Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XMSFxeS2h_YG45S5FouEuECNPJA.roa
File: XMSFxeS2h_YG45S5FouEuECNPJA.roa (raw, json)
Hash identifier: FE1X/+utuQOXO1DnDw8AGXQyx821iQ7OjmqvgJDiFDU=
Subject key identifier: 5C:C4:85:C5:E4:B6:87:F6:06:E3:94:B9:16:8B:84:B8:40:8D:3C:90
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C8ACC5DC3CC5B5D58C7672C40A179826B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XMSFxeS2h_YG45S5FouEuECNPJA.roa
Signing time: Thu 21 Dec 2023 05:14:58 +0000
ROA not before: Thu 21 Dec 2023 05:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8a:cc:5d:c3:cc:5b:5d:58:c7:67:2c:40:a1:79:82:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 21 05:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cc485c5e4b687f606e394b9168b84b8408d3c90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:dd:ec:15:ad:fb:61:3e:05:73:7f:e7:77:77:
0a:b1:24:89:cc:b5:4c:20:c7:8a:70:e5:d7:90:30:
8b:ec:58:6c:36:06:61:1b:1c:75:a8:d0:2d:23:72:
33:ce:dc:d1:ba:cb:4e:b0:fd:82:51:cc:d0:1d:ce:
dd:57:31:04:24:85:e3:af:59:d1:50:34:eb:f8:5d:
da:6e:d3:2a:b2:b9:cc:a3:f1:84:6e:7c:69:e9:f3:
bf:98:6d:fa:ee:90:fd:72:c9:63:04:e4:4e:dc:28:
bc:5c:8b:52:6a:63:fd:cd:72:a3:5f:14:b0:e9:f1:
47:67:89:14:66:10:a5:49:aa:92:29:20:6a:5f:d8:
7a:10:fe:5b:75:68:d0:a4:56:50:c2:2e:cf:35:c6:
ef:2a:7f:a0:4e:aa:d4:48:c5:98:f3:00:2f:a9:ce:
72:5a:31:0c:5a:e2:a0:a5:58:54:a3:62:35:63:5c:
5d:ab:1d:b2:c8:5b:21:e8:64:0c:b8:15:f8:ea:ca:
9e:31:99:37:39:bd:e2:fe:53:b1:92:a0:0c:1d:6e:
d0:a6:20:06:85:75:cf:fc:cb:02:11:79:2b:dc:60:
88:d3:c0:63:d5:0a:c1:ed:14:60:23:84:f0:d8:50:
0e:cc:16:f2:ea:86:10:9c:d3:b3:e4:a0:e9:bf:50:
2c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C4:85:C5:E4:B6:87:F6:06:E3:94:B9:16:8B:84:B8:40:8D:3C:90
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XMSFxeS2h_YG45S5FouEuECNPJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:e5:f6:8b:e5:b0:41:df:c9:e5:02:ea:c8:80:e5:2d:b3:70:
cf:a8:4e:1b:77:d6:69:28:66:82:f3:ee:a4:b1:89:b8:eb:c1:
98:8d:71:23:3d:1f:dd:6a:ba:1b:e2:46:c9:2b:2d:b7:83:a5:
85:d8:ae:53:d6:78:b6:0c:f2:bd:0f:d0:a7:5a:a4:30:f0:30:
9f:b9:be:cb:34:2b:61:2c:0e:02:d7:e6:08:6a:b4:cb:c3:1e:
d3:ba:21:bb:17:68:5a:f9:b6:11:08:70:af:b1:e4:9c:f6:f2:
ef:47:4c:3a:43:c0:dc:f3:c7:a7:7e:ba:74:f8:78:c4:90:f2:
26:4d:14:44:3a:56:04:56:54:ef:a9:59:0f:39:50:83:95:18:
78:31:ff:4a:34:90:fc:02:4d:86:1b:e7:37:14:5b:94:5f:3c:
84:03:f5:96:c2:02:7c:0e:64:90:56:06:b9:e3:0e:2a:3f:51:
a8:b4:5c:d2:54:e9:9d:89:aa:c4:ce:c2:1b:ad:32:54:fe:5f:
9f:5e:c2:91:4c:b7:90:0b:8c:b9:93:fb:b6:e7:d9:69:df:6a:
22:e5:db:ef:17:b2:b2:ca:77:2d:5a:1e:23:ef:a2:50:a6:c4:
0c:ed:fc:22:40:b7:14:1d:7e:b2:6e:af:c2:c1:db:74:33:f0:
61:db:0d:9c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyKzF3DzFtdWMdnLECheYJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIxMDUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2M0ODVjNWU0YjY4N2Y2MDZlMzk0YjkxNjhiODRiODQwOGQzYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod3sFa37YT4Fc3/nd3cKsSSJzLVM
IMeKcOXXkDCL7FhsNgZhGxx1qNAtI3IzztzRustOsP2CUczQHc7dVzEEJIXjr1nR
UDTr+F3abtMqsrnMo/GEbnxp6fO/mG367pD9csljBORO3Ci8XItSamP9zXKjXxSw
6fFHZ4kUZhClSaqSKSBqX9h6EP5bdWjQpFZQwi7PNcbvKn+gTqrUSMWY8wAvqc5y
WjEMWuKgpVhUo2I1Y1xdqx2yyFsh6GQMuBX46sqeMZk3Ob3i/lOxkqAMHW7QpiAG
hXXP/MsCEXkr3GCI08Bj1QrB7RRgI4Tw2FAOzBby6oYQnNOz5KDpv1AsKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFzEhcXktof2BuOUuRaLhLhAjTyQMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWE1TRnhlUzJoX1lHNDVTNUZvdUV1RUNOUEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIvl9ovlsEHfyeUC6siA
5S2zcM+oTht31mkoZoLz7qSxibjrwZiNcSM9H91quhviRskrLbeDpYXYrlPWeLYM
8r0P0KdapDDwMJ+5vss0K2EsDgLX5ghqtMvDHtO6IbsXaFr5thEIcK+x5Jz28u9H
TDpDwNzzx6d+unT4eMSQ8iZNFEQ6VgRWVO+pWQ85UIOVGHgx/0o0kPwCTYYb5zcU
W5RfPIQD9ZbCAnwOZJBWBrnjDio/Uai0XNJU6Z2JqsTOwhutMlT+X59ewpFMt5AL
jLmT+7bn2WnfaiLl2+8XsrLKdy1aHiPvolCmxAzt/CJAtxQdfrJur8LB23Qz8GHb
DZw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org