Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aavEwjx1kMTLo150fERIXVS3r4s.roa
File: aavEwjx1kMTLo150fERIXVS3r4s.roa (raw, json)
Hash identifier: zZVtjd4io2ssoP0JbGhsIRe3SFbi6feZP6Iz7kroZ28=
Subject key identifier: 69:AB:C4:C2:3C:75:90:C4:CB:A3:5E:74:7C:44:48:5D:54:B7:AF:8B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D1B6E536BCA591FA5B0D2449E6164106A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aavEwjx1kMTLo150fERIXVS3r4s.roa
Signing time: Thu 18 Jan 2024 07:17:11 +0000
ROA not before: Thu 18 Jan 2024 07:17:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1b:6e:53:6b:ca:59:1f:a5:b0:d2:44:9e:61:64:10:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 18 07:17:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69abc4c23c7590c4cba35e747c44485d54b7af8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:74:18:7e:28:ba:9b:34:97:fa:4c:5c:78:65:
f7:ab:3a:bf:0c:b3:fc:fc:fd:03:7f:22:58:89:df:
f5:40:13:9f:5d:c2:71:81:62:27:4a:99:59:82:09:
cb:cf:e5:2a:93:8b:2c:48:fb:d2:e8:7f:e2:52:d5:
56:ab:07:db:d2:79:dd:ee:19:dc:d5:6a:05:79:46:
22:2a:0e:5b:ad:45:8b:cd:b2:42:56:a9:4b:4c:9c:
29:0c:13:a3:59:fd:1e:0f:52:be:39:8d:9e:6f:4c:
85:db:cf:14:d0:2c:f1:0e:9f:83:eb:70:e8:fc:5e:
97:bb:ef:2f:5b:02:1f:a1:e8:8b:91:3b:6e:41:f2:
fb:9e:9c:fc:72:92:55:10:3c:b7:f4:b7:12:ff:77:
cd:d6:b2:92:2b:bc:da:6c:b9:81:d0:6b:4c:cb:a6:
e8:6f:af:7b:ad:af:43:ae:62:34:72:c1:c3:76:8c:
4a:25:23:03:0e:44:21:19:f7:07:b5:e3:78:ff:38:
eb:9a:64:14:a0:f2:11:fc:5e:f5:b3:c1:71:b5:89:
28:e1:ec:f8:9f:9a:a1:73:6b:7a:86:12:f2:f8:28:
67:5c:84:45:3f:d0:ed:9d:e6:27:3e:57:ee:58:af:
47:c4:5d:ae:e0:14:c3:b5:4b:06:3e:5d:72:7a:8a:
ba:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AB:C4:C2:3C:75:90:C4:CB:A3:5E:74:7C:44:48:5D:54:B7:AF:8B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aavEwjx1kMTLo150fERIXVS3r4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:c1:83:f9:42:b8:b7:a6:11:b2:73:c6:1f:52:24:c3:7e:6c:
e8:68:bb:cf:23:84:02:3c:f3:52:76:b5:fc:4a:0e:aa:96:5e:
77:66:1a:57:64:92:24:3d:0c:22:13:17:09:eb:06:eb:90:2a:
c0:4b:14:cb:1c:c2:ee:c6:39:a3:36:e3:7f:c9:d2:1e:99:bc:
72:00:35:59:c1:44:12:5f:d4:15:eb:b7:69:c9:01:43:c7:67:
ab:06:53:79:c7:8b:0e:5f:ec:ee:7a:d4:f6:9a:bb:05:3c:06:
70:5a:bc:41:db:db:6d:51:22:8e:0a:fb:a8:a2:ca:56:19:e5:
b0:ef:29:33:a2:51:0d:3c:82:14:67:af:f9:dd:0f:0a:ad:7b:
4d:d5:66:54:f3:e1:eb:b7:c1:bf:dc:75:b1:68:45:a4:f5:41:
84:5b:9c:98:eb:f0:fe:ed:78:db:66:3c:bf:66:f6:74:28:5b:
73:53:f5:56:31:be:75:09:52:6d:a2:99:c7:b4:98:23:b9:82:
c3:da:49:57:bd:25:7e:de:fe:79:5b:17:3f:37:dd:c7:c6:6d:
30:e9:4b:5c:fc:ea:e4:97:43:a2:5b:73:c5:cd:2b:e7:f2:1c:
e9:c3:e1:4e:16:0e:34:f8:39:6c:00:f0:c8:cc:a8:b4:14:96:
32:ad:8a:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0bblNrylkfpbDSRJ5hZBBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE4MDcxNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFiYzRjMjNjNzU5MGM0Y2JhMzVlNzQ3YzQ0NDg1ZDU0YjdhZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3QYfii6mzSX+kxceGX3qzq/DLP8
/P0DfyJYid/1QBOfXcJxgWInSplZggnLz+Uqk4ssSPvS6H/iUtVWqwfb0nnd7hnc
1WoFeUYiKg5brUWLzbJCVqlLTJwpDBOjWf0eD1K+OY2eb0yF288U0CzxDp+D63Do
/F6Xu+8vWwIfoeiLkTtuQfL7npz8cpJVEDy39LcS/3fN1rKSK7zabLmB0GtMy6bo
b697ra9DrmI0csHDdoxKJSMDDkQhGfcHteN4/zjrmmQUoPIR/F71s8FxtYko4ez4
n5qhc2t6hhLy+ChnXIRFP9DtneYnPlfuWK9HxF2u4BTDtUsGPl1yeoq6pwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGmrxMI8dZDEy6NedHxESF1Ut6+LMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYWF2RXdqeDFrTVRMbzE1MGZFUklYVlMzcjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADXBg/lCuLemEbJzxh9S
JMN+bOhou88jhAI881J2tfxKDqqWXndmGldkkiQ9DCITFwnrBuuQKsBLFMscwu7G
OaM243/J0h6ZvHIANVnBRBJf1BXrt2nJAUPHZ6sGU3nHiw5f7O561PaauwU8BnBa
vEHb221RIo4K+6iiylYZ5bDvKTOiUQ08ghRnr/ndDwqte03VZlTz4eu3wb/cdbFo
RaT1QYRbnJjr8P7teNtmPL9m9nQoW3NT9VYxvnUJUm2imce0mCO5gsPaSVe9JX7e
/nlbFz833cfGbTDpS1z86uSXQ6Jbc8XNK+fyHOnD4U4WDjT4OWwA8MjMqLQUljKt
iqE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org