Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cswZDk5eG2s8PqWDQ2U94rTm_y4.roa
File: cswZDk5eG2s8PqWDQ2U94rTm_y4.roa (raw, json)
Hash identifier: Iqrk4KcCXYCj3fYbd4ZyOJ+a3G/4AkuHIvx8anEjFqY=
Subject key identifier: 72:CC:19:0E:4E:5E:1B:6B:3C:3E:A5:83:43:65:3D:E2:B4:E6:FF:2E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D82320FFFDDA840EE33BF3DECE857344E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cswZDk5eG2s8PqWDQ2U94rTm_y4.roa
Signing time: Wed 07 Feb 2024 06:12:15 +0000
ROA not before: Wed 07 Feb 2024 06:12:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:82:32:0f:ff:dd:a8:40:ee:33:bf:3d:ec:e8:57:34:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 7 06:12:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72cc190e4e5e1b6b3c3ea58343653de2b4e6ff2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:49:36:37:98:89:cf:7f:85:71:a3:1d:26:ba:
de:76:df:12:bb:48:0c:e0:ed:73:d8:1a:06:56:4c:
76:d3:b9:5b:e8:66:00:6d:b8:93:41:f5:3e:c3:fb:
f6:bf:2f:28:e4:b5:95:55:75:83:24:e9:8f:f7:c2:
66:73:a3:a8:3e:63:2c:ef:02:bc:d5:e4:55:cd:aa:
6e:5d:c6:af:54:2f:54:c6:66:e2:38:4f:5c:df:76:
77:13:a8:a4:5c:2e:6a:4e:ef:6e:41:9b:14:b5:ac:
bb:8c:c6:40:ec:03:58:ee:80:fa:30:66:2e:9b:6a:
89:ef:62:b5:74:cf:9e:eb:b4:21:ba:1a:17:10:d6:
44:63:5c:18:0e:68:2d:3e:cc:83:72:60:90:f3:75:
b2:09:98:b5:ac:5e:44:f3:fc:fa:9a:21:fa:b2:b0:
34:1b:1a:57:15:84:88:0b:11:81:c2:4c:f3:2e:af:
55:42:98:81:ac:be:e6:64:0a:39:21:3b:25:8e:9b:
ce:4c:1c:7a:18:2c:50:eb:e5:37:cd:66:67:2d:08:
d4:38:f9:d3:56:f1:cf:fc:b9:55:a5:46:2f:bc:5f:
7a:b9:9b:48:af:06:8a:b4:2e:09:c7:10:8e:fb:f4:
16:51:01:1c:8b:2f:75:b3:fe:18:ef:ae:0b:bb:ea:
36:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:CC:19:0E:4E:5E:1B:6B:3C:3E:A5:83:43:65:3D:E2:B4:E6:FF:2E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cswZDk5eG2s8PqWDQ2U94rTm_y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:69:10:61:68:22:9c:a2:71:73:ae:50:86:18:d9:38:c3:d2:
9a:ce:0d:92:1d:d3:4a:d3:21:15:e8:40:7d:be:38:e7:8c:7a:
ac:71:8d:7e:4b:c9:25:d4:bb:2d:8f:ad:32:33:11:f9:89:bd:
da:f7:5f:7e:12:42:07:a3:2b:00:81:da:23:d3:e2:59:a9:13:
d4:0a:02:85:e5:fc:97:bf:a4:ce:0a:84:b5:cc:2b:f0:83:89:
89:d1:9a:a2:83:06:5c:46:cb:66:05:72:b2:48:98:f9:1d:4b:
29:d3:01:49:6e:ce:d3:43:67:ed:51:9a:c7:ca:4f:cc:99:9d:
b8:40:8d:28:d5:b0:ca:21:f2:cb:5f:3a:11:4e:41:ef:ca:d0:
10:30:44:34:22:0c:c2:26:89:23:62:cf:60:6d:c1:3b:ac:63:
b2:1d:f8:84:0d:9e:eb:14:be:42:a1:07:8f:68:81:11:74:8f:
36:52:03:7d:25:24:de:a4:81:9f:3c:15:4e:8b:5f:38:50:93:
1a:e6:77:cc:ed:dc:a7:9f:1c:b5:95:4a:15:0b:f1:dc:3e:7a:
da:d4:da:47:94:f6:7f:88:f5:3a:83:f8:fe:c6:8e:8e:38:c5:
3f:90:88:5d:9b:0d:c1:74:d7:5b:92:33:78:e8:ec:26:f7:17:
7d:1a:5d:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2CMg//3ahA7jO/PezoVzROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA3MDYxMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmNjMTkwZTRlNWUxYjZiM2MzZWE1ODM0MzY1M2RlMmI0ZTZmZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUk2N5iJz3+FcaMdJrredt8Su0gM
4O1z2BoGVkx207lb6GYAbbiTQfU+w/v2vy8o5LWVVXWDJOmP98Jmc6OoPmMs7wK8
1eRVzapuXcavVC9UxmbiOE9c33Z3E6ikXC5qTu9uQZsUtay7jMZA7ANY7oD6MGYu
m2qJ72K1dM+e67QhuhoXENZEY1wYDmgtPsyDcmCQ83WyCZi1rF5E8/z6miH6srA0
GxpXFYSICxGBwkzzLq9VQpiBrL7mZAo5ITsljpvOTBx6GCxQ6+U3zWZnLQjUOPnT
VvHP/LlVpUYvvF96uZtIrwaKtC4JxxCO+/QWUQEciy91s/4Y764Lu+o2VwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHLMGQ5OXhtrPD6lg0NlPeK05v8uMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvY3N3WkRrNWVHMnM4UHFXRFEyVTk0clRtX3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB5pEGFoIpyicXOuUIYY
2TjD0prODZId00rTIRXoQH2+OOeMeqxxjX5LySXUuy2PrTIzEfmJvdr3X34SQgej
KwCB2iPT4lmpE9QKAoXl/Je/pM4KhLXMK/CDiYnRmqKDBlxGy2YFcrJImPkdSynT
AUluztNDZ+1RmsfKT8yZnbhAjSjVsMoh8stfOhFOQe/K0BAwRDQiDMImiSNiz2Bt
wTusY7Id+IQNnusUvkKhB49ogRF0jzZSA30lJN6kgZ88FU6LXzhQkxrmd8zt3Kef
HLWVShUL8dw+etrU2keU9n+I9TqD+P7Gjo44xT+QiF2bDcF011uSM3jo7Cb3F30a
XeQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org