da004e0666f716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cc:46:ee:a2:d2:76:19:7e:53:5d:48:b8:74:
90:37:18:9f:8f:30:7b:35:20:aa:1a:76:39:c2:4e:
a3:97:c2:2a:fb:87:bd:98:f1:45:ab:2a:ae:d2:30:
f2:e1:6b:e1:e4:63:b4:f8:e5:72:72:72:4b:b8:b7:
33:c7:8f:44:69:8e:49:82:96:c2:1e:39:84:53:d5:
d8:70:b1:f2:1f:70:7a:f7:62:e7:90:7e:69:23:0d:
73:b9:62:64:e0:8b:90:5d:0d:7e:c6:04:47:3b:a1:
43:17:78:64:7f:2d:e4:d7:79:d1:60:fe:01:87:ef:
31:3b:c8:45:0e:32:a0:2d:5b:ef:7c:65:a5:fc:83:
16:5c:8d:aa:04:c5:f7:c7:3d:58:07:92:25:fd:a8:
ac:1b:21:00:45:64:8f:89:eb:3d:51:5e:1c:6f:75:
3e:ab:96:08:6d:14:31:a1:59:18:27:15:47:63:44:
c6:37:43:16:52:66:14:53:f1:c0:0d:dd:1b:b5:b7:
b2:03:7f:ab:1e:57:96:d1:d5:41:f9:bd:50:25:b1:
9c:e3:2d:19:26:a0:5e:c8:e5:b2:15:6c:c2:3c:42:
ab:36:55:f4:a9:3f:82:f4:5f:30:6c:9f:33:df:d6:
9c:c8:83:0d:f0:c3:6c:ca:e2:d2:3a:2d:4b:0f:76:
38:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:16:B6:0A:DF:71:71:74:D7:88:BF:03:12:DA:00:4E:06:66:F7:16
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Pxa2Ct9xcXTXiL8DEtoATgZm9xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:21:fe:32:d8:62:67:30:7a:18:f0:9a:93:ee:1c:f6:73:e1:
b4:84:84:39:8e:ae:58:52:d7:30:dc:ed:43:67:cc:6c:7c:ef:
87:26:3d:32:26:a3:d0:e6:84:b8:29:6f:81:14:e6:a2:f6:c1:
99:ce:4d:d6:04:05:e5:16:66:05:86:00:d9:7f:c7:e0:82:15:
83:c3:d6:b6:49:e7:03:a9:6c:2b:78:d1:a0:8a:b2:63:3b:48:
ac:ef:9b:f9:27:3b:54:c2:93:04:eb:60:27:3a:bb:9d:d4:51:
e3:36:50:9f:ce:82:f7:d8:10:b0:3f:9c:64:ec:e8:db:dc:1f:
5d:29:2b:2c:d6:33:f6:12:9c:12:e5:89:dc:2e:8d:f8:f1:2d:
4c:0c:19:12:30:b2:aa:98:e1:5c:16:0c:83:02:95:19:e1:99:
85:a7:62:09:15:55:88:50:ef:17:d6:2d:7c:1e:b3:76:57:c7:
fa:46:4f:c4:b4:44:6e:b4:f8:15:ec:0f:f6:80:7f:34:e2:65:
f6:4b:c2:e1:ee:59:62:b3:12:81:d4:f4:53:1b:d6:f5:d6:77:
87:94:c7:d1:ef:96:41:6a:18:cb:67:a3:f6:08:de:60:f2:6a:
72:fc:66:ea:4d:ef:26:52:07:82:8c:53:c0:50:bb:e9:8c:07:
60:6c:28:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3TT6OGrXQRvzQm1ApwZ61vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIzMDAxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjE2YjYwYWRmNzE3MTc0ZDc4OGJmMDMxMmRhMDA0ZTA2NjZmNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8xG7qLSdhl+U11IuHSQNxifjzB7
NSCqGnY5wk6jl8Iq+4e9mPFFqyqu0jDy4Wvh5GO0+OVycnJLuLczx49EaY5JgpbC
HjmEU9XYcLHyH3B692LnkH5pIw1zuWJk4IuQXQ1+xgRHO6FDF3hkfy3k13nRYP4B
h+8xO8hFDjKgLVvvfGWl/IMWXI2qBMX3xz1YB5Il/aisGyEARWSPies9UV4cb3U+
q5YIbRQxoVkYJxVHY0TGN0MWUmYUU/HADd0btbeyA3+rHleW0dVB+b1QJbGc4y0Z
JqBeyOWyFWzCPEKrNlX0qT+C9F8wbJ8z39acyIMN8MNsyuLSOi1LD3Y4UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD8WtgrfcXF014i/AxLaAE4GZvcWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUHhhMkN0OXhjWFRYaUw4REV0b0FUZ1ptOXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAkh/jLYYmcwehjwmpPu
HPZz4bSEhDmOrlhS1zDc7UNnzGx874cmPTImo9DmhLgpb4EU5qL2wZnOTdYEBeUW
ZgWGANl/x+CCFYPD1rZJ5wOpbCt40aCKsmM7SKzvm/knO1TCkwTrYCc6u53UUeM2
UJ/OgvfYELA/nGTs6NvcH10pKyzWM/YSnBLlidwujfjxLUwMGRIwsqqY4VwWDIMC
lRnhmYWnYgkVVYhQ7xfWLXwes3ZXx/pGT8S0RG60+BXsD/aAfzTiZfZLwuHuWWKz
EoHU9FMb1vXWd4eUx9HvlkFqGMtno/YI3mDyanL8ZupN7yZSB4KMU8BQu+mMB2Bs
KKI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org