Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XmpHZ7Pqo1XXsIQwQCFbY_OxiN8.roa
File: XmpHZ7Pqo1XXsIQwQCFbY_OxiN8.roa (raw, json)
Hash identifier: WEqtFBqcN4awkPcKoal77IABo93rSX+gkdt2+bWmwcw=
Subject key identifier: 5E:6A:47:67:B3:EA:A3:55:D7:B0:84:30:40:21:5B:63:F3:B1:88:DF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E1756FF8AA071B23242FD3ECD06AE02DB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XmpHZ7Pqo1XXsIQwQCFbY_OxiN8.roa
Signing time: Thu 07 Mar 2024 05:16:01 +0000
ROA not before: Thu 07 Mar 2024 05:16:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:17:56:ff:8a:a0:71:b2:32:42:fd:3e:cd:06:ae:02:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 7 05:16:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e6a4767b3eaa355d7b0843040215b63f3b188df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b7:99:30:bf:28:49:0f:da:cf:2a:60:6f:45:
f0:69:4d:6a:07:50:ec:1e:76:ce:d9:7d:05:0e:99:
0d:3b:cc:a5:2f:65:cb:ec:63:89:b1:2c:f3:ec:05:
ce:2d:d5:99:62:00:67:d6:a8:df:0c:3c:40:fa:65:
34:52:66:0e:eb:9b:6d:01:39:15:11:0a:8f:8a:d2:
b6:a0:9a:6f:80:34:7e:8c:06:80:b0:f4:79:8c:9b:
da:ea:ff:c6:b2:84:13:ac:77:bc:73:2a:8d:af:64:
75:44:e7:7a:13:1a:03:33:79:e6:53:f7:99:de:26:
87:cb:5e:6b:64:31:25:f3:0a:d5:79:c9:20:13:a9:
a7:27:58:07:54:99:3b:18:d5:a7:3f:ad:e0:bc:07:
7f:05:7d:6d:d6:fa:97:65:1b:02:2a:c9:41:87:55:
d3:9f:31:61:d7:b4:7f:32:16:c6:f7:c5:8c:f5:0d:
da:07:26:07:01:e6:04:a2:3b:1e:99:95:30:29:01:
9d:2a:ef:bd:2c:3a:dd:c0:59:54:bb:26:b8:ab:b3:
12:6f:ad:ab:7e:44:fc:1f:35:09:04:52:74:b6:31:
cb:bd:05:b6:19:29:c0:a2:e1:53:80:1a:76:b8:4e:
42:8d:62:61:b7:25:04:bf:49:e6:99:5b:23:66:91:
1c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:6A:47:67:B3:EA:A3:55:D7:B0:84:30:40:21:5B:63:F3:B1:88:DF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XmpHZ7Pqo1XXsIQwQCFbY_OxiN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:e7:8f:1d:90:a4:d9:a9:3b:28:d5:ea:8e:6d:7b:76:0e:0f:
e8:e6:36:46:84:e6:5f:00:02:cc:d5:20:c5:50:a0:cb:25:05:
16:17:30:0f:a4:10:a3:6a:9b:67:26:4d:67:0c:f8:09:3c:54:
c8:8d:90:51:e0:42:d5:9a:ca:da:37:73:2b:8f:86:38:1c:f5:
c3:50:5c:6d:fa:18:32:7a:95:ed:71:da:b7:74:4c:e7:1f:f0:
4f:67:cc:8f:bc:23:cc:e6:27:21:29:18:af:e5:15:54:12:17:
4a:75:77:86:de:af:d0:42:65:ae:96:5a:c3:f7:f4:42:68:4e:
ca:9b:b4:5a:8d:2d:42:b4:12:cf:6d:91:07:72:52:d2:e0:b2:
a9:42:69:32:04:31:58:72:83:01:b4:78:38:3b:89:6f:d5:c6:
49:8b:26:b0:c9:3f:e7:c9:80:8c:4f:59:51:61:2d:e1:c7:a8:
14:3b:02:fd:6d:cb:60:6a:24:e5:e3:82:15:ee:ec:7c:bc:c3:
c4:52:fb:ce:97:20:13:9e:61:2c:8a:4a:dc:e9:81:60:31:72:
d5:0e:65:fd:d8:c9:d5:d5:28:95:ae:d1:d1:c9:cc:5a:e7:b6:
1b:1c:f5:c8:e8:49:e0:5e:4e:7f:05:29:69:93:6c:25:0b:8d:
1d:e0:36:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4XVv+KoHGyMkL9Ps0GrgLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA3MDUxNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTZhNDc2N2IzZWFhMzU1ZDdiMDg0MzA0MDIxNWI2M2YzYjE4OGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvreZML8oSQ/azypgb0XwaU1qB1Ds
HnbO2X0FDpkNO8ylL2XL7GOJsSzz7AXOLdWZYgBn1qjfDDxA+mU0UmYO65ttATkV
EQqPitK2oJpvgDR+jAaAsPR5jJva6v/GsoQTrHe8cyqNr2R1ROd6ExoDM3nmU/eZ
3iaHy15rZDEl8wrVeckgE6mnJ1gHVJk7GNWnP63gvAd/BX1t1vqXZRsCKslBh1XT
nzFh17R/MhbG98WM9Q3aByYHAeYEojsemZUwKQGdKu+9LDrdwFlUuya4q7MSb62r
fkT8HzUJBFJ0tjHLvQW2GSnAouFTgBp2uE5CjWJhtyUEv0nmmVsjZpEcKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF5qR2ez6qNV17CEMEAhW2PzsYjfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWG1wSFo3UHFvMVhYc0lRd1FDRmJZX094aU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAITnjx2QpNmpOyjV6o5t
e3YOD+jmNkaE5l8AAszVIMVQoMslBRYXMA+kEKNqm2cmTWcM+Ak8VMiNkFHgQtWa
yto3cyuPhjgc9cNQXG36GDJ6le1x2rd0TOcf8E9nzI+8I8zmJyEpGK/lFVQSF0p1
d4ber9BCZa6WWsP39EJoTsqbtFqNLUK0Es9tkQdyUtLgsqlCaTIEMVhygwG0eDg7
iW/VxkmLJrDJP+fJgIxPWVFhLeHHqBQ7Av1ty2BqJOXjghXu7Hy8w8RS+86XIBOe
YSyKStzpgWAxctUOZf3YydXVKJWu0dHJzFrnthsc9cjoSeBeTn8FKWmTbCULjR3g
NtQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org