Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_74_2NnRE1aXXKP3TU81uqgXujs.roa
File: _74_2NnRE1aXXKP3TU81uqgXujs.roa (raw, json)
Hash identifier: WaNRHYTxe88H/jq90ak3q56a3XZDeuw3qKNXZtY+Rwk=
Subject key identifier: FF:BE:3F:D8:D9:D1:13:56:97:5C:A3:F7:4D:4F:35:BA:A8:17:BA:3B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9628FEFB3ADF6FF68027247F9A9FF4AB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_74_2NnRE1aXXKP3TU81uqgXujs.roa
Signing time: Sat 23 Dec 2023 10:11:58 +0000
ROA not before: Sat 23 Dec 2023 10:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:96:28:fe:fb:3a:df:6f:f6:80:27:24:7f:9a:9f:f4:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 10:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffbe3fd8d9d11356975ca3f74d4f35baa817ba3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a2:d4:f8:a8:1e:a5:82:18:f7:56:36:b7:9a:
5c:2b:40:e3:cb:51:c9:91:20:7d:ce:38:33:4b:f4:
57:5d:b0:f2:e2:c9:c7:5a:cf:43:39:30:3f:a2:b9:
92:da:c0:f7:68:7c:71:76:6e:1b:d8:4d:e1:14:49:
df:bd:9e:54:af:b2:3a:48:35:37:d7:83:c2:32:81:
b4:aa:69:9e:e9:89:70:01:23:86:04:cc:f6:6c:f9:
ed:46:c1:0d:23:36:83:61:3e:1c:ef:61:7e:90:0f:
66:36:60:84:0d:a9:9d:ad:cc:7d:bd:bd:b8:ac:37:
3a:f2:f8:f9:13:ea:b1:47:b8:11:73:95:3b:ab:f1:
46:f6:bd:a8:f6:92:82:8a:7c:85:ab:c2:c2:96:53:
66:52:44:40:c8:46:5a:b3:54:8f:36:69:6f:b0:ef:
5a:44:b2:5e:cf:00:d6:21:f9:d0:82:a1:ed:fb:fe:
93:2d:e0:df:d1:e5:08:23:fd:23:c1:25:58:c6:5c:
be:9a:37:b1:84:cd:c4:12:bd:90:72:f3:6a:12:9f:
6e:aa:74:9c:3a:58:2e:23:d8:8c:37:10:b7:33:e0:
ff:7b:16:d2:99:9d:a1:d3:78:ed:10:64:cb:7d:3b:
7f:d1:3a:07:15:9d:40:47:91:8d:8f:65:45:92:5e:
c0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:BE:3F:D8:D9:D1:13:56:97:5C:A3:F7:4D:4F:35:BA:A8:17:BA:3B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_74_2NnRE1aXXKP3TU81uqgXujs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:de:87:1a:9d:fb:a1:5c:b6:bf:80:c0:f9:28:cf:31:0d:b0:
c1:3e:19:b3:f9:b7:2e:b4:1c:fe:e2:21:c1:7d:31:d3:de:93:
a7:54:45:52:a0:e4:38:a0:15:1e:57:75:88:a7:99:3c:89:70:
78:eb:f0:7d:fb:51:83:de:75:18:1b:db:05:43:af:98:00:64:
c2:ca:eb:53:64:a8:de:64:d9:a7:94:e4:06:a1:62:73:48:15:
ad:f1:09:9b:1e:63:49:6b:d6:19:be:af:82:76:18:b2:c9:6e:
c0:11:88:63:12:e9:5c:f6:00:45:8f:b8:59:e9:83:ed:10:cd:
ce:05:8d:7e:e7:10:71:9c:bb:20:7f:04:b3:c2:60:99:ff:a4:
9a:9f:0a:15:da:ca:3d:41:ee:09:78:64:5c:1a:d8:0a:80:58:
a3:8f:43:4d:77:cf:a1:7a:21:49:0d:66:86:a7:ce:78:c3:56:
86:e0:82:dd:1a:95:cf:39:05:0c:ea:a3:3c:b3:39:70:78:56:
e0:4b:81:1d:92:b9:04:6a:8c:4c:7d:04:1c:0a:e5:21:0d:f1:
aa:97:90:12:55:dd:47:37:08:08:75:d1:49:e6:f8:20:78:58:
09:19:c7:db:a4:e4:ac:ad:ae:ec:8d:5a:f7:f0:a5:f6:c4:f3:
1f:c0:5a:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyWKP77Ot9v9oAnJH+an/SrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMTAxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmJlM2ZkOGQ5ZDExMzU2OTc1Y2EzZjc0ZDRmMzViYWE4MTdiYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqLU+KgepYIY91Y2t5pcK0Djy1HJ
kSB9zjgzS/RXXbDy4snHWs9DOTA/ormS2sD3aHxxdm4b2E3hFEnfvZ5Ur7I6SDU3
14PCMoG0qmme6YlwASOGBMz2bPntRsENIzaDYT4c72F+kA9mNmCEDamdrcx9vb24
rDc68vj5E+qxR7gRc5U7q/FG9r2o9pKCinyFq8LCllNmUkRAyEZas1SPNmlvsO9a
RLJezwDWIfnQgqHt+/6TLeDf0eUII/0jwSVYxly+mjexhM3EEr2QcvNqEp9uqnSc
OlguI9iMNxC3M+D/exbSmZ2h03jtEGTLfTt/0ToHFZ1AR5GNj2VFkl7ARwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP++P9jZ0RNWl1yj901PNbqoF7o7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvXzc0XzJOblJFMWFYWEtQM1RVODF1cWdYdWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHfehxqd+6Fctr+AwPko
zzENsME+GbP5ty60HP7iIcF9MdPek6dURVKg5DigFR5XdYinmTyJcHjr8H37UYPe
dRgb2wVDr5gAZMLK61NkqN5k2aeU5AahYnNIFa3xCZseY0lr1hm+r4J2GLLJbsAR
iGMS6Vz2AEWPuFnpg+0Qzc4FjX7nEHGcuyB/BLPCYJn/pJqfChXayj1B7gl4ZFwa
2AqAWKOPQ013z6F6IUkNZoanznjDVobggt0alc85BQzqozyzOXB4VuBLgR2SuQRq
jEx9BBwK5SEN8aqXkBJV3Uc3CAh10Unm+CB4WAkZx9uk5KytruyNWvfwpfbE8x/A
WuE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org