Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XcIilsMCqeGp8l3Do9iJjK2n1dU.roa
File: XcIilsMCqeGp8l3Do9iJjK2n1dU.roa (raw, json)
Hash identifier: 2ERLoMhY0u0SN52lDCjuNBA+zuhI289hGgfd7O/tI0A=
Subject key identifier: 5D:C2:22:96:C3:02:A9:E1:A9:F2:5D:C3:A3:D8:89:8C:AD:A7:D5:D5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E55565658DA6888604575FC104264295B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XcIilsMCqeGp8l3Do9iJjK2n1dU.roa
Signing time: Tue 19 Mar 2024 06:11:45 +0000
ROA not before: Tue 19 Mar 2024 06:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:55:56:56:58:da:68:88:60:45:75:fc:10:42:64:29:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 19 06:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dc22296c302a9e1a9f25dc3a3d8898cada7d5d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:63:30:52:27:e9:d5:83:9d:f4:68:70:06:d3:
47:c5:5c:2c:ea:bc:4a:41:e1:7c:83:e7:b2:b5:ea:
db:e4:b3:b6:06:1d:e8:14:5d:a9:c3:3a:82:b4:41:
88:70:70:e5:80:0a:86:fa:46:da:0c:57:44:25:de:
54:74:69:9e:33:a9:96:fb:75:42:98:46:ba:f3:d8:
14:fd:9e:d2:1e:c7:32:cb:50:69:25:ee:28:3e:db:
a1:f1:01:42:94:31:75:55:c8:2b:38:cd:51:bf:5d:
e7:e5:bd:84:47:23:f1:b1:2d:0b:c9:af:60:94:c4:
d9:ee:62:9b:06:9f:80:16:5f:da:9d:86:d6:1d:5b:
c0:c6:0f:1c:90:35:5f:39:00:a0:bc:fe:b6:02:60:
d8:41:f3:19:46:9c:78:46:99:26:f4:9e:be:86:03:
32:b5:4b:4b:31:2e:c0:bd:ab:0c:c9:5a:f4:dd:85:
76:7d:0c:9f:08:24:8d:09:d2:58:ad:0b:1a:19:df:
06:d5:fe:a5:43:2c:e7:a6:bf:e3:0a:09:d0:30:6f:
51:0a:16:f1:47:de:3f:b5:46:1e:aa:5c:51:0f:88:
09:6f:5e:0f:31:ca:c2:3c:cd:61:ba:cd:fb:fd:b8:
62:fa:b8:7f:4b:da:6a:9c:9d:9e:2e:89:e2:7e:b7:
d8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C2:22:96:C3:02:A9:E1:A9:F2:5D:C3:A3:D8:89:8C:AD:A7:D5:D5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XcIilsMCqeGp8l3Do9iJjK2n1dU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:9d:82:73:fc:dc:0d:6b:94:f9:02:ef:6f:13:d7:89:62:8c:
38:50:1f:55:3d:d8:39:e7:04:8b:11:56:0e:ba:e4:95:4b:25:
5c:35:0a:82:e8:39:0d:08:e0:c4:f3:2c:18:e6:6e:a3:39:99:
fd:03:70:e2:a1:51:01:55:20:ba:94:4c:8d:6e:10:da:ea:27:
7c:71:86:d7:0e:2e:0c:26:37:a4:35:ae:90:9d:21:9b:3e:b7:
53:e3:cf:a9:69:8d:5f:d4:e5:6c:21:69:46:f3:d4:13:b8:95:
b3:d1:3d:c4:36:0f:4f:ef:02:7c:47:9f:67:a9:0e:73:b3:27:
92:58:0f:3b:88:af:c8:50:18:6d:5f:c5:41:d8:72:c1:12:a5:
47:3c:26:56:f2:0f:2f:80:ca:7c:a6:23:5c:e7:58:b1:f4:61:
67:19:29:65:c6:b6:22:c9:60:bd:27:dc:01:26:ba:55:61:1b:
5d:19:27:52:27:54:6d:ba:1d:12:bf:70:63:ba:4b:92:d9:e8:
04:ff:65:4b:59:83:98:a8:3d:ef:01:25:7c:73:b0:94:df:4b:
96:b1:90:ac:bb:55:61:56:fb:94:ed:23:56:30:c5:c0:87:cb:
fa:6e:2f:3d:92:13:9a:e7:38:4b:dd:d2:f6:1c:b5:ea:15:c7:
42:16:31:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5VVlZY2miIYEV1/BBCZClbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE5MDYxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGMyMjI5NmMzMDJhOWUxYTlmMjVkYzNhM2Q4ODk4Y2FkYTdkNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGMwUifp1YOd9GhwBtNHxVws6rxK
QeF8g+eyterb5LO2Bh3oFF2pwzqCtEGIcHDlgAqG+kbaDFdEJd5UdGmeM6mW+3VC
mEa689gU/Z7SHscyy1BpJe4oPtuh8QFClDF1VcgrOM1Rv13n5b2ERyPxsS0Lya9g
lMTZ7mKbBp+AFl/anYbWHVvAxg8ckDVfOQCgvP62AmDYQfMZRpx4Rpkm9J6+hgMy
tUtLMS7AvasMyVr03YV2fQyfCCSNCdJYrQsaGd8G1f6lQyznpr/jCgnQMG9RChbx
R94/tUYeqlxRD4gJb14PMcrCPM1hus37/bhi+rh/S9pqnJ2eLonifrfYhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF3CIpbDAqnhqfJdw6PYiYytp9XVMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWGNJaWxzTUNxZUdwOGwzRG85aUpqSzJuMWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAKdgnP83A1rlPkC728T
14lijDhQH1U92DnnBIsRVg665JVLJVw1CoLoOQ0I4MTzLBjmbqM5mf0DcOKhUQFV
ILqUTI1uENrqJ3xxhtcOLgwmN6Q1rpCdIZs+t1Pjz6lpjV/U5WwhaUbz1BO4lbPR
PcQ2D0/vAnxHn2epDnOzJ5JYDzuIr8hQGG1fxUHYcsESpUc8JlbyDy+AynymI1zn
WLH0YWcZKWXGtiLJYL0n3AEmulVhG10ZJ1InVG26HRK/cGO6S5LZ6AT/ZUtZg5io
Pe8BJXxzsJTfS5axkKy7VWFW+5TtI1YwxcCHy/puLz2SE5rnOEvd0vYcteoVx0IW
MRE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org