Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X0V6xf8NIlE0olqIXEWL_5WCfd0.roa
File: X0V6xf8NIlE0olqIXEWL_5WCfd0.roa (raw, json)
Hash identifier: jmRT36vfkw2f3oRrUWSAaxAdWmu3Nsp/Q20c0wmijyM=
Subject key identifier: 5F:45:7A:C5:FF:0D:22:51:34:A2:5A:88:5C:45:8B:FF:95:82:7D:DD
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF4554F984C0C1942AF055D60356D237F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X0V6xf8NIlE0olqIXEWL_5WCfd0.roa
Signing time: Wed 10 Jan 2024 17:04:40 +0000
ROA not before: Wed 10 Jan 2024 17:04:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:f455:6bd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f4:55:4f:98:4c:0c:19:42:af:05:5d:60:35:6d:23:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 10 17:04:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f457ac5ff0d225134a25a885c458bff95827ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0f:db:e9:e4:d3:8f:c1:1e:5c:08:c2:20:27:
b1:f1:77:3c:e2:6c:89:1b:41:19:91:f1:62:84:13:
12:0f:ff:a9:e1:5b:9b:fc:55:7e:57:49:a8:1a:3e:
80:8b:d7:af:a3:03:4b:1c:2d:e1:4c:af:4a:4c:53:
14:56:b6:10:09:84:b4:2a:bc:88:8b:a3:b2:26:28:
20:c8:af:d9:2e:a6:7e:9a:02:2b:d2:c9:71:e0:b5:
97:1d:9d:b6:ca:15:67:6b:a9:36:30:13:fb:ca:78:
9f:3c:34:c5:09:46:2d:2e:50:61:fd:56:50:c8:b5:
15:41:59:b2:24:0b:55:62:38:b4:38:fb:91:2f:1a:
23:6c:a9:b6:75:58:2e:ef:8d:78:cc:c7:21:84:19:
97:8b:43:95:ca:f1:d4:f1:5b:01:b8:ea:a5:9f:b0:
3a:44:9f:f7:19:c8:77:93:0f:54:dd:3f:35:2f:85:
9e:60:93:85:e9:10:db:40:ea:3c:92:1e:f7:97:46:
c3:49:b5:b5:8b:fc:83:aa:3c:3e:a0:26:68:0b:f2:
fa:9c:2d:91:27:4e:dc:2b:24:7b:ed:49:75:ba:31:
dc:29:ea:bf:c4:6f:82:e2:06:67:31:e2:28:b5:0b:
fc:18:9d:50:75:87:8b:88:15:b8:63:12:9a:56:73:
7e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:45:7A:C5:FF:0D:22:51:34:A2:5A:88:5C:45:8B:FF:95:82:7D:DD
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X0V6xf8NIlE0olqIXEWL_5WCfd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:1e:f7:52:45:42:1a:e1:4a:0b:bd:0b:a5:5d:8a:df:73:b3:
a0:aa:ee:48:a6:0c:ec:1f:b1:33:c2:13:01:ee:37:97:b0:dc:
39:ed:56:8b:85:ee:36:a2:82:70:09:9a:5c:86:7c:6e:99:6f:
56:5f:de:8e:9f:4f:52:ee:ea:2e:f6:88:4d:82:f6:7d:e9:cd:
07:37:2d:0d:7e:6c:1d:e9:3c:86:38:bf:2e:cc:21:d3:51:f7:
9a:04:08:29:dc:ad:ec:af:31:d0:31:f7:0d:42:c1:0e:90:fd:
f0:1e:5c:9a:6e:c0:fe:59:3a:47:f3:a4:40:f4:3a:d5:20:74:
f6:67:d0:47:92:a9:3c:c5:54:96:eb:0f:55:ca:12:fa:cd:72:
5a:ad:c0:f3:8b:59:2d:9c:c4:12:1c:e7:ab:77:94:f3:42:f1:
37:3a:6e:8d:ff:b0:ca:01:fd:f9:d1:f4:b3:1f:d4:81:0f:0f:
89:b0:07:61:84:b1:49:ea:5a:c1:94:c6:59:13:b1:c6:32:25:
eb:19:c9:f2:2a:64:11:08:46:26:22:29:df:7c:bb:3d:11:7c:
3a:dd:d0:be:3c:0f:c0:2c:84:3d:34:a6:a3:4c:41:20:b6:0d:
c5:3f:c1:76:4e:b8:8f:7a:3f:a7:5c:7e:81:a4:0d:b1:3e:44:
62:5d:86:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz0VU+YTAwZQq8FXWA1bSN/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEwMTcwNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjQ1N2FjNWZmMGQyMjUxMzRhMjVhODg1YzQ1OGJmZjk1ODI3ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0A/b6eTTj8EeXAjCICex8Xc84myJ
G0EZkfFihBMSD/+p4Vub/FV+V0moGj6Ai9evowNLHC3hTK9KTFMUVrYQCYS0KryI
i6OyJiggyK/ZLqZ+mgIr0slx4LWXHZ22yhVna6k2MBP7ynifPDTFCUYtLlBh/VZQ
yLUVQVmyJAtVYji0OPuRLxojbKm2dVgu7414zMchhBmXi0OVyvHU8VsBuOqln7A6
RJ/3Gch3kw9U3T81L4WeYJOF6RDbQOo8kh73l0bDSbW1i/yDqjw+oCZoC/L6nC2R
J07cKyR77Ul1ujHcKeq/xG+C4gZnMeIotQv8GJ1QdYeLiBW4YxKaVnN+5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF9FesX/DSJRNKJaiFxFi/+Vgn3dMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWDBWNnhmOE5JbEUwb2xxSVhFV0xfNVdDZmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB0e91JFQhrhSgu9C6Vd
it9zs6Cq7kimDOwfsTPCEwHuN5ew3DntVouF7jaignAJmlyGfG6Zb1Zf3o6fT1Lu
6i72iE2C9n3pzQc3LQ1+bB3pPIY4vy7MIdNR95oECCncreyvMdAx9w1CwQ6Q/fAe
XJpuwP5ZOkfzpED0OtUgdPZn0EeSqTzFVJbrD1XKEvrNclqtwPOLWS2cxBIc56t3
lPNC8Tc6bo3/sMoB/fnR9LMf1IEPD4mwB2GEsUnqWsGUxlkTscYyJesZyfIqZBEI
RiYiKd98uz0RfDrd0L48D8AshD00pqNMQSC2DcU/wXZOuI96P6dcfoGkDbE+RGJd
hqA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org