Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cP-YoHLN1FyO-AdJO8yL0VoWUS8.roa
File: cP-YoHLN1FyO-AdJO8yL0VoWUS8.roa (raw, json)
Hash identifier: Io9Vaa/HC8707SoXkIdPi43vZOChulmPDss4hSQVcUE=
Subject key identifier: 70:FF:98:A0:72:CD:D4:5C:8E:F8:07:49:3B:CC:8B:D1:5A:16:51:2F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DEDE2ECC9171E4103F25DB5D84D603A73
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cP-YoHLN1FyO-AdJO8yL0VoWUS8.roa
Signing time: Wed 28 Feb 2024 04:04:48 +0000
ROA not before: Wed 28 Feb 2024 04:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18d:ede2:8a56/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ed:e2:ec:c9:17:1e:41:03:f2:5d:b5:d8:4d:60:3a:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 28 04:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70ff98a072cdd45c8ef807493bcc8bd15a16512f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:01:40:2d:43:76:f2:7b:1f:40:e9:89:16:4e:
54:56:db:92:b6:4c:15:00:9b:14:14:d6:4c:0c:9f:
1e:2b:80:e3:31:02:8d:5f:93:36:ad:7d:7c:c4:17:
02:bc:0f:b4:f3:87:36:0e:5f:a5:00:bc:b6:7a:03:
60:4b:cd:a8:47:81:67:0e:18:f2:84:3e:2b:2d:f1:
3d:a0:66:5c:84:2d:4b:53:56:17:d5:1c:fb:0c:54:
2a:da:c0:1f:ae:a2:d8:a8:b0:31:db:ef:15:98:eb:
2c:e4:8f:cb:ac:ec:f6:66:b5:1e:81:13:db:44:e4:
57:64:1b:81:1c:2e:67:79:66:f0:59:62:15:cd:26:
30:49:58:89:26:49:9d:b4:38:4b:5d:da:d2:48:9f:
ea:8a:e0:d7:de:98:96:04:8f:28:28:fb:52:6c:20:
fa:95:2f:6f:07:ed:61:55:75:2e:b6:0e:c7:8c:3b:
37:ff:c3:14:f2:c8:d3:de:8a:75:a3:41:41:32:b9:
81:93:6d:93:06:48:79:f5:d1:f1:cd:8a:ac:a4:48:
d8:4d:f1:e0:34:ab:4e:d5:69:96:9e:99:61:87:bc:
66:fc:80:fe:d8:d0:94:3c:ad:00:d9:be:c6:ef:1c:
f9:dd:dc:4e:85:d1:e6:06:ab:92:bd:cc:17:21:f4:
10:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:FF:98:A0:72:CD:D4:5C:8E:F8:07:49:3B:CC:8B:D1:5A:16:51:2F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cP-YoHLN1FyO-AdJO8yL0VoWUS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:a0:e9:69:88:55:82:56:77:d5:b1:96:92:db:7b:af:1e:d0:
33:0b:68:99:2f:db:4f:75:2d:c3:d5:8f:7f:8d:a5:09:68:6a:
27:8c:6f:3f:0f:8d:0c:1f:ca:ce:7b:3f:b5:b0:9a:ac:d3:5c:
33:60:1a:66:79:42:55:87:1a:ac:53:fe:3a:1e:3d:6b:ca:d6:
71:51:b9:6f:1c:ea:2f:b8:5d:b2:3a:6e:d5:53:f7:51:37:68:
b6:ef:fd:cc:14:7f:bc:ee:e2:b2:51:bb:e0:43:84:9c:73:85:
de:58:10:f9:98:a5:7e:c5:3b:1d:81:c0:4c:ba:71:ad:37:1e:
6c:6b:c7:a9:59:99:29:d6:bf:e8:04:ab:e3:b2:be:c9:95:db:
10:85:61:be:2a:46:21:cb:ac:66:58:26:a9:79:b6:37:d3:9a:
e2:70:43:6c:7d:15:09:f7:09:6c:6b:da:17:45:82:cd:d3:16:
26:0b:c8:d3:90:d7:da:84:a5:a9:97:cb:36:bc:67:91:ca:2f:
57:12:32:ce:3e:a7:70:2a:a1:ea:e8:52:1a:53:58:3d:7f:93:
e3:c8:3c:ec:6a:f0:88:8a:27:6d:50:5a:6b:61:b2:7e:e4:36:
85:29:cc:e9:66:c2:42:16:3f:93:70:6f:4f:ab:9a:9f:7a:01:
59:57:ac:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3t4uzJFx5BA/JdtdhNYDpzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI4MDQwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGZmOThhMDcyY2RkNDVjOGVmODA3NDkzYmNjOGJkMTVhMTY1MTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgFALUN28nsfQOmJFk5UVtuStkwV
AJsUFNZMDJ8eK4DjMQKNX5M2rX18xBcCvA+084c2Dl+lALy2egNgS82oR4FnDhjy
hD4rLfE9oGZchC1LU1YX1Rz7DFQq2sAfrqLYqLAx2+8VmOss5I/LrOz2ZrUegRPb
RORXZBuBHC5neWbwWWIVzSYwSViJJkmdtDhLXdrSSJ/qiuDX3piWBI8oKPtSbCD6
lS9vB+1hVXUutg7HjDs3/8MU8sjT3op1o0FBMrmBk22TBkh59dHxzYqspEjYTfHg
NKtO1WmWnplhh7xm/ID+2NCUPK0A2b7G7xz53dxOhdHmBquSvcwXIfQQBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHD/mKByzdRcjvgHSTvMi9FaFlEvMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvY1AtWW9ITE4xRnlPLUFkSk84eUwwVm9XVVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJyg6WmIVYJWd9WxlpLb
e68e0DMLaJkv2091LcPVj3+NpQloaieMbz8PjQwfys57P7WwmqzTXDNgGmZ5QlWH
GqxT/joePWvK1nFRuW8c6i+4XbI6btVT91E3aLbv/cwUf7zu4rJRu+BDhJxzhd5Y
EPmYpX7FOx2BwEy6ca03Hmxrx6lZmSnWv+gEq+OyvsmV2xCFYb4qRiHLrGZYJql5
tjfTmuJwQ2x9FQn3CWxr2hdFgs3TFiYLyNOQ19qEpamXyza8Z5HKL1cSMs4+p3Aq
oeroUhpTWD1/k+PIPOxq8IiKJ21QWmthsn7kNoUpzOlmwkIWP5Nwb0+rmp96AVlX
rMw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org