Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Td-a40nOQmDt2dSOZmMqdPbJGxY.roa
File: Td-a40nOQmDt2dSOZmMqdPbJGxY.roa (raw, json)
Hash identifier: BqX8c+CxuTiCauWtxOLgPOVuYzYFsoERVMlCUaFPhb0=
Subject key identifier: 4D:DF:9A:E3:49:CE:42:60:ED:D9:D4:8E:66:63:2A:74:F6:C9:1B:16
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D0A7B2C20F89EFB6C448EAB8F526600CF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Td-a40nOQmDt2dSOZmMqdPbJGxY.roa
Signing time: Mon 15 Jan 2024 00:17:40 +0000
ROA not before: Mon 15 Jan 2024 00:17:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0a:7b:2c:20:f8:9e:fb:6c:44:8e:ab:8f:52:66:00:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 15 00:17:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ddf9ae349ce4260edd9d48e66632a74f6c91b16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:29:17:db:fd:8f:12:5c:80:ee:95:a3:04:58:
02:08:42:8e:f2:05:26:5c:3c:ba:5d:36:38:69:f9:
13:26:fe:69:f1:9d:2f:b7:39:37:70:7d:0a:32:19:
72:d8:10:ab:82:63:38:e6:e7:0d:76:a4:85:12:d2:
a4:fb:10:27:d8:e5:d9:a2:6f:a0:e5:a6:7a:f2:ad:
a2:0b:2c:8a:ff:5c:86:e7:dc:e5:90:8a:94:df:25:
b5:a9:23:2b:7b:49:30:c3:cf:11:86:1e:64:42:84:
39:64:26:97:a3:0d:11:68:a9:97:f1:19:b0:bd:74:
d9:99:ec:9a:8b:c7:ef:b4:0a:b5:9a:a3:1f:b8:2e:
1c:dd:a4:3c:c1:2c:68:b7:a7:2b:6d:26:20:e7:69:
66:33:3d:84:18:fb:44:f8:c7:de:9e:2d:b3:3a:aa:
e4:33:63:8e:4d:30:27:2d:03:10:7d:2b:68:85:31:
9d:1c:98:cf:1c:4c:79:8b:d8:5a:53:12:3f:53:8b:
84:d3:c1:5f:3a:e8:4c:a6:6f:e6:82:fa:39:82:30:
18:55:25:58:02:a9:5a:1a:54:f9:a0:d0:94:b8:af:
13:9d:33:95:2c:e8:7d:1f:77:f3:2d:42:1a:e1:51:
37:42:cf:ca:cb:d4:c3:37:27:d3:30:85:01:ac:98:
07:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DF:9A:E3:49:CE:42:60:ED:D9:D4:8E:66:63:2A:74:F6:C9:1B:16
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Td-a40nOQmDt2dSOZmMqdPbJGxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:f2:e7:10:f5:f5:62:90:e5:7c:4e:dd:28:fc:66:01:07:c2:
ad:54:34:16:d9:5d:84:fb:25:09:c2:b5:64:55:64:4b:90:67:
67:a7:8a:62:7d:c6:92:87:77:2a:0f:ad:40:a0:aa:d6:53:37:
10:2d:dd:3a:6c:9f:54:b3:b8:dd:8f:05:e8:77:ed:f2:5b:41:
4a:50:60:6f:31:84:97:c8:9e:5a:94:ed:31:23:f9:53:39:28:
67:ca:24:a7:bd:94:ad:22:75:75:84:fb:36:8b:d2:e2:74:bf:
1a:c2:63:8d:61:48:c8:3d:ce:a6:b4:90:6a:2e:a8:c9:a9:12:
1d:c5:a1:51:83:a6:40:76:a3:35:f2:b0:af:55:ed:9f:9b:80:
b3:af:2d:39:c8:1c:d6:f0:23:fd:df:b9:90:00:b5:c0:5d:93:
74:f5:2f:be:2e:ec:21:23:62:dc:b8:07:b3:9b:aa:fe:79:9c:
62:0d:c0:7a:c1:fa:c9:c3:a3:94:20:8d:f0:f1:59:d6:76:9d:
ff:ed:78:57:3c:13:cb:76:36:d3:cb:5f:fd:13:66:68:f6:5e:
77:c0:f1:c3:3a:7e:38:fe:4b:39:76:3c:4b:d7:d7:65:9d:9f:
8b:b9:17:a3:3f:f6:ec:ca:6d:7e:54:a6:4d:de:a6:ca:40:0b:
7e:b5:a3:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0Keywg+J77bESOq49SZgDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE1MDAxNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRmOWFlMzQ5Y2U0MjYwZWRkOWQ0OGU2NjYzMmE3NGY2YzkxYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgykX2/2PElyA7pWjBFgCCEKO8gUm
XDy6XTY4afkTJv5p8Z0vtzk3cH0KMhly2BCrgmM45ucNdqSFEtKk+xAn2OXZom+g
5aZ68q2iCyyK/1yG59zlkIqU3yW1qSMre0kww88Rhh5kQoQ5ZCaXow0RaKmX8Rmw
vXTZmeyai8fvtAq1mqMfuC4c3aQ8wSxot6crbSYg52lmMz2EGPtE+Mfeni2zOqrk
M2OOTTAnLQMQfStohTGdHJjPHEx5i9haUxI/U4uE08FfOuhMpm/mgvo5gjAYVSVY
AqlaGlT5oNCUuK8TnTOVLOh9H3fzLUIa4VE3Qs/Ky9TDNyfTMIUBrJgHNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE3fmuNJzkJg7dnUjmZjKnT2yRsWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVGQtYTQwbk9RbUR0MmRTT1ptTXFkUGJKR3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKPy5xD19WKQ5XxO3Sj8
ZgEHwq1UNBbZXYT7JQnCtWRVZEuQZ2enimJ9xpKHdyoPrUCgqtZTNxAt3Tpsn1Sz
uN2PBeh37fJbQUpQYG8xhJfInlqU7TEj+VM5KGfKJKe9lK0idXWE+zaL0uJ0vxrC
Y41hSMg9zqa0kGouqMmpEh3FoVGDpkB2ozXysK9V7Z+bgLOvLTnIHNbwI/3fuZAA
tcBdk3T1L74u7CEjYty4B7Obqv55nGINwHrB+snDo5QgjfDxWdZ2nf/teFc8E8t2
NtPLX/0TZmj2XnfA8cM6fjj+Szl2PEvX12Wdn4u5F6M/9uzKbX5Upk3epspAC361
o8Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org