Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XgwYMvgqFFJy5IVwL3JPwvfmrHI.roa
File: XgwYMvgqFFJy5IVwL3JPwvfmrHI.roa (raw, json)
Hash identifier: H+PjOq9i9tzu23oO+5p3d2Ng9VP/Mfy2owdab971hTQ=
Subject key identifier: 5E:0C:18:32:F8:2A:14:52:72:E4:85:70:2F:72:4F:C2:F7:E6:AC:72
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CDE0DB0F8B416D52063A2666887343876
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XgwYMvgqFFJy5IVwL3JPwvfmrHI.roa
Signing time: Sat 06 Jan 2024 09:14:48 +0000
ROA not before: Sat 06 Jan 2024 09:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:de:0d:b0:f8:b4:16:d5:20:63:a2:66:68:87:34:38:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 6 09:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e0c1832f82a145272e485702f724fc2f7e6ac72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1d:43:be:ec:4d:94:fa:9d:09:06:9c:bb:eb:
bc:27:94:f4:28:31:72:06:70:d8:cc:d9:4e:41:3f:
37:72:75:f0:51:69:e8:87:44:00:4c:10:de:7c:57:
ed:e7:05:0e:e6:eb:6c:bf:6d:bc:58:c6:f7:53:ea:
1a:c0:0f:05:3c:9e:4c:31:f1:f6:dd:cf:a6:b8:76:
6a:67:ec:b3:e8:a3:0d:68:67:b7:f2:f5:96:c2:12:
e9:ab:49:9e:35:7b:2d:67:4d:77:e0:19:86:65:ad:
82:da:87:6f:f9:9a:f4:f9:af:b6:05:a5:ef:af:49:
b4:79:50:c5:28:01:e1:5f:c4:04:71:2e:4c:57:b3:
8e:bd:12:40:0a:80:70:b3:1f:e4:ca:81:f9:7d:32:
38:99:ce:44:86:5e:0f:da:49:53:d5:f0:fb:39:69:
db:1d:da:20:9d:38:49:7a:a8:53:15:7f:c8:dd:aa:
cc:fb:c3:dc:dc:25:59:66:6f:9a:f2:a5:13:8d:54:
19:49:44:b5:5d:de:eb:36:cf:20:80:92:92:c0:8b:
13:20:7f:24:c4:3f:61:3a:cf:ae:69:27:66:b8:e7:
a3:18:95:11:47:cf:5d:eb:26:70:c6:d4:01:94:93:
11:d1:b1:5d:ba:d1:da:f4:ed:1f:30:64:de:11:b6:
11:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:0C:18:32:F8:2A:14:52:72:E4:85:70:2F:72:4F:C2:F7:E6:AC:72
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XgwYMvgqFFJy5IVwL3JPwvfmrHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1f:b3:29:53:8a:b3:f9:99:d5:6f:db:f3:e6:b8:9d:bd:fe:c6:
ff:f6:85:cb:ff:6b:88:d0:ca:06:40:a6:97:9a:31:fe:99:24:
8c:c9:e9:3a:e5:41:b7:ed:ad:71:b0:48:6b:65:84:8b:a7:ac:
42:4a:5d:11:cb:fd:5a:2e:4e:f9:af:f1:95:c9:a2:af:94:40:
4d:99:e0:e0:aa:f8:bc:ec:59:98:7b:64:51:76:9d:6c:1b:b7:
0e:5b:72:b5:ca:84:6e:3d:c8:80:3b:02:81:c2:56:d5:6c:3f:
19:06:88:85:a4:09:50:96:50:ce:e1:ab:75:e7:6f:a6:7b:e8:
68:4b:83:b4:3e:34:d0:a4:ae:b4:15:b6:20:0a:de:df:ec:5f:
db:dc:a8:6a:14:a0:41:b7:4d:8b:0a:fb:88:2c:29:55:20:91:
37:15:32:56:48:eb:86:54:7b:4d:53:c9:50:9f:05:24:6f:2d:
a1:e2:cf:31:57:4d:3c:2f:c4:1a:d7:2a:ed:cd:49:48:b2:66:
9f:2d:14:66:ab:ed:ea:89:6e:00:fd:70:38:58:18:14:44:29:
3d:60:50:6b:53:fa:58:45:96:00:6d:a7:8a:cf:ff:1d:ce:3c:
0f:01:bd:d4:a4:bf:22:65:c8:25:38:27:a5:2f:0e:81:b8:21:
5d:c2:b6:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzeDbD4tBbVIGOiZmiHNDh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA2MDkxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTBjMTgzMmY4MmExNDUyNzJlNDg1NzAyZjcyNGZjMmY3ZTZhYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR1DvuxNlPqdCQacu+u8J5T0KDFy
BnDYzNlOQT83cnXwUWnoh0QATBDefFft5wUO5utsv228WMb3U+oawA8FPJ5MMfH2
3c+muHZqZ+yz6KMNaGe38vWWwhLpq0meNXstZ0134BmGZa2C2odv+Zr0+a+2BaXv
r0m0eVDFKAHhX8QEcS5MV7OOvRJACoBwsx/kyoH5fTI4mc5Ehl4P2klT1fD7OWnb
HdognThJeqhTFX/I3arM+8Pc3CVZZm+a8qUTjVQZSUS1Xd7rNs8ggJKSwIsTIH8k
xD9hOs+uaSdmuOejGJURR89d6yZwxtQBlJMR0bFdutHa9O0fMGTeEbYRUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF4MGDL4KhRScuSFcC9yT8L35qxyMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWGd3WU12Z3FGRkp5NUlWd0wzSlB3dmZtckhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB+zKVOKs/mZ1W/b8+a4
nb3+xv/2hcv/a4jQygZAppeaMf6ZJIzJ6TrlQbftrXGwSGtlhIunrEJKXRHL/Vou
Tvmv8ZXJoq+UQE2Z4OCq+LzsWZh7ZFF2nWwbtw5bcrXKhG49yIA7AoHCVtVsPxkG
iIWkCVCWUM7hq3Xnb6Z76GhLg7Q+NNCkrrQVtiAK3t/sX9vcqGoUoEG3TYsK+4gs
KVUgkTcVMlZI64ZUe01TyVCfBSRvLaHizzFXTTwvxBrXKu3NSUiyZp8tFGar7eqJ
bgD9cDhYGBREKT1gUGtT+lhFlgBtp4rP/x3OPA8BvdSkvyJlyCU4J6UvDoG4IV3C
tuc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org