Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UZfmurGyI2TqJQngDfkhfcAhFuk.roa
File: UZfmurGyI2TqJQngDfkhfcAhFuk.roa (raw, json)
Hash identifier: kliZMG92vLX6hVS1CzkOUPX+IqDzVbfyYKobfNrFxuw=
Subject key identifier: 51:97:E6:BA:B1:B2:23:64:EA:25:09:E0:0D:F9:21:7D:C0:21:16:E9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DACE4A4209067D465024AB9894B99C4F7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UZfmurGyI2TqJQngDfkhfcAhFuk.roa
Signing time: Thu 15 Feb 2024 13:11:21 +0000
ROA not before: Thu 15 Feb 2024 13:11:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:e4:a4:20:90:67:d4:65:02:4a:b9:89:4b:99:c4:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 15 13:11:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5197e6bab1b22364ea2509e00df9217dc02116e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a5:52:ca:f7:c3:ed:73:f1:bd:cf:e0:62:4c:
a3:5d:7b:17:b3:b9:91:7d:f5:89:5b:a6:88:65:73:
c3:d0:c3:14:bb:e9:1a:ba:13:b9:42:49:2b:5b:f6:
73:93:e8:db:43:da:6b:8a:97:13:2c:c7:e8:85:92:
f9:ea:08:1f:88:43:9e:f3:6f:ad:e4:1e:e3:5d:e9:
0b:5e:ee:bf:51:7b:06:8d:d4:2a:88:6d:ce:75:bf:
90:5b:2e:13:86:13:16:99:c2:9c:18:a7:78:bf:e5:
89:4d:8d:1b:0a:e1:00:95:9c:81:0e:8c:f4:96:9f:
0d:40:0d:88:98:ae:3c:a5:38:d8:ac:5b:0c:17:56:
a9:09:5a:cf:43:62:32:31:b4:ac:eb:2b:57:8c:88:
ec:eb:90:55:be:cf:64:3c:af:c5:9d:bc:13:aa:aa:
3f:cc:49:e3:39:5c:54:fd:af:59:34:40:30:db:63:
d4:d1:43:cd:79:cb:48:37:5f:00:25:03:1f:bd:fb:
34:db:80:91:5d:ad:cf:1a:70:54:cc:d3:bc:6d:48:
e6:6b:07:89:a5:dc:a4:74:31:62:1f:cf:b4:56:a9:
48:5e:36:13:d6:86:8a:00:c0:71:f9:d7:fc:10:6a:
a6:ad:5f:c5:d9:94:ea:0a:c4:12:63:6d:68:5a:57:
f7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:97:E6:BA:B1:B2:23:64:EA:25:09:E0:0D:F9:21:7D:C0:21:16:E9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UZfmurGyI2TqJQngDfkhfcAhFuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:0f:00:87:a9:2f:cb:15:f0:62:dc:1d:ca:a3:72:d6:6e:e4:
2c:cb:c7:8e:1c:e7:35:3f:4d:5f:16:9a:89:42:fc:7f:3e:9a:
29:c9:b9:1f:40:d9:f2:ea:bf:6d:6a:10:a5:e7:95:49:e9:a7:
f2:a5:43:5f:1e:19:9d:91:c6:60:8d:9a:dc:47:be:19:51:11:
b5:d0:a4:4f:3b:2c:18:e9:d9:bf:1d:28:57:28:52:78:55:15:
bf:65:2e:a7:43:85:b1:b0:c1:2d:56:f0:66:e0:05:1d:50:ed:
56:1c:da:4e:53:08:21:b8:81:27:a9:62:e6:40:79:95:eb:83:
bf:e6:42:af:bd:d9:4f:22:4e:08:4d:2c:8c:69:c8:cb:69:26:
22:78:a9:7e:45:f0:65:a5:36:01:ef:d2:a1:38:17:3c:17:b3:
32:d1:b5:1e:a7:40:8d:78:09:b2:08:33:81:aa:32:4f:23:7b:
3b:8c:8c:31:ff:ee:eb:5b:88:21:46:9d:25:c9:fa:19:49:59:
76:18:7c:88:9a:f6:9c:4c:d3:0f:d9:99:41:7b:fd:ab:58:d0:
1e:cc:22:30:cc:8d:f5:5b:b2:15:d3:f5:bb:f6:e9:d4:8a:91:
07:18:52:83:a8:7b:86:3e:75:b1:ff:6c:c6:ed:74:c1:93:6d:
ae:74:12:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2s5KQgkGfUZQJKuYlLmcT3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE1MTMxMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTk3ZTZiYWIxYjIyMzY0ZWEyNTA5ZTAwZGY5MjE3ZGMwMjExNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKVSyvfD7XPxvc/gYkyjXXsXs7mR
ffWJW6aIZXPD0MMUu+kauhO5QkkrW/Zzk+jbQ9pripcTLMfohZL56ggfiEOe82+t
5B7jXekLXu6/UXsGjdQqiG3Odb+QWy4ThhMWmcKcGKd4v+WJTY0bCuEAlZyBDoz0
lp8NQA2ImK48pTjYrFsMF1apCVrPQ2IyMbSs6ytXjIjs65BVvs9kPK/FnbwTqqo/
zEnjOVxU/a9ZNEAw22PU0UPNectIN18AJQMfvfs024CRXa3PGnBUzNO8bUjmaweJ
pdykdDFiH8+0VqlIXjYT1oaKAMBx+df8EGqmrV/F2ZTqCsQSY21oWlf3HwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFGX5rqxsiNk6iUJ4A35IX3AIRbpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVVpmbXVyR3lJMlRxSlFuZ0Rma2hmY0FoRnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABoPAIepL8sV8GLcHcqj
ctZu5CzLx44c5zU/TV8WmolC/H8+minJuR9A2fLqv21qEKXnlUnpp/KlQ18eGZ2R
xmCNmtxHvhlREbXQpE87LBjp2b8dKFcoUnhVFb9lLqdDhbGwwS1W8GbgBR1Q7VYc
2k5TCCG4gSepYuZAeZXrg7/mQq+92U8iTghNLIxpyMtpJiJ4qX5F8GWlNgHv0qE4
FzwXszLRtR6nQI14CbIIM4GqMk8jezuMjDH/7utbiCFGnSXJ+hlJWXYYfIia9pxM
0w/ZmUF7/atY0B7MIjDMjfVbshXT9bv26dSKkQcYUoOoe4Y+dbH/bMbtdMGTba50
EjE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org