Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ddkPiKpLtDJDX6KKdEikKvYWi4I.roa
File: ddkPiKpLtDJDX6KKdEikKvYWi4I.roa (raw, json)
Hash identifier: dalVzbPJgk0dXRqr/Txg6dBHlxsqfwQ9I6tP+3NwyP0=
Subject key identifier: 75:D9:0F:88:AA:4B:B4:32:43:5F:A2:8A:74:48:A4:2A:F6:16:8B:82
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD79DBCE70758E7CCAC083B9548E7DA4E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ddkPiKpLtDJDX6KKdEikKvYWi4I.roa
Signing time: Fri 05 Jan 2024 03:14:48 +0000
ROA not before: Fri 05 Jan 2024 03:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d7:9d:bc:e7:07:58:e7:cc:ac:08:3b:95:48:e7:da:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 5 03:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75d90f88aa4bb432435fa28a7448a42af6168b82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9e:de:8f:6b:cb:b0:63:d6:50:57:b0:06:89:
37:0f:2f:77:b0:bf:4e:88:35:d3:6f:57:2c:8f:bf:
d5:28:d7:f9:d3:79:ae:d3:9d:2c:01:15:97:25:5e:
ab:7a:8b:28:7d:7a:e9:9d:57:df:ef:a0:bd:86:d6:
00:39:41:fa:9b:17:9e:de:00:b2:25:55:f6:11:6d:
9c:7a:e9:db:82:65:e4:c7:ce:27:ed:f4:75:7d:1e:
a7:a5:09:4e:07:c0:06:99:72:68:67:8d:d6:15:5a:
1e:5f:cd:d2:bf:77:ee:19:00:a3:1f:97:da:a7:34:
1f:c8:c7:31:a1:37:38:5f:bf:48:e1:e4:19:95:41:
a7:dc:7f:bc:22:f6:94:f8:fb:90:ba:11:76:42:3c:
0c:59:06:9b:94:ed:18:0c:79:79:7f:7e:e9:eb:fb:
3c:a2:6a:ff:a5:d3:a9:e5:6e:63:ff:7e:d7:4a:99:
d1:dd:03:c1:4d:62:0d:59:73:c6:1a:a1:80:ea:a9:
58:ed:2b:ba:9a:e2:4a:b5:cc:0a:b8:2c:c3:b0:91:
72:b6:7c:7f:b3:01:e7:bd:01:5a:74:54:63:d1:b8:
0f:34:89:5e:87:8b:6b:de:d9:84:be:d1:4a:fd:9a:
20:bf:bf:b3:ca:60:76:58:d6:95:02:1c:6e:fb:2a:
f4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D9:0F:88:AA:4B:B4:32:43:5F:A2:8A:74:48:A4:2A:F6:16:8B:82
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ddkPiKpLtDJDX6KKdEikKvYWi4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:37:89:fb:68:04:2b:45:0c:3a:0f:9b:3d:a6:5b:58:48:f4:
3c:71:25:ea:ce:ea:15:73:43:73:e6:07:74:9d:45:fa:15:e7:
b5:9a:94:0d:18:8c:88:cd:10:66:5a:4a:4e:c1:0c:cc:70:7e:
06:2c:a1:ca:6e:bf:0e:f4:dc:46:90:3f:92:67:df:bd:87:fd:
ac:a7:42:e7:ed:a1:b4:6f:9b:84:30:77:fe:96:6c:d7:0d:2c:
a2:8d:91:2a:a2:f3:3d:84:3e:ed:97:75:a4:7f:19:06:8d:6b:
a7:b6:5b:df:8e:0f:0a:f0:c7:28:08:02:bb:3e:90:00:34:a4:
f0:1b:d1:1d:eb:fe:43:52:f4:08:fa:ab:77:78:7b:3a:51:a2:
12:12:55:b2:89:04:6e:00:c3:60:72:38:ce:4e:ad:3e:05:40:
0f:91:e9:0e:84:67:12:1b:e6:ce:cd:0d:7f:a8:70:44:34:a6:
fb:a5:b6:c7:13:74:3a:8c:bc:4d:00:e3:43:f4:bf:46:41:fb:
7c:03:1f:a8:c0:b5:a4:ef:21:34:5f:fd:43:82:3d:a1:34:8a:
ba:97:f3:45:99:81:29:98:a8:b9:da:64:fd:36:e4:3a:b0:39:
15:23:99:c9:e9:80:b4:31:13:e8:95:b9:fc:e6:e7:49:85:64:
cf:7a:85:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzXnbznB1jnzKwIO5VI59pOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA1MDMxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWQ5MGY4OGFhNGJiNDMyNDM1ZmEyOGE3NDQ4YTQyYWY2MTY4YjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp7ej2vLsGPWUFewBok3Dy93sL9O
iDXTb1csj7/VKNf503mu050sARWXJV6reosofXrpnVff76C9htYAOUH6mxee3gCy
JVX2EW2ceunbgmXkx84n7fR1fR6npQlOB8AGmXJoZ43WFVoeX83Sv3fuGQCjH5fa
pzQfyMcxoTc4X79I4eQZlUGn3H+8IvaU+PuQuhF2QjwMWQablO0YDHl5f37p6/s8
omr/pdOp5W5j/37XSpnR3QPBTWINWXPGGqGA6qlY7Su6muJKtcwKuCzDsJFytnx/
swHnvQFadFRj0bgPNIleh4tr3tmEvtFK/Zogv7+zymB2WNaVAhxu+yr0jwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHXZD4iqS7QyQ1+iinRIpCr2FouCMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZGRrUGlLcEx0REpEWDZLS2RFaWtLdllXaTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEc3iftoBCtFDDoPmz2m
W1hI9DxxJerO6hVzQ3PmB3SdRfoV57WalA0YjIjNEGZaSk7BDMxwfgYsocpuvw70
3EaQP5Jn372H/aynQuftobRvm4Qwd/6WbNcNLKKNkSqi8z2EPu2XdaR/GQaNa6e2
W9+ODwrwxygIArs+kAA0pPAb0R3r/kNS9Aj6q3d4ezpRohISVbKJBG4Aw2ByOM5O
rT4FQA+R6Q6EZxIb5s7NDX+ocEQ0pvultscTdDqMvE0A40P0v0ZB+3wDH6jAtaTv
ITRf/UOCPaE0irqX80WZgSmYqLnaZP025DqwORUjmcnpgLQxE+iVufzm50mFZM96
hWU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org