Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UZGd3SnyaqHPleN_lcOSzr22clY.roa
File: UZGd3SnyaqHPleN_lcOSzr22clY.roa (raw, json)
Hash identifier: acs5hk9EdQSqEaiIbghMfGISn5c5sePrt7tpJqD/29c=
Subject key identifier: 51:91:9D:DD:29:F2:6A:A1:CF:95:E3:7F:95:C3:92:CE:BD:B6:72:56
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D7BFD9FAFB988FA9215A212F22235776C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UZGd3SnyaqHPleN_lcOSzr22clY.roa
Signing time: Tue 06 Feb 2024 01:17:15 +0000
ROA not before: Tue 06 Feb 2024 01:17:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7b:fd:9f:af:b9:88:fa:92:15:a2:12:f2:22:35:77:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 6 01:17:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51919ddd29f26aa1cf95e37f95c392cebdb67256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dd:be:0d:e5:a0:b7:a7:04:5b:83:62:aa:51:
94:e2:09:55:22:c2:64:ff:6c:aa:1a:e1:c0:1d:4b:
50:23:55:91:f7:79:74:40:09:12:dc:b4:ad:58:6c:
73:9c:f0:e4:09:7d:1b:5e:5f:48:c3:2b:13:e4:e2:
9f:ac:47:67:2d:fc:e7:03:59:d7:74:90:8f:bf:5f:
92:8c:b7:74:66:7d:92:65:7d:52:9a:e8:1b:08:93:
d6:0a:cc:73:2b:1c:83:72:f5:70:92:7c:fe:9c:7b:
aa:34:71:d1:b3:12:29:7f:45:b7:75:d0:8c:97:fe:
a9:d7:46:43:82:b7:0d:ed:d9:af:8a:05:26:3e:86:
2a:23:91:a9:12:69:09:d9:3a:6c:b5:9d:e0:ed:9c:
13:fb:f3:de:6d:f6:b0:8d:ed:70:07:69:35:ec:bd:
b2:89:31:78:94:88:b9:98:86:ff:5b:65:29:97:78:
e5:8e:7c:da:18:9e:f9:9e:10:9d:48:ad:10:a2:29:
1a:83:1f:1f:85:7e:35:df:bf:82:e5:fc:e8:ff:84:
44:a9:3b:97:dd:d3:e9:42:df:d4:15:31:68:58:7a:
5c:9e:93:d3:80:ae:9d:e0:8f:b6:b5:f8:58:64:5f:
95:c1:88:e4:d7:d3:1f:39:d3:f9:d3:61:df:dd:43:
ea:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:91:9D:DD:29:F2:6A:A1:CF:95:E3:7F:95:C3:92:CE:BD:B6:72:56
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UZGd3SnyaqHPleN_lcOSzr22clY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:c2:21:ee:cc:bf:a2:9a:af:a6:92:be:00:50:2d:eb:04:d6:
4a:b9:b0:34:35:57:90:37:15:37:bb:79:54:a6:14:d0:fb:e2:
ac:dc:da:6e:2e:de:03:98:ee:b4:b5:c9:a3:9d:ae:a6:83:6b:
c3:05:93:5b:cc:bf:33:c9:e5:fb:09:37:bd:c1:0f:09:53:60:
04:6b:39:dd:6a:03:17:d4:d8:d5:45:73:ac:5d:47:5e:18:c0:
ac:d2:0b:8e:e4:f9:34:aa:9d:69:ea:db:69:f7:4b:59:49:e2:
04:57:2b:ff:d4:80:c2:d0:d4:40:77:3d:58:9d:73:02:82:01:
bc:a2:d4:16:93:7e:07:10:66:09:60:98:a8:bb:22:72:2c:4f:
3f:d7:20:22:ad:69:e8:8b:7e:dc:01:b5:a7:f4:46:61:c2:7f:
c3:b2:5b:ec:25:e3:15:22:d2:46:1d:d4:b5:fd:72:ea:c0:69:
8f:44:5e:16:0b:7a:b4:22:2a:e8:14:06:81:f0:70:af:60:a0:
84:6c:21:37:d0:52:e3:9a:a8:4d:c1:e6:8b:34:a5:79:14:0d:
b4:d0:4e:41:28:55:38:b6:70:e2:a4:b6:c8:7e:fb:ed:eb:a6:
04:a9:cf:29:73:dc:35:b7:73:73:85:2d:a9:b7:03:c0:c2:b8:
f3:00:be:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY17/Z+vuYj6khWiEvIiNXdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA2MDExNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTkxOWRkZDI5ZjI2YWExY2Y5NWUzN2Y5NWMzOTJjZWJkYjY3MjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld2+DeWgt6cEW4NiqlGU4glVIsJk
/2yqGuHAHUtQI1WR93l0QAkS3LStWGxznPDkCX0bXl9IwysT5OKfrEdnLfznA1nX
dJCPv1+SjLd0Zn2SZX1SmugbCJPWCsxzKxyDcvVwknz+nHuqNHHRsxIpf0W3ddCM
l/6p10ZDgrcN7dmvigUmPoYqI5GpEmkJ2TpstZ3g7ZwT+/Pebfawje1wB2k17L2y
iTF4lIi5mIb/W2Upl3jljnzaGJ75nhCdSK0Qoikagx8fhX4137+C5fzo/4REqTuX
3dPpQt/UFTFoWHpcnpPTgK6d4I+2tfhYZF+VwYjk19MfOdP502Hf3UPqVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFGRnd0p8mqhz5Xjf5XDks69tnJWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVVpHZDNTbnlhcUhQbGVOX2xjT1N6cjIyY2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAnCIe7Mv6Kar6aSvgBQ
LesE1kq5sDQ1V5A3FTe7eVSmFND74qzc2m4u3gOY7rS1yaOdrqaDa8MFk1vMvzPJ
5fsJN73BDwlTYARrOd1qAxfU2NVFc6xdR14YwKzSC47k+TSqnWnq22n3S1lJ4gRX
K//UgMLQ1EB3PVidcwKCAbyi1BaTfgcQZglgmKi7InIsTz/XICKtaeiLftwBtaf0
RmHCf8OyW+wl4xUi0kYd1LX9curAaY9EXhYLerQiKugUBoHwcK9goIRsITfQUuOa
qE3B5os0pXkUDbTQTkEoVTi2cOKktsh+++3rpgSpzylz3DW3c3OFLam3A8DCuPMA
vqI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org