Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_yVlACbYic0wIFPr2YEG9MIsKJk.roa
File: _yVlACbYic0wIFPr2YEG9MIsKJk.roa (raw, json)
Hash identifier: y1v+Kc3Kb8pWpxroH6O3gU4BwOtegHXK833c/S9D/Nw=
Subject key identifier: FF:25:65:00:26:D8:89:CD:30:20:53:EB:D9:81:06:F4:C2:2C:28:99
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D53A1596C218B38AA468A8FF6E6470D31
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_yVlACbYic0wIFPr2YEG9MIsKJk.roa
Signing time: Mon 29 Jan 2024 05:11:39 +0000
ROA not before: Mon 29 Jan 2024 05:11:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:53:a1:59:6c:21:8b:38:aa:46:8a:8f:f6:e6:47:0d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 29 05:11:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff25650026d889cd302053ebd98106f4c22c2899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0c:5e:21:ca:5d:b3:4b:e6:e3:73:d7:d4:e6:
0b:b8:0c:4d:12:36:f1:8e:6d:f8:96:64:19:46:94:
44:2c:ef:0d:42:26:b8:49:48:f9:ca:ce:cc:a2:bd:
4f:47:bf:c8:c3:cb:37:3e:4a:dc:91:ee:9c:ff:fd:
d8:37:4f:cf:c3:07:d3:c4:32:9d:d7:91:9e:99:d5:
33:11:e0:57:ea:d6:5c:b3:64:02:82:82:a9:54:fd:
37:90:70:ee:d8:4e:67:be:16:84:7a:7b:4e:c3:6b:
78:f8:b2:52:2e:9e:84:d8:2e:43:f7:6c:7d:71:57:
ed:e2:83:d4:cf:36:6d:00:7b:6f:7e:09:fd:d1:5b:
d1:8c:59:71:b1:a7:39:1a:20:dd:94:ea:c0:0c:4a:
07:ea:f5:87:93:21:64:ba:ed:3e:83:61:76:69:ed:
6d:46:34:de:98:fc:2a:c7:ae:8a:df:a8:bd:a4:d3:
96:7c:3e:d3:c4:b5:bc:30:49:e0:5f:ee:e7:4d:18:
ee:b1:c1:33:f1:ca:bf:51:8e:dd:83:8c:4e:5b:36:
11:c1:98:9b:df:63:4f:71:f8:2b:6a:d6:62:b8:31:
29:16:92:44:ec:56:7c:11:f4:6a:44:e8:c2:6a:17:
8c:ee:de:10:d4:03:ee:33:fd:88:36:43:42:e7:87:
9a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:25:65:00:26:D8:89:CD:30:20:53:EB:D9:81:06:F4:C2:2C:28:99
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_yVlACbYic0wIFPr2YEG9MIsKJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:5a:e9:1f:d6:65:42:b7:f0:f0:dd:5d:ed:9d:83:f4:5c:ad:
b9:71:9b:1e:b1:9f:2f:8c:ed:5f:cc:30:82:f6:e9:41:cb:20:
fc:50:44:70:27:4e:bd:0a:0c:c1:7c:19:95:08:18:8f:d5:37:
2c:ed:c9:fd:d3:0f:07:00:49:12:9c:ce:38:f8:1c:23:b9:28:
10:52:81:d1:85:dc:48:c0:3a:4c:93:d4:fd:77:f1:b4:8b:39:
9f:b3:ae:77:35:e0:12:56:80:9c:62:e0:a9:61:3c:26:9c:5e:
f8:9c:38:79:e8:2b:88:bd:49:0e:69:dc:65:50:53:b4:3d:1e:
ec:3a:4d:81:14:d3:1e:f1:5d:a7:dc:2b:bb:dc:8a:ea:b7:6c:
44:54:c9:b9:e7:70:ce:b0:a9:5c:02:44:02:24:59:d9:a8:aa:
c6:f8:0c:22:46:1c:a5:56:71:84:8a:bd:47:8b:52:61:7b:7c:
ce:cc:30:e9:b0:07:ab:87:be:d5:6e:ae:73:f7:29:8c:a6:9e:
43:08:a9:ed:e1:be:9d:1e:b0:e3:31:f4:84:56:5d:b6:71:4f:
78:c0:85:0c:35:a4:25:fa:ed:a4:dc:9b:ed:49:e1:29:99:0a:
74:2d:78:86:94:39:79:c8:09:89:32:65:1d:28:26:ca:7b:0c:
c2:c3:3f:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1ToVlsIYs4qkaKj/bmRw0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI5MDUxMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjI1NjUwMDI2ZDg4OWNkMzAyMDUzZWJkOTgxMDZmNGMyMmMyODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAxeIcpds0vm43PX1OYLuAxNEjbx
jm34lmQZRpRELO8NQia4SUj5ys7Mor1PR7/Iw8s3Pkrcke6c//3YN0/PwwfTxDKd
15GemdUzEeBX6tZcs2QCgoKpVP03kHDu2E5nvhaEentOw2t4+LJSLp6E2C5D92x9
cVft4oPUzzZtAHtvfgn90VvRjFlxsac5GiDdlOrADEoH6vWHkyFkuu0+g2F2ae1t
RjTemPwqx66K36i9pNOWfD7TxLW8MEngX+7nTRjuscEz8cq/UY7dg4xOWzYRwZib
32NPcfgratZiuDEpFpJE7FZ8EfRqROjCaheM7t4Q1APuM/2INkNC54eaXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP8lZQAm2InNMCBT69mBBvTCLCiZMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvX3lWbEFDYllpYzB3SUZQcjJZRUc5TUlzS0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACxa6R/WZUK38PDdXe2d
g/Rcrblxmx6xny+M7V/MMIL26UHLIPxQRHAnTr0KDMF8GZUIGI/VNyztyf3TDwcA
SRKczjj4HCO5KBBSgdGF3EjAOkyT1P138bSLOZ+zrnc14BJWgJxi4KlhPCacXvic
OHnoK4i9SQ5p3GVQU7Q9Huw6TYEU0x7xXafcK7vciuq3bERUybnncM6wqVwCRAIk
Wdmoqsb4DCJGHKVWcYSKvUeLUmF7fM7MMOmwB6uHvtVurnP3KYymnkMIqe3hvp0e
sOMx9IRWXbZxT3jAhQw1pCX67aTcm+1J4SmZCnQteIaUOXnICYkyZR0oJsp7DMLD
Pyk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org