Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XKC5D0qr28n5n0TU86I8IdqDSl8.roa
File: XKC5D0qr28n5n0TU86I8IdqDSl8.roa (raw, json)
Hash identifier: TNizKOx1L7ogu9dL9y92tdz1XVqMxDFKQH9E0IbiVM8=
Subject key identifier: 5C:A0:B9:0F:4A:AB:DB:C9:F9:9F:44:D4:F3:A2:3C:21:DA:83:4A:5F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DC9E6D4B7EA4A9AA49C6B7975954E6424
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XKC5D0qr28n5n0TU86I8IdqDSl8.roa
Signing time: Wed 21 Feb 2024 04:22:44 +0000
ROA not before: Wed 21 Feb 2024 04:22:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c9:e6:d4:b7:ea:4a:9a:a4:9c:6b:79:75:95:4e:64:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 21 04:22:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ca0b90f4aabdbc9f99f44d4f3a23c21da834a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1d:81:29:75:3e:6b:1e:59:3b:d2:5c:42:7d:
e5:8a:29:c8:89:54:2e:4a:75:9a:22:a0:5c:64:ef:
e7:99:1a:35:18:da:17:6f:1c:05:11:2c:80:76:c1:
3b:41:ce:40:62:92:94:ec:7a:b3:41:51:27:53:9b:
45:2a:ea:93:07:3d:09:bf:10:1c:6a:8c:94:e5:8c:
99:b2:a5:e0:f5:ed:a3:11:40:be:e3:9e:a2:5d:57:
21:e0:18:c5:62:cd:fc:6f:b0:f5:0e:9c:6c:12:71:
d9:ad:05:50:58:0f:28:bd:bf:8e:32:9c:6b:ef:54:
51:75:ad:53:89:db:c0:fe:ef:c4:56:97:de:9b:d6:
4e:37:36:b8:d6:8d:37:f3:5f:17:fc:af:c2:f8:32:
1b:3c:56:cd:af:4a:d5:f3:49:b8:53:bd:cf:dd:ae:
35:71:de:b2:2b:44:7a:4c:94:a1:d1:83:1a:0c:24:
42:eb:05:13:69:0b:bc:f3:cc:64:50:88:bf:6c:ff:
11:52:7d:1f:61:b1:31:86:4b:ac:d8:94:04:57:30:
f8:fc:76:ce:2d:de:f5:40:ae:0b:47:98:13:59:f1:
f8:c5:b8:7a:02:79:8c:f8:c7:01:dc:43:73:ee:9b:
2c:3a:d9:aa:82:d2:cb:1d:3d:ee:c9:cf:b2:78:22:
c1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A0:B9:0F:4A:AB:DB:C9:F9:9F:44:D4:F3:A2:3C:21:DA:83:4A:5F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XKC5D0qr28n5n0TU86I8IdqDSl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:6a:7c:1d:3e:75:af:22:0c:4e:e3:0a:a8:86:9d:9f:17:09:
24:a6:99:35:a5:0e:71:8e:84:23:b4:5e:91:05:e2:49:b8:12:
c6:d9:25:ec:74:67:b4:5e:04:79:17:e4:05:61:54:0b:68:f8:
d5:a5:44:57:02:53:af:5e:8e:86:1c:f0:ca:5b:24:38:d7:52:
ce:35:ef:21:bc:f1:71:23:e0:25:a0:d0:54:da:0b:d7:39:da:
5b:e4:83:0d:a9:7d:8c:c1:69:7c:49:42:7b:87:3b:48:ac:9b:
f3:ea:a0:0a:c7:43:4d:f2:08:af:d8:fb:8c:e4:11:3a:f1:7f:
d6:69:98:fd:d8:5f:98:ca:4e:c9:bb:41:0a:c0:87:40:cf:8c:
ee:c2:58:af:37:33:68:80:59:be:2e:1b:71:a7:b2:84:5a:c0:
7e:29:6a:3b:d9:df:7c:a0:ce:91:25:4c:51:3f:c4:a3:21:c1:
43:05:6d:a8:04:4c:d9:65:10:04:32:fe:5b:d7:c0:04:8f:72:
e3:c6:75:49:fd:a8:62:95:f4:dd:37:3b:a1:3e:0f:f3:49:f3:
a0:8f:84:ed:e5:cb:eb:aa:a9:44:99:94:e2:ee:19:f2:a8:3d:
1d:0b:80:17:5e:0b:80:c5:de:7a:b7:9e:f1:53:38:81:fc:8c:
43:8c:ae:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3J5tS36kqapJxreXWVTmQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIxMDQyMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2EwYjkwZjRhYWJkYmM5Zjk5ZjQ0ZDRmM2EyM2MyMWRhODM0YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhx2BKXU+ax5ZO9JcQn3liinIiVQu
SnWaIqBcZO/nmRo1GNoXbxwFESyAdsE7Qc5AYpKU7HqzQVEnU5tFKuqTBz0JvxAc
aoyU5YyZsqXg9e2jEUC+456iXVch4BjFYs38b7D1DpxsEnHZrQVQWA8ovb+OMpxr
71RRda1TidvA/u/EVpfem9ZONza41o03818X/K/C+DIbPFbNr0rV80m4U73P3a41
cd6yK0R6TJSh0YMaDCRC6wUTaQu888xkUIi/bP8RUn0fYbExhkus2JQEVzD4/HbO
Ld71QK4LR5gTWfH4xbh6AnmM+McB3ENz7pssOtmqgtLLHT3uyc+yeCLB+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFyguQ9Kq9vJ+Z9E1POiPCHag0pfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWEtDNUQwcXIyOG41bjBUVTg2SThJZHFEU2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKJqfB0+da8iDE7jCqiG
nZ8XCSSmmTWlDnGOhCO0XpEF4km4EsbZJex0Z7ReBHkX5AVhVAto+NWlRFcCU69e
joYc8MpbJDjXUs417yG88XEj4CWg0FTaC9c52lvkgw2pfYzBaXxJQnuHO0ism/Pq
oArHQ03yCK/Y+4zkETrxf9ZpmP3YX5jKTsm7QQrAh0DPjO7CWK83M2iAWb4uG3Gn
soRawH4pajvZ33ygzpElTFE/xKMhwUMFbagETNllEAQy/lvXwASPcuPGdUn9qGKV
9N03O6E+D/NJ86CPhO3ly+uqqUSZlOLuGfKoPR0LgBdeC4DF3nq3nvFTOIH8jEOM
rhc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org