Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TkaPffTg821zlxJ9GJIntU0Hasc.roa
File: TkaPffTg821zlxJ9GJIntU0Hasc.roa (raw, json)
Hash identifier: CdLhof2fq85SiyDODeCLtKRqpSjpl6xL/8TpFX53nK0=
Subject key identifier: 4E:46:8F:7D:F4:E0:F3:6D:73:97:12:7D:18:92:27:B5:4D:07:6A:C7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D6B76123BD87F828DCD5BF91C9651128E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TkaPffTg821zlxJ9GJIntU0Hasc.roa
Signing time: Fri 02 Feb 2024 20:15:16 +0000
ROA not before: Fri 02 Feb 2024 20:15:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6b:76:12:3b:d8:7f:82:8d:cd:5b:f9:1c:96:51:12:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 2 20:15:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e468f7df4e0f36d7397127d189227b54d076ac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:13:7f:ec:82:9e:37:ca:7a:5c:ad:1c:18:68:
1e:91:90:93:45:08:0f:38:61:aa:52:02:87:5f:9d:
43:97:8b:28:ef:25:85:4e:9c:ca:7d:3f:54:fd:88:
41:7a:3c:d8:78:8d:30:96:3c:aa:77:10:d1:69:a2:
e3:dc:0e:d0:23:ca:84:83:6a:77:41:c9:68:c2:d2:
d3:36:2e:c9:35:52:3f:2d:1f:2d:5b:fc:a2:48:70:
54:9a:cf:5f:22:21:e9:33:8c:69:3b:21:cd:b1:2c:
2f:d5:f9:6d:c1:67:15:eb:2b:8b:4c:60:c6:50:5d:
22:cf:40:e3:ea:15:d6:02:7f:8c:12:e2:4b:53:e7:
4a:41:c5:96:57:69:c9:7a:cd:b3:d3:27:bd:6e:a9:
71:2d:16:0e:72:e8:69:34:46:0f:c9:93:b3:01:51:
3c:aa:39:05:c0:32:f4:8f:69:9e:f3:ee:30:e3:4a:
93:e8:01:cc:77:12:15:55:0e:df:96:ee:56:0d:3a:
37:91:0f:a2:9a:59:65:88:f0:76:e0:21:6c:b2:9a:
a3:c3:10:21:1f:b4:4f:69:1a:7c:98:88:d0:2a:75:
23:e5:d2:e3:20:b1:aa:ab:ae:db:50:fb:2d:52:fe:
e0:0a:f2:f2:e3:2a:42:23:06:64:84:58:de:61:be:
58:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:46:8F:7D:F4:E0:F3:6D:73:97:12:7D:18:92:27:B5:4D:07:6A:C7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TkaPffTg821zlxJ9GJIntU0Hasc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:73:55:76:65:07:60:63:da:4a:93:c6:8e:70:d7:8d:07:95:
b8:ff:29:c9:43:32:21:12:2f:2b:82:70:4b:0e:e2:c2:2a:a4:
ef:f9:0f:56:f4:eb:f0:e6:25:e3:e0:49:c0:98:8e:06:69:86:
94:43:0d:ed:8f:3d:64:40:cd:f8:3c:d6:4c:48:7c:bc:3d:5a:
22:93:e6:fa:d4:0a:d4:5e:d6:eb:f5:ba:78:ba:46:db:be:60:
ab:76:6b:ce:75:ec:67:43:24:7e:fc:3a:27:61:3f:9e:e2:6b:
5b:56:2f:a2:5b:cd:93:64:3c:fe:93:41:54:1c:9f:fc:83:0e:
25:12:40:d8:13:5e:70:dd:a9:46:7e:33:78:4f:d5:22:01:cb:
09:a2:bc:46:f5:48:c8:bc:3b:ae:dd:8b:3a:2d:2f:b1:45:73:
f0:fc:65:f4:32:6f:80:6e:4b:95:82:25:bd:78:d5:b4:40:05:
2d:10:68:60:32:30:32:bd:48:08:aa:4a:44:3f:12:05:4b:45:
2a:25:69:ae:94:7e:74:64:1e:d6:b1:cd:27:db:ef:8e:bb:a4:
af:02:d5:f7:d0:a7:26:3e:f7:b2:c5:5d:a0:a4:b1:ec:13:de:
f8:07:92:3b:ba:7f:a3:20:38:36:5b:e4:eb:51:8b:93:f6:27:
6a:64:c2:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1rdhI72H+Cjc1b+RyWURKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAyMjAxNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTQ2OGY3ZGY0ZTBmMzZkNzM5NzEyN2QxODkyMjdiNTRkMDc2YWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxN/7IKeN8p6XK0cGGgekZCTRQgP
OGGqUgKHX51Dl4so7yWFTpzKfT9U/YhBejzYeI0wljyqdxDRaaLj3A7QI8qEg2p3
QclowtLTNi7JNVI/LR8tW/yiSHBUms9fIiHpM4xpOyHNsSwv1fltwWcV6yuLTGDG
UF0iz0Dj6hXWAn+MEuJLU+dKQcWWV2nJes2z0ye9bqlxLRYOcuhpNEYPyZOzAVE8
qjkFwDL0j2me8+4w40qT6AHMdxIVVQ7flu5WDTo3kQ+imllliPB24CFsspqjwxAh
H7RPaRp8mIjQKnUj5dLjILGqq67bUPstUv7gCvLy4ypCIwZkhFjeYb5YCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE5Gj3304PNtc5cSfRiSJ7VNB2rHMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVGthUGZmVGc4MjF6bHhKOUdKSW50VTBIYXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI5zVXZlB2Bj2kqTxo5w
140Hlbj/KclDMiESLyuCcEsO4sIqpO/5D1b06/DmJePgScCYjgZphpRDDe2PPWRA
zfg81kxIfLw9WiKT5vrUCtRe1uv1uni6Rtu+YKt2a8517GdDJH78OidhP57ia1tW
L6JbzZNkPP6TQVQcn/yDDiUSQNgTXnDdqUZ+M3hP1SIBywmivEb1SMi8O67dizot
L7FFc/D8ZfQyb4BuS5WCJb141bRABS0QaGAyMDK9SAiqSkQ/EgVLRSolaa6UfnRk
HtaxzSfb7467pK8C1ffQpyY+97LFXaCksewT3vgHkju6f6MgODZb5OtRi5P2J2pk
wp0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org