Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/f3BrGSFTqD43WPCPMfgUc0Onq18.roa
File: f3BrGSFTqD43WPCPMfgUc0Onq18.roa (raw, json)
Hash identifier: /1JB9TfPPgDgQlWHI8uSbzB1J2SWBvwIXLDL/1BiAx8=
Subject key identifier: 7F:70:6B:19:21:53:A8:3E:37:58:F0:8F:31:F8:14:73:43:A7:AB:5F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4A2ECE04235A56E181A7171B56EAD5BD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/f3BrGSFTqD43WPCPMfgUc0Onq18.roa
Signing time: Sun 17 Mar 2024 02:12:45 +0000
ROA not before: Sun 17 Mar 2024 02:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4a:2e:ce:04:23:5a:56:e1:81:a7:17:1b:56:ea:d5:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 17 02:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f706b192153a83e3758f08f31f8147343a7ab5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:64:20:b7:1c:5f:a1:55:ea:ae:23:dd:08:42:
a5:db:b6:08:19:e8:1a:47:ee:8b:7d:87:44:9b:ee:
b1:2c:af:bf:ec:b5:d3:c6:0b:c6:a5:ee:98:c8:9b:
dc:f1:d7:e2:5e:a7:b9:ea:2e:21:ab:05:ee:a6:ea:
3e:c0:1e:36:0c:65:e4:97:a1:d0:5a:9a:ae:2a:7f:
fb:30:67:5f:e2:a8:6a:eb:f1:5e:65:19:1f:74:ff:
05:11:a1:c1:2f:a8:75:fd:bb:99:86:31:41:62:f3:
1b:52:d3:a2:12:b1:2c:12:eb:0a:f1:6b:b0:ee:02:
f7:79:1b:5f:84:b0:f8:36:d2:6b:28:ac:46:b9:ef:
fa:d5:93:ed:7b:4c:71:df:59:e8:56:d6:13:68:99:
fa:a6:96:67:2b:42:db:68:60:45:16:ba:4d:90:1e:
06:95:11:2d:42:91:86:45:c6:a8:30:f7:15:7f:6a:
80:bb:f5:3d:81:73:f3:b4:84:97:12:06:70:89:82:
8c:16:23:33:e5:04:f3:9f:3f:fc:c6:68:1c:0a:27:
54:90:09:29:b7:f9:09:14:ff:6e:94:9c:90:e8:54:
96:a5:65:32:16:0f:d3:e9:7f:21:27:6e:90:b5:9f:
86:08:b2:9d:ca:b8:a9:b2:25:4f:a6:2f:20:3b:6c:
13:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:70:6B:19:21:53:A8:3E:37:58:F0:8F:31:F8:14:73:43:A7:AB:5F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/f3BrGSFTqD43WPCPMfgUc0Onq18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6d:89:e3:c7:16:5f:9d:57:a6:fa:81:9e:2c:0d:b4:03:a1:50:
ef:a1:20:9c:24:0e:6b:71:7b:6f:99:3f:15:1e:3d:21:c9:1c:
cd:d2:35:32:9b:92:db:e0:a9:76:32:d4:52:09:52:73:00:5f:
27:39:f6:09:7d:30:d0:1b:03:cf:73:d4:c3:67:a6:95:8a:04:
a8:03:f3:d1:05:a7:00:30:d1:4e:e0:65:7e:a7:af:df:3d:ba:
26:ca:15:b6:5d:d8:d1:d0:5b:93:b9:27:5e:5d:31:43:fb:d7:
cc:7f:bf:7a:3a:ca:44:1e:11:b8:54:d5:85:4e:14:a5:ea:f9:
6a:da:77:f4:f2:29:43:4f:8f:74:32:60:ac:16:e0:80:5e:31:
f4:02:c3:d0:25:ba:41:b8:91:1d:9f:de:26:f3:cd:a5:7f:ea:
2a:0f:0c:9b:9f:70:e7:cf:a3:94:e3:09:44:83:87:48:5e:a8:
5f:4f:5e:f3:7b:28:08:90:a8:99:28:79:4d:43:1f:f2:4d:c9:
35:72:b3:df:fc:4c:fa:e2:83:a7:1b:ec:df:37:b7:83:35:91:
33:3d:0d:72:22:ba:2b:f4:12:43:df:17:0b:16:93:5e:63:77:
13:09:d3:03:2d:af:c1:20:33:63:de:8b:8b:b1:ac:32:e0:cc:
de:f4:ac:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5KLs4EI1pW4YGnFxtW6tW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE3MDIxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjcwNmIxOTIxNTNhODNlMzc1OGYwOGYzMWY4MTQ3MzQzYTdhYjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2QgtxxfoVXqriPdCEKl27YIGega
R+6LfYdEm+6xLK+/7LXTxgvGpe6YyJvc8dfiXqe56i4hqwXupuo+wB42DGXkl6HQ
WpquKn/7MGdf4qhq6/FeZRkfdP8FEaHBL6h1/buZhjFBYvMbUtOiErEsEusK8Wuw
7gL3eRtfhLD4NtJrKKxGue/61ZPte0xx31noVtYTaJn6ppZnK0LbaGBFFrpNkB4G
lREtQpGGRcaoMPcVf2qAu/U9gXPztISXEgZwiYKMFiMz5QTznz/8xmgcCidUkAkp
t/kJFP9ulJyQ6FSWpWUyFg/T6X8hJ26QtZ+GCLKdyripsiVPpi8gO2wT/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH9waxkhU6g+N1jwjzH4FHNDp6tfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZjNCckdTRlRxRDQzV1BDUE1mZ1VjME9ucTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG2J48cWX51XpvqBniwN
tAOhUO+hIJwkDmtxe2+ZPxUePSHJHM3SNTKbktvgqXYy1FIJUnMAXyc59gl9MNAb
A89z1MNnppWKBKgD89EFpwAw0U7gZX6nr989uibKFbZd2NHQW5O5J15dMUP718x/
v3o6ykQeEbhU1YVOFKXq+Wrad/TyKUNPj3QyYKwW4IBeMfQCw9AlukG4kR2f3ibz
zaV/6ioPDJufcOfPo5TjCUSDh0heqF9PXvN7KAiQqJkoeU1DH/JNyTVys9/8TPri
g6cb7N83t4M1kTM9DXIiuiv0EkPfFwsWk15jdxMJ0wMtr8EgM2Pei4uxrDLgzN70
rNA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org