Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UnpoHjo7GQL73Xh89zSCiJVtx3M.roa
File: UnpoHjo7GQL73Xh89zSCiJVtx3M.roa (raw, json)
Hash identifier: kbJrT3QBomhC+Dmfk6PLi4vPJ2VB9kR6DFYaKOsJrtg=
Subject key identifier: 52:7A:68:1E:3A:3B:19:02:FB:DD:78:7C:F7:34:82:88:95:6D:C7:73
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E013EAC124068FEB7EEEF646AEE224888
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UnpoHjo7GQL73Xh89zSCiJVtx3M.roa
Signing time: Sat 02 Mar 2024 22:17:48 +0000
ROA not before: Sat 02 Mar 2024 22:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:01:3e:ac:12:40:68:fe:b7:ee:ef:64:6a:ee:22:48:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 2 22:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=527a681e3a3b1902fbdd787cf7348288956dc773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:7e:4b:84:9f:63:29:a8:a0:da:fe:5d:87:5d:
92:5a:a6:f8:e3:f9:b1:4b:5f:fd:8d:47:a6:a2:cb:
35:28:d1:45:de:b2:a7:75:38:83:a4:91:94:c7:93:
e2:a9:49:4a:85:8f:86:5f:66:21:03:21:a4:22:f7:
74:10:2d:13:f9:a9:fe:55:b9:d9:82:25:ca:44:3d:
ad:9c:c1:8e:03:d9:bb:5a:ca:a8:bf:24:c2:e5:10:
95:08:99:27:41:bf:75:3c:82:09:cb:3a:e5:e4:c1:
ca:0f:94:01:ed:19:04:16:99:a4:82:a7:37:37:e5:
0c:77:bd:cd:52:e5:ba:49:cf:d0:a6:3b:4d:2a:6e:
41:ee:9f:83:aa:27:43:74:d6:7b:9a:74:ae:93:3d:
27:66:b6:da:d2:68:e3:3b:91:2a:c5:da:1e:f6:cb:
1b:17:02:eb:22:3b:ad:db:29:c6:10:9f:cf:8b:73:
fa:3d:9b:62:d5:f4:52:e4:98:69:3f:5c:96:33:4e:
48:87:ec:e9:1f:fe:7d:74:ff:00:8f:fc:8e:cd:0c:
18:4d:77:4c:aa:55:30:1c:ae:af:ef:1f:e8:98:2e:
49:81:3d:a3:9c:fe:a0:e9:8a:dc:a8:a4:85:82:00:
d4:89:2c:9b:6b:af:b8:9d:71:51:4a:ed:f7:e6:e8:
fd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:7A:68:1E:3A:3B:19:02:FB:DD:78:7C:F7:34:82:88:95:6D:C7:73
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UnpoHjo7GQL73Xh89zSCiJVtx3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:8b:f1:b5:5d:89:2d:54:0b:f4:74:85:2f:38:93:a2:67:04:
22:ac:00:6b:32:16:0e:d4:62:03:66:27:54:48:0e:60:10:39:
53:54:a1:69:d2:99:d2:1e:f6:b8:08:7e:81:cd:31:9c:cd:27:
27:82:90:99:87:82:5c:89:1b:85:5f:d7:d1:7d:ed:41:01:90:
1c:84:67:cd:d6:19:23:5b:10:a5:b0:ae:2d:63:11:3e:4d:02:
02:85:d7:f5:b8:63:99:8e:b7:bf:92:bc:07:7d:8f:20:96:fe:
a7:1b:01:bc:3f:99:19:66:2e:b8:37:d6:9d:ca:da:02:73:86:
a2:5b:22:c0:f5:39:b9:e2:d5:42:96:4e:2f:9e:84:4b:3a:6d:
e4:f2:b2:9c:52:b0:70:8e:89:47:76:81:c2:3b:6f:52:17:2e:
99:fc:ce:8e:2d:bb:c7:c8:82:1a:99:34:6d:30:36:1b:04:50:
73:90:27:b6:4b:e2:c0:d6:b1:65:c3:db:fe:b6:89:44:61:47:
ac:ba:58:af:1b:78:03:89:d2:aa:be:66:c2:be:c9:7b:37:dd:
eb:92:13:c3:da:cc:69:20:44:83:cc:83:ef:06:d6:9b:86:91:
8f:3f:f5:6c:ca:75:eb:4a:62:1d:a0:5d:7f:ad:1c:7d:4a:4f:
54:a8:17:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4BPqwSQGj+t+7vZGruIkiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAyMjIxNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjdhNjgxZTNhM2IxOTAyZmJkZDc4N2NmNzM0ODI4ODk1NmRjNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8H5LhJ9jKaig2v5dh12SWqb44/mx
S1/9jUemoss1KNFF3rKndTiDpJGUx5PiqUlKhY+GX2YhAyGkIvd0EC0T+an+VbnZ
giXKRD2tnMGOA9m7WsqovyTC5RCVCJknQb91PIIJyzrl5MHKD5QB7RkEFpmkgqc3
N+UMd73NUuW6Sc/QpjtNKm5B7p+DqidDdNZ7mnSukz0nZrba0mjjO5Eqxdoe9ssb
FwLrIjut2ynGEJ/Pi3P6PZti1fRS5JhpP1yWM05Ih+zpH/59dP8Aj/yOzQwYTXdM
qlUwHK6v7x/omC5JgT2jnP6g6YrcqKSFggDUiSyba6+4nXFRSu335uj98QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFJ6aB46OxkC+914fPc0goiVbcdzMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVW5wb0hqbzdHUUw3M1hoODl6U0NpSlZ0eDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABOL8bVdiS1UC/R0hS84
k6JnBCKsAGsyFg7UYgNmJ1RIDmAQOVNUoWnSmdIe9rgIfoHNMZzNJyeCkJmHglyJ
G4Vf19F97UEBkByEZ83WGSNbEKWwri1jET5NAgKF1/W4Y5mOt7+SvAd9jyCW/qcb
Abw/mRlmLrg31p3K2gJzhqJbIsD1Obni1UKWTi+ehEs6beTyspxSsHCOiUd2gcI7
b1IXLpn8zo4tu8fIghqZNG0wNhsEUHOQJ7ZL4sDWsWXD2/62iURhR6y6WK8beAOJ
0qq+ZsK+yXs33euSE8PazGkgRIPMg+8G1puGkY8/9WzKdetKYh2gXX+tHH1KT1So
F8A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org