Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dAfItOKyGh-dvvWtW1-317VCD_Y.roa
File: dAfItOKyGh-dvvWtW1-317VCD_Y.roa (raw, json)
Hash identifier: JcE9dVK2CfWNYQGUW9cRf7lPknocoj6/2l5Xsl9kGkI=
Subject key identifier: 74:07:C8:B4:E2:B2:1A:1F:9D:BE:F5:AD:5B:5F:B7:D7:B5:42:0F:F6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E16721D6EC622AB4547FD874D68EA5BDB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dAfItOKyGh-dvvWtW1-317VCD_Y.roa
Signing time: Thu 07 Mar 2024 01:06:01 +0000
ROA not before: Thu 07 Mar 2024 01:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:1670:97bc/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:16:72:1d:6e:c6:22:ab:45:47:fd:87:4d:68:ea:5b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 7 01:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7407c8b4e2b21a1f9dbef5ad5b5fb7d7b5420ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b9:35:59:66:4a:20:4f:47:b5:ba:c4:06:a5:
55:fe:32:02:a0:aa:3d:3c:1f:2b:18:5d:33:3c:df:
98:28:df:ed:57:81:31:7e:7b:63:08:c7:9e:25:6e:
eb:63:b5:97:d0:aa:11:d8:72:36:e1:3d:db:bd:05:
67:41:69:bd:79:9f:28:8d:04:64:4f:c2:43:a6:cf:
7f:18:6d:aa:74:2b:37:f0:65:42:60:74:4e:b0:e2:
c6:d9:3a:da:f5:17:c1:e1:09:1e:b2:d7:3c:6f:b9:
11:84:68:23:43:30:16:7f:f2:b8:3b:a1:a0:93:dd:
cb:8f:44:15:23:97:86:c6:c0:c3:cb:b8:99:bc:29:
20:ef:28:09:d7:59:65:80:18:4f:85:4c:cf:aa:bc:
26:c1:a4:1b:6c:60:49:63:99:1a:ad:ee:28:4d:cb:
49:57:a5:59:dc:e6:89:78:02:35:30:4f:29:c3:8c:
74:15:7d:b5:27:bc:ea:dc:68:53:01:37:29:e3:dc:
a1:c4:72:15:79:1a:53:bf:88:23:87:c2:f7:ca:34:
51:20:e2:13:2d:83:64:1f:87:31:27:03:2f:b9:fa:
9e:f7:ba:6d:0f:f7:f2:67:d4:1c:3d:fa:ce:af:d3:
7c:b5:0f:99:65:ae:75:88:29:81:c4:29:f1:2d:fb:
d7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:07:C8:B4:E2:B2:1A:1F:9D:BE:F5:AD:5B:5F:B7:D7:B5:42:0F:F6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dAfItOKyGh-dvvWtW1-317VCD_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:f2:c1:6a:91:24:3c:47:5a:d5:0c:97:c9:13:ba:2f:c2:33:
e0:f0:52:c0:fb:37:02:20:af:bd:cc:f5:28:df:4e:ce:17:7b:
c7:e0:02:20:0a:6e:53:21:fd:1b:2d:cf:30:a2:8f:cc:0f:39:
06:61:6e:55:e3:57:b4:be:8f:2c:8a:3d:87:47:72:a0:fc:7b:
83:f9:0a:3f:da:da:60:c1:3b:7b:f3:62:ba:4a:1d:b6:34:d9:
97:d2:cb:db:21:8f:c2:70:e5:39:43:8a:ab:75:36:7e:f4:f7:
31:24:7c:a6:e6:f7:49:67:ef:ec:d1:c7:a1:ce:b7:f4:74:a0:
2b:65:77:af:a0:3b:5b:3e:80:61:6e:d1:37:8a:74:07:a8:74:
56:31:9e:b8:4d:f2:eb:15:78:6a:9f:ce:6a:f3:3f:e9:a3:f0:
cf:1d:f0:ed:42:3e:9f:e1:47:e7:be:5d:30:2b:75:dd:a9:e0:
76:ca:cb:29:e9:8f:25:08:38:90:77:11:d6:04:80:09:c1:e2:
94:11:93:38:bb:33:d7:5d:b4:49:78:d0:92:65:48:99:91:c2:
47:b1:a6:a9:a1:3d:d3:55:8f:9f:d9:25:31:b7:f4:65:1d:8a:
be:69:ea:95:02:00:a1:fb:5e:9e:4a:94:b5:99:1c:c1:f3:1c:
47:17:ca:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4Wch1uxiKrRUf9h01o6lvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA3MDEwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDA3YzhiNGUyYjIxYTFmOWRiZWY1YWQ1YjVmYjdkN2I1NDIwZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLk1WWZKIE9HtbrEBqVV/jICoKo9
PB8rGF0zPN+YKN/tV4ExfntjCMeeJW7rY7WX0KoR2HI24T3bvQVnQWm9eZ8ojQRk
T8JDps9/GG2qdCs38GVCYHROsOLG2Tra9RfB4Qkestc8b7kRhGgjQzAWf/K4O6Gg
k93Lj0QVI5eGxsDDy7iZvCkg7ygJ11llgBhPhUzPqrwmwaQbbGBJY5kare4oTctJ
V6VZ3OaJeAI1ME8pw4x0FX21J7zq3GhTATcp49yhxHIVeRpTv4gjh8L3yjRRIOIT
LYNkH4cxJwMvufqe97ptD/fyZ9QcPfrOr9N8tQ+ZZa51iCmBxCnxLfvX9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHQHyLTishofnb71rVtft9e1Qg/2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZEFmSXRPS3lHaC1kdnZXdFcxLTMxN1ZDRF9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABjywWqRJDxHWtUMl8kT
ui/CM+DwUsD7NwIgr73M9SjfTs4Xe8fgAiAKblMh/RstzzCij8wPOQZhblXjV7S+
jyyKPYdHcqD8e4P5Cj/a2mDBO3vzYrpKHbY02ZfSy9shj8Jw5TlDiqt1Nn709zEk
fKbm90ln7+zRx6HOt/R0oCtld6+gO1s+gGFu0TeKdAeodFYxnrhN8usVeGqfzmrz
P+mj8M8d8O1CPp/hR+e+XTArdd2p4HbKyynpjyUIOJB3EdYEgAnB4pQRkzi7M9dd
tEl40JJlSJmRwkexpqmhPdNVj5/ZJTG39GUdir5p6pUCAKH7Xp5KlLWZHMHzHEcX
ylE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org