Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fQKAuIPwE2jSANwIoMFZ6LzsOUc.roa
File: fQKAuIPwE2jSANwIoMFZ6LzsOUc.roa (raw, json)
Hash identifier: m/O/aTlZhKWlb1EElw62FZImuIFLZtSSoFZi6EukZ6o=
Subject key identifier: 7D:02:80:B8:83:F0:13:68:D2:00:DC:08:A0:C1:59:E8:BC:EC:39:47
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EBA2F6D415B591899D287D6B592BE04B2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fQKAuIPwE2jSANwIoMFZ6LzsOUc.roa
Signing time: Sun 07 Apr 2024 20:10:54 +0000
ROA not before: Sun 07 Apr 2024 20:10:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ba:2f:6d:41:5b:59:18:99:d2:87:d6:b5:92:be:04:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 7 20:10:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d0280b883f01368d200dc08a0c159e8bcec3947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1b:ad:a3:a1:73:fd:3e:71:5a:eb:19:f2:7c:
3a:97:e4:2c:14:f9:6e:f3:f9:6b:2a:b2:e0:a6:8f:
03:85:55:22:13:8f:d8:e3:49:a7:a9:3e:04:68:5d:
9e:25:eb:46:b0:5d:a0:4b:55:82:a0:75:c2:4c:47:
fe:eb:ab:6a:98:5c:df:14:be:a3:2c:ff:6c:80:ae:
75:5f:34:0b:4d:a9:51:da:dd:b5:20:6d:38:5e:8d:
6e:a3:7e:34:76:9c:03:63:c1:58:4c:4a:22:17:07:
92:73:65:e0:69:6b:9b:1e:41:5c:54:15:7c:0f:76:
10:ab:61:e2:1d:64:c1:d7:42:6e:5a:bf:ee:2d:fe:
d7:a6:35:8e:ee:97:32:bc:a6:85:2a:eb:32:42:8a:
eb:3b:c0:9e:19:9a:9d:26:f0:bf:1e:37:c1:38:07:
05:a0:1b:e5:79:5f:e0:c3:28:30:49:68:29:87:e1:
9f:ff:b7:76:85:ab:a1:91:e7:d8:0a:d2:76:94:25:
77:93:30:27:a3:1f:2f:61:16:65:1d:6f:3a:e7:65:
d0:57:cc:93:ad:95:05:53:3d:ba:4d:4c:c9:09:5c:
26:c5:f7:14:48:82:45:55:94:19:bd:59:18:e1:b8:
98:49:dc:f7:b8:1b:e2:b6:97:06:7d:3c:19:15:12:
35:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:02:80:B8:83:F0:13:68:D2:00:DC:08:A0:C1:59:E8:BC:EC:39:47
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fQKAuIPwE2jSANwIoMFZ6LzsOUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:63:b5:2f:58:ab:f1:a9:d8:85:7d:40:07:40:d3:7d:23:ec:
90:29:e7:6e:3f:9f:94:32:0f:97:78:a6:c5:b7:5e:87:a1:cc:
4c:4f:bf:f2:85:e7:85:d4:2b:2c:fd:99:66:42:cf:16:53:62:
5b:0b:a6:6e:5e:60:e8:07:c3:f0:22:1b:22:a6:b3:be:4c:d0:
36:6b:b2:76:1a:56:a0:13:26:8f:21:d0:06:b2:2a:a2:6d:78:
87:42:c8:7d:be:9f:d5:e2:6e:16:92:1f:c4:e6:2c:36:21:46:
a2:0a:8d:e2:4a:b7:f6:fb:6f:09:5a:12:37:89:6b:49:93:51:
0b:23:f4:78:31:96:36:12:18:91:b6:a4:99:5c:35:8b:a8:22:
15:2d:96:11:af:64:07:9d:f2:01:8c:27:65:4a:20:b0:ac:51:
69:7c:88:70:cc:91:1e:1a:28:88:ab:ae:26:9f:ce:63:06:55:
f6:09:9f:bf:e7:d2:e3:14:61:4b:dd:70:06:38:26:40:12:88:
2e:a1:87:2f:36:d6:4a:80:d2:39:57:2e:bb:7c:ed:3e:c8:49:
0b:cc:7e:33:12:ad:84:4c:e7:39:96:5d:54:c8:af:90:1e:b4:
59:17:49:0f:64:4c:f4:f2:d6:be:b2:20:9d:f6:96:63:a6:c1:
f4:cd:51:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY66L21BW1kYmdKH1rWSvgSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA3MjAxMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDAyODBiODgzZjAxMzY4ZDIwMGRjMDhhMGMxNTllOGJjZWMzOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihuto6Fz/T5xWusZ8nw6l+QsFPlu
8/lrKrLgpo8DhVUiE4/Y40mnqT4EaF2eJetGsF2gS1WCoHXCTEf+66tqmFzfFL6j
LP9sgK51XzQLTalR2t21IG04Xo1uo340dpwDY8FYTEoiFweSc2XgaWubHkFcVBV8
D3YQq2HiHWTB10JuWr/uLf7XpjWO7pcyvKaFKusyQorrO8CeGZqdJvC/HjfBOAcF
oBvleV/gwygwSWgph+Gf/7d2hauhkefYCtJ2lCV3kzAnox8vYRZlHW8652XQV8yT
rZUFUz26TUzJCVwmxfcUSIJFVZQZvVkY4biYSdz3uBvitpcGfTwZFRI12wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH0CgLiD8BNo0gDcCKDBWei87DlHMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZlFLQXVJUHdFMmpTQU53SW9NRlo2THpzT1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGZjtS9Yq/Gp2IV9QAdA
030j7JAp524/n5QyD5d4psW3XoehzExPv/KF54XUKyz9mWZCzxZTYlsLpm5eYOgH
w/AiGyKms75M0DZrsnYaVqATJo8h0AayKqJteIdCyH2+n9XibhaSH8TmLDYhRqIK
jeJKt/b7bwlaEjeJa0mTUQsj9HgxljYSGJG2pJlcNYuoIhUtlhGvZAed8gGMJ2VK
ILCsUWl8iHDMkR4aKIirriafzmMGVfYJn7/n0uMUYUvdcAY4JkASiC6hhy821kqA
0jlXLrt87T7ISQvMfjMSrYRM5zmWXVTIr5AetFkXSQ9kTPTy1r6yIJ32lmOmwfTN
UXY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org