Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aGNX8KCR2MwgzoLPvFZvHfDUtK4.roa
File: aGNX8KCR2MwgzoLPvFZvHfDUtK4.roa (raw, json)
Hash identifier: V6qSoJu57njhmUgTmV3twfzOELWWPH7tjVyvdX2oX+0=
Subject key identifier: 68:63:57:F0:A0:91:D8:CC:20:CE:82:CF:BC:56:6F:1D:F0:D4:B4:AE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CEE8A292ED906259FB259740F618FBA15
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aGNX8KCR2MwgzoLPvFZvHfDUtK4.roa
Signing time: Tue 09 Jan 2024 14:04:41 +0000
ROA not before: Tue 09 Jan 2024 14:04:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:ee89:e0bb/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:8a:29:2e:d9:06:25:9f:b2:59:74:0f:61:8f:ba:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 9 14:04:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=686357f0a091d8cc20ce82cfbc566f1df0d4b4ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8c:e1:d2:ea:ef:55:75:96:1e:9e:3d:b6:1b:
1b:ca:2e:16:83:6c:0d:ed:c5:bf:c5:7e:2a:f6:db:
77:ac:d0:8c:ee:dc:1a:b0:af:54:3b:70:35:48:3a:
73:de:c3:29:16:bc:56:83:40:c5:12:dd:3d:4e:60:
10:3f:6d:2f:b8:2e:74:c1:b8:a8:7e:2d:4d:58:af:
07:9e:84:1a:eb:20:f3:9e:06:40:ea:48:62:e3:24:
f4:8c:1d:11:ae:70:04:b6:79:b1:1d:7a:82:3c:e8:
2c:50:55:bb:df:0d:7c:81:c2:7c:d9:8f:1b:e0:b2:
29:bb:39:f9:41:48:8d:b2:5b:b7:97:0e:92:b4:4e:
b8:26:fe:e8:7a:73:e4:8a:3c:78:b9:71:9e:34:be:
b1:6c:9d:3e:55:57:c8:bc:07:a7:c0:7d:70:4d:87:
a7:1d:f9:7b:7d:ed:b8:dc:d7:cb:4e:26:7c:ed:7a:
aa:94:6a:48:3d:d9:f6:ae:40:bc:23:7d:45:67:c3:
a5:30:db:3c:ef:6c:c3:f1:36:af:e2:10:9d:87:63:
5a:ad:0e:78:56:a8:3d:50:30:55:6b:3b:84:1c:b5:
3d:5c:f4:65:7a:6e:59:a8:ef:aa:36:65:88:85:69:
ed:b5:db:5b:b9:80:0d:70:1d:42:3c:0d:3d:1d:70:
4c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:63:57:F0:A0:91:D8:CC:20:CE:82:CF:BC:56:6F:1D:F0:D4:B4:AE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aGNX8KCR2MwgzoLPvFZvHfDUtK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:b6:17:c5:9a:76:93:28:05:c6:50:a5:f6:65:ab:5d:6b:69:
5e:e8:ab:cc:45:73:ca:04:7e:b6:6c:af:3e:1f:8a:14:88:09:
7d:d9:41:7d:49:2c:33:01:49:bb:86:89:3e:ec:b2:d8:23:04:
a7:0c:a6:fd:89:e7:0a:6d:0b:4c:1c:4e:5b:d7:83:b4:3c:03:
00:9e:e5:87:69:69:75:47:ec:2d:7b:61:2e:15:09:bf:ba:e4:
07:29:3e:aa:6f:85:aa:47:d6:e4:9f:4b:aa:a8:89:2d:1b:82:
49:59:70:0c:34:ba:62:a6:2b:01:d1:fc:19:f6:08:e2:f7:9b:
9a:7f:21:bc:32:65:72:dd:aa:fe:df:54:12:4b:e2:e5:32:b3:
9c:37:41:86:d9:7b:b2:ee:df:8f:65:a3:96:64:5c:41:b4:88:
80:f4:e4:8e:d0:46:52:c4:7f:26:d2:a3:cc:47:16:42:a5:71:
71:e4:7c:cc:01:32:ad:35:f6:cf:87:69:36:74:51:e5:43:1a:
72:fb:0c:54:88:af:9b:f2:a5:b8:cd:42:fd:00:59:f3:05:58:
46:69:56:b5:ed:29:5c:89:4a:09:fd:18:7d:9d:e7:6a:15:72:
87:97:a3:36:c6:73:a6:80:c9:2d:23:1d:d5:e3:ca:f7:e7:6c:
02:e8:f1:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzuiiku2QYln7JZdA9hj7oVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA5MTQwNDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODYzNTdmMGEwOTFkOGNjMjBjZTgyY2ZiYzU2NmYxZGYwZDRiNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34zh0urvVXWWHp49thsbyi4Wg2wN
7cW/xX4q9tt3rNCM7twasK9UO3A1SDpz3sMpFrxWg0DFEt09TmAQP20vuC50wbio
fi1NWK8HnoQa6yDzngZA6khi4yT0jB0RrnAEtnmxHXqCPOgsUFW73w18gcJ82Y8b
4LIpuzn5QUiNslu3lw6StE64Jv7oenPkijx4uXGeNL6xbJ0+VVfIvAenwH1wTYen
Hfl7fe243NfLTiZ87XqqlGpIPdn2rkC8I31FZ8OlMNs872zD8Tav4hCdh2NarQ54
Vqg9UDBVazuEHLU9XPRlem5ZqO+qNmWIhWnttdtbuYANcB1CPA09HXBMQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGhjV/CgkdjMIM6Cz7xWbx3w1LSuMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYUdOWDhLQ1IyTXdnem9MUHZGWnZIZkRVdEs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAe2F8WadpMoBcZQpfZl
q11raV7oq8xFc8oEfrZsrz4fihSICX3ZQX1JLDMBSbuGiT7sstgjBKcMpv2J5wpt
C0wcTlvXg7Q8AwCe5YdpaXVH7C17YS4VCb+65AcpPqpvhapH1uSfS6qoiS0bgklZ
cAw0umKmKwHR/Bn2COL3m5p/IbwyZXLdqv7fVBJL4uUys5w3QYbZe7Lu349lo5Zk
XEG0iID05I7QRlLEfybSo8xHFkKlcXHkfMwBMq019s+HaTZ0UeVDGnL7DFSIr5vy
pbjNQv0AWfMFWEZpVrXtKVyJSgn9GH2d52oVcoeXozbGc6aAyS0jHdXjyvfnbALo
8e8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org