Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Rh4BKUpbwz41mNPK2-w_qqKCYWo.roa
File: Rh4BKUpbwz41mNPK2-w_qqKCYWo.roa (raw, json)
Hash identifier: U+8uhnc5C3HFllEZ1VRpWh6kmryYhZf/nOckRnmwYLc=
Subject key identifier: 46:1E:01:29:4A:5B:C3:3E:35:98:D3:CA:DB:EC:3F:AA:A2:82:61:6A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD12CE1178390C81C672BA2806BF4A506
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Rh4BKUpbwz41mNPK2-w_qqKCYWo.roa
Signing time: Wed 03 Jan 2024 21:13:48 +0000
ROA not before: Wed 03 Jan 2024 21:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d1:2c:e1:17:83:90:c8:1c:67:2b:a2:80:6b:f4:a5:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 21:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=461e01294a5bc33e3598d3cadbec3faaa282616a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e3:17:6c:33:11:47:92:b4:dd:54:b5:fc:52:
ff:10:db:3f:b4:90:ac:de:ae:0b:9c:b4:e9:d1:a6:
34:70:08:aa:be:e9:35:2b:9f:fb:18:9c:f3:03:d8:
56:bd:93:df:c8:99:97:ee:50:9d:fb:18:df:d9:7f:
15:06:79:0f:72:31:e1:80:f8:4f:d7:29:fe:5d:b2:
9b:8e:2b:cf:c0:44:e0:32:ea:a4:f4:2a:0d:c6:e9:
0b:c6:56:f5:76:66:0c:bf:5d:9d:08:2e:18:e8:4c:
e9:eb:1c:fc:54:10:28:72:b3:4c:c9:60:13:9c:08:
6d:71:e2:ef:ee:ec:49:b3:17:4e:f7:9d:bd:58:cf:
10:6b:11:9e:2c:39:e7:be:45:57:5a:28:da:90:55:
00:ac:2a:7c:e6:74:de:58:8c:aa:69:47:51:c0:39:
cf:47:1e:4e:5a:44:f9:a0:a7:00:6e:ff:ab:73:bd:
67:72:9a:95:6a:9a:71:e3:a8:15:de:4e:39:e9:61:
bb:c2:70:9c:87:9e:28:d7:e0:f9:5c:dc:d9:62:27:
a9:85:51:3f:0d:d7:91:d0:5a:2a:0e:ed:97:6a:e0:
1d:c7:8b:91:0d:96:64:11:65:db:2b:00:f2:e2:09:
8b:ef:19:08:10:61:f9:7d:d3:f5:f6:b3:a4:11:45:
02:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:1E:01:29:4A:5B:C3:3E:35:98:D3:CA:DB:EC:3F:AA:A2:82:61:6A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Rh4BKUpbwz41mNPK2-w_qqKCYWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:69:d1:e1:ee:02:f0:32:e4:0d:1d:0a:d3:3a:56:be:6f:a9:
70:ff:f4:c1:a4:c3:06:18:13:fc:90:92:fb:00:bf:3a:7f:f0:
38:67:86:26:b4:a0:ea:a6:ad:3b:c1:a3:44:f6:19:da:50:ac:
71:6b:cb:7b:0a:2a:96:17:77:65:83:0c:b5:df:98:f8:3f:3d:
bd:2f:30:20:40:b5:a5:1e:37:b9:ed:fc:36:76:35:1d:e1:1f:
ec:8e:39:2a:c4:71:4b:22:de:a6:d8:3d:f9:52:11:3b:36:f7:
d2:0d:41:fc:38:f8:70:cc:b2:c7:2e:22:4a:79:d3:04:e0:17:
cd:6a:a2:dd:c7:9c:14:b5:9e:1f:57:d0:ae:85:2e:d9:1d:18:
3d:42:71:26:ca:91:67:a2:85:7c:f1:c4:05:45:e3:55:e0:09:
98:b6:67:0d:2b:8e:49:e8:e4:bc:7b:90:74:8c:83:c2:28:d3:
04:c8:72:21:06:5f:be:c4:f0:29:82:99:0a:0a:53:bd:d9:f1:
4f:e6:ae:f2:f6:19:e4:a2:fb:e8:06:f4:74:4a:d5:e7:ca:0e:
5c:36:1f:f1:03:6f:a8:c8:e9:54:b5:f3:88:5c:6b:9c:ae:5f:
81:d1:cc:e0:57:cb:f1:87:45:3a:69:5f:0d:62:99:25:7d:b7:
e1:34:50:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzRLOEXg5DIHGcrooBr9KUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMjExMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjFlMDEyOTRhNWJjMzNlMzU5OGQzY2FkYmVjM2ZhYWEyODI2MTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeMXbDMRR5K03VS1/FL/ENs/tJCs
3q4LnLTp0aY0cAiqvuk1K5/7GJzzA9hWvZPfyJmX7lCd+xjf2X8VBnkPcjHhgPhP
1yn+XbKbjivPwETgMuqk9CoNxukLxlb1dmYMv12dCC4Y6Ezp6xz8VBAocrNMyWAT
nAhtceLv7uxJsxdO9529WM8QaxGeLDnnvkVXWijakFUArCp85nTeWIyqaUdRwDnP
Rx5OWkT5oKcAbv+rc71ncpqVappx46gV3k456WG7wnCch54o1+D5XNzZYiephVE/
DdeR0FoqDu2XauAdx4uRDZZkEWXbKwDy4gmL7xkIEGH5fdP19rOkEUUCRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEYeASlKW8M+NZjTytvsP6qigmFqMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUmg0QktVcGJ3ejQxbU5QSzItd19xcUtDWVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAItp0eHuAvAy5A0dCtM6
Vr5vqXD/9MGkwwYYE/yQkvsAvzp/8Dhnhia0oOqmrTvBo0T2GdpQrHFry3sKKpYX
d2WDDLXfmPg/Pb0vMCBAtaUeN7nt/DZ2NR3hH+yOOSrEcUsi3qbYPflSETs299IN
Qfw4+HDMsscuIkp50wTgF81qot3HnBS1nh9X0K6FLtkdGD1CcSbKkWeihXzxxAVF
41XgCZi2Zw0rjkno5Lx7kHSMg8Io0wTIciEGX77E8CmCmQoKU73Z8U/mrvL2GeSi
++gG9HRK1efKDlw2H/EDb6jI6VS184hca5yuX4HRzOBXy/GHRTppXw1imSV9t+E0
UOM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org