Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Uj5CWQSI-Lbs-TrTkZ-6iVHjHkY.roa
File: Uj5CWQSI-Lbs-TrTkZ-6iVHjHkY.roa (raw, json)
Hash identifier: K+b656oX7Qz6gY69nsoWexrrg9gJdhrkAHlB16qcUxw=
Subject key identifier: 52:3E:42:59:04:88:F8:B6:EC:F9:3A:D3:91:9F:BA:89:51:E3:1E:46
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D427923315256C03225458B425AC26676
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Uj5CWQSI-Lbs-TrTkZ-6iVHjHkY.roa
Signing time: Thu 25 Jan 2024 21:14:11 +0000
ROA not before: Thu 25 Jan 2024 21:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:42:79:23:31:52:56:c0:32:25:45:8b:42:5a:c2:66:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 25 21:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=523e42590488f8b6ecf93ad3919fba8951e31e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0a:c0:3f:7f:7a:c0:4d:87:fb:f8:d3:58:41:
e9:e7:a4:0c:59:f7:aa:49:d8:54:9c:c1:34:59:83:
6c:0a:a9:5f:95:92:87:66:01:1e:58:24:7d:5a:5a:
30:a7:a8:2b:3e:6a:73:f8:f3:b3:2b:bd:4a:e7:c1:
cf:1f:21:63:cf:ef:2a:b9:27:41:f2:34:98:e6:c8:
99:38:d2:0e:c4:ed:6b:8e:f8:2d:6c:29:f7:fb:cf:
9d:68:d9:6d:f0:94:12:d2:69:c2:3b:db:9e:9e:6f:
8f:03:1a:e0:79:a2:b2:ba:7a:24:ac:73:96:b0:a0:
9b:67:43:82:d0:23:5e:81:76:98:08:bd:f9:39:5c:
ea:dc:2d:9b:3c:d3:42:1f:36:85:da:62:7d:43:9b:
84:4c:7c:fc:79:48:b8:8a:cc:90:13:78:3f:83:40:
6d:c4:d9:7d:45:84:b2:75:cc:99:7c:37:32:79:a2:
b2:8f:fa:26:b3:01:9d:0d:75:5a:a9:27:a6:6f:53:
6d:57:bf:d8:e1:b7:f2:3b:11:ee:74:5d:52:ce:23:
94:fe:57:1e:4a:49:4d:fb:b6:f9:c6:6e:2b:4b:01:
7b:a6:0e:7f:7e:78:6c:fa:03:c5:71:59:9d:94:39:
a2:ba:89:da:ba:53:cc:2e:be:d0:6f:04:47:d0:2c:
5a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:3E:42:59:04:88:F8:B6:EC:F9:3A:D3:91:9F:BA:89:51:E3:1E:46
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Uj5CWQSI-Lbs-TrTkZ-6iVHjHkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:01:e8:76:74:52:6b:90:0c:f9:15:67:70:a4:1d:e0:68:d2:
24:c5:f4:e6:92:11:a2:b7:9f:13:ba:3a:90:71:39:50:98:ef:
ff:1c:f4:9a:f9:7b:ea:3d:74:a9:69:a8:6f:64:d3:1b:a8:bd:
90:ce:f7:f3:94:b7:ab:57:47:65:ac:9b:d6:e1:be:64:f3:67:
47:4a:30:dc:85:0d:6c:bb:23:5f:dd:61:42:a2:05:8c:51:69:
72:2b:0f:f4:fc:b3:d1:16:9e:43:6c:2c:6a:a6:fb:cf:f0:96:
57:1f:22:bc:33:ff:51:33:d5:74:56:8b:c0:a5:3b:01:86:7e:
c2:58:be:72:15:23:07:2d:2b:cc:9d:03:df:60:fe:36:9b:36:
a7:73:ee:dd:56:1d:db:46:ff:56:4c:72:dd:31:63:d5:50:02:
d1:e7:4a:63:c0:0d:fb:a2:b1:3c:92:a4:44:73:0a:6c:8e:ee:
9d:75:08:4b:48:eb:26:08:06:c4:f7:0a:ac:73:1a:09:2d:d6:
8f:b7:68:55:9d:d1:73:28:4c:53:f4:6e:44:65:de:de:a3:be:
ad:2b:a4:23:40:18:a1:13:d4:17:bf:3d:48:45:30:ea:cf:ce:
a3:aa:8f:4a:a1:b3:de:36:96:fd:ca:40:e6:9b:55:bf:b3:19:
8f:d8:df:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1CeSMxUlbAMiVFi0JawmZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI1MjExNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjNlNDI1OTA0ODhmOGI2ZWNmOTNhZDM5MTlmYmE4OTUxZTMxZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwrAP396wE2H+/jTWEHp56QMWfeq
SdhUnME0WYNsCqlflZKHZgEeWCR9Wlowp6grPmpz+POzK71K58HPHyFjz+8quSdB
8jSY5siZONIOxO1rjvgtbCn3+8+daNlt8JQS0mnCO9uenm+PAxrgeaKyunokrHOW
sKCbZ0OC0CNegXaYCL35OVzq3C2bPNNCHzaF2mJ9Q5uETHz8eUi4isyQE3g/g0Bt
xNl9RYSydcyZfDcyeaKyj/omswGdDXVaqSemb1NtV7/Y4bfyOxHudF1SziOU/lce
SklN+7b5xm4rSwF7pg5/fnhs+gPFcVmdlDmiuonaulPMLr7QbwRH0CxadwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFI+QlkEiPi27Pk605GfuolR4x5GMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVWo1Q1dRU0ktTGJzLVRyVGtaLTZpVkhqSGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG4B6HZ0UmuQDPkVZ3Ck
HeBo0iTF9OaSEaK3nxO6OpBxOVCY7/8c9Jr5e+o9dKlpqG9k0xuovZDO9/OUt6tX
R2Wsm9bhvmTzZ0dKMNyFDWy7I1/dYUKiBYxRaXIrD/T8s9EWnkNsLGqm+8/wllcf
Irwz/1Ez1XRWi8ClOwGGfsJYvnIVIwctK8ydA99g/jabNqdz7t1WHdtG/1ZMct0x
Y9VQAtHnSmPADfuisTySpERzCmyO7p11CEtI6yYIBsT3CqxzGgkt1o+3aFWd0XMo
TFP0bkRl3t6jvq0rpCNAGKET1Be/PUhFMOrPzqOqj0qhs942lv3KQOabVb+zGY/Y
3zE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org