Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZGNslwrlGs3WCVwr6L88JN0wbOU.roa
File: ZGNslwrlGs3WCVwr6L88JN0wbOU.roa (raw, json)
Hash identifier: P937tNvf8LJ2BjSPGDssa7QFpH+DIIe1+x+1YqiS6Xg=
Subject key identifier: 64:63:6C:97:0A:E5:1A:CD:D6:09:5C:2B:E8:BF:3C:24:DD:30:6C:E5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E7E884BD4457801D5A3C63489F4260BD8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZGNslwrlGs3WCVwr6L88JN0wbOU.roa
Signing time: Wed 27 Mar 2024 06:10:45 +0000
ROA not before: Wed 27 Mar 2024 06:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7e:88:4b:d4:45:78:01:d5:a3:c6:34:89:f4:26:0b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 27 06:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64636c970ae51acdd6095c2be8bf3c24dd306ce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0c:d6:60:60:01:08:80:ab:79:e9:0d:27:ba:
9e:50:92:fe:c8:30:0a:96:8f:9d:82:e5:ff:f9:98:
2a:7e:9f:e4:31:2d:dc:6d:45:e3:03:85:a2:0d:09:
8d:8d:95:f9:97:09:bb:f2:94:e1:b9:90:4b:81:39:
2c:01:78:e3:69:a7:93:7e:8a:c5:6c:43:b7:e3:43:
00:7e:fa:d1:b0:78:e4:c6:36:1a:4e:01:78:cc:de:
9f:74:f8:51:79:5d:c5:41:c7:61:7e:46:10:3f:b4:
db:70:df:e5:8d:0b:02:0f:72:cb:d9:e6:c0:44:86:
0f:c5:5e:8c:9c:22:e2:04:f6:76:92:b4:e1:68:b7:
50:17:e0:d0:ac:2f:b5:84:d2:66:12:32:3e:4b:66:
0f:f1:f4:23:aa:54:b3:6b:eb:dd:2f:f8:aa:17:28:
3f:af:02:11:46:bf:5e:79:a5:ae:94:1e:5d:b4:23:
5b:91:b0:4d:8a:37:9d:f0:b0:19:3b:33:75:a1:c2:
2c:cb:3d:0d:92:77:0c:16:36:68:40:f8:b1:cb:8b:
6c:a0:d7:d6:8b:bb:0b:fe:77:89:32:5d:4c:30:07:
6f:56:d5:c7:26:62:a1:0b:e2:51:1a:42:a4:8e:59:
3e:44:f7:00:15:c7:34:4f:7d:a4:c9:5f:c7:5c:4d:
9a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:63:6C:97:0A:E5:1A:CD:D6:09:5C:2B:E8:BF:3C:24:DD:30:6C:E5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ZGNslwrlGs3WCVwr6L88JN0wbOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:b6:e3:32:c6:99:6f:1b:83:b5:f1:fa:38:09:07:ef:6b:99:
c8:fe:f4:0d:ab:64:af:69:52:ea:58:b0:33:42:68:b1:4c:6e:
8d:18:43:59:ab:07:f2:7d:09:80:fa:8d:48:84:ca:f3:b0:13:
07:64:e9:6b:47:12:2f:f9:a3:10:37:18:ff:6d:bf:a2:a6:4d:
53:53:0b:d1:6f:8d:fb:4f:0b:8e:c1:e8:c9:37:a1:b5:cf:d4:
d6:f6:15:7f:09:58:69:cf:af:e8:9c:80:e0:b4:96:0e:41:41:
15:4f:fb:f9:7f:fe:c7:73:f0:9a:42:64:f8:34:a4:08:e1:21:
fa:2a:d2:41:17:4b:e4:0d:c6:75:bf:54:0c:64:f0:72:1b:49:
c9:51:d0:b5:95:6b:9a:e7:9c:14:02:dd:30:dd:b7:38:48:47:
d2:e9:49:68:b3:2f:47:b8:53:9b:a6:75:a0:fb:d1:a0:ed:44:
89:51:fb:5d:bd:31:ee:9f:bd:66:c6:25:94:57:23:58:9e:51:
d5:3d:b3:72:5e:0d:98:03:33:15:35:4b:f0:ba:44:ca:99:19:
f1:a0:95:2d:17:70:2a:32:a5:86:df:1b:8a:78:cd:84:bb:b7:
b4:ac:6e:e8:ce:c5:2a:ba:bd:83:df:16:84:e3:df:60:ba:98:
1c:92:04:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5+iEvURXgB1aPGNIn0JgvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI3MDYxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDYzNmM5NzBhZTUxYWNkZDYwOTVjMmJlOGJmM2MyNGRkMzA2Y2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQzWYGABCICreekNJ7qeUJL+yDAK
lo+dguX/+Zgqfp/kMS3cbUXjA4WiDQmNjZX5lwm78pThuZBLgTksAXjjaaeTforF
bEO340MAfvrRsHjkxjYaTgF4zN6fdPhReV3FQcdhfkYQP7TbcN/ljQsCD3LL2ebA
RIYPxV6MnCLiBPZ2krThaLdQF+DQrC+1hNJmEjI+S2YP8fQjqlSza+vdL/iqFyg/
rwIRRr9eeaWulB5dtCNbkbBNijed8LAZOzN1ocIsyz0NkncMFjZoQPixy4tsoNfW
i7sL/neJMl1MMAdvVtXHJmKhC+JRGkKkjlk+RPcAFcc0T32kyV/HXE2aBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGRjbJcK5RrN1glcK+i/PCTdMGzlMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWkdOc2x3cmxHczNXQ1Z3cjZMODhKTjB3Yk9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADO24zLGmW8bg7Xx+jgJ
B+9rmcj+9A2rZK9pUupYsDNCaLFMbo0YQ1mrB/J9CYD6jUiEyvOwEwdk6WtHEi/5
oxA3GP9tv6KmTVNTC9FvjftPC47B6Mk3obXP1Nb2FX8JWGnPr+icgOC0lg5BQRVP
+/l//sdz8JpCZPg0pAjhIfoq0kEXS+QNxnW/VAxk8HIbSclR0LWVa5rnnBQC3TDd
tzhIR9LpSWizL0e4U5umdaD70aDtRIlR+129Me6fvWbGJZRXI1ieUdU9s3JeDZgD
MxU1S/C6RMqZGfGglS0XcCoypYbfG4p4zYS7t7SsbujOxSq6vYPfFoTj32C6mByS
BHY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org