Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/g8M0X7z-ePoYBPC9Vyq7PoRe5uk.roa
File: g8M0X7z-ePoYBPC9Vyq7PoRe5uk.roa (raw, json)
Hash identifier: 4nOz9d8TLQvlEjHA6e4hGfSKnEi3T3fivAyrr9vA8kI=
Subject key identifier: 83:C3:34:5F:BC:FE:78:FA:18:04:F0:BD:57:2A:BB:3E:84:5E:E6:E9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CDEB27B9E119513C40570B05BF4CBB122
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/g8M0X7z-ePoYBPC9Vyq7PoRe5uk.roa
Signing time: Sat 06 Jan 2024 12:14:48 +0000
ROA not before: Sat 06 Jan 2024 12:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:de:b2:7b:9e:11:95:13:c4:05:70:b0:5b:f4:cb:b1:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 6 12:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83c3345fbcfe78fa1804f0bd572abb3e845ee6e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6e:d5:aa:31:d4:b6:21:7c:1e:62:7f:bf:84:
29:c9:f7:68:92:ad:83:ee:71:0d:49:80:f6:c2:9a:
a9:a3:0a:fa:24:5e:f5:76:a5:6c:38:11:f5:9d:7c:
f0:40:15:54:6f:06:48:c0:a6:86:c6:21:5d:17:b8:
11:14:c1:d8:a7:d4:11:05:04:96:10:e0:98:31:fb:
ce:9e:0c:b7:fc:22:1c:da:53:71:3a:3f:aa:09:34:
ad:86:a5:3d:86:f8:cc:0a:fb:c4:c4:66:b7:2a:6b:
81:c7:85:b4:24:58:9f:67:b4:fc:cf:bb:3f:7d:e8:
45:ee:df:c0:d8:f4:83:4b:f0:e0:fe:c7:fa:c8:78:
89:eb:3c:3e:75:fb:c8:d2:33:56:48:2a:1e:b7:ba:
a9:d9:01:b4:86:2b:cf:b1:79:16:a1:4a:3d:c5:41:
b0:b7:99:26:bd:86:39:7b:4d:97:14:e3:f4:1f:20:
04:1c:52:bd:34:ee:99:51:f1:a3:43:3b:0c:5b:9c:
38:72:fd:10:f0:e9:dc:de:44:ba:5a:66:d1:59:59:
16:12:2e:13:2e:54:63:51:fd:7f:24:0d:ad:97:b5:
27:a5:57:4b:2c:12:99:5f:7f:a7:69:4b:9b:60:75:
1e:9b:1a:4f:cc:7a:30:c7:09:8a:df:78:f9:2d:1e:
9f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C3:34:5F:BC:FE:78:FA:18:04:F0:BD:57:2A:BB:3E:84:5E:E6:E9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/g8M0X7z-ePoYBPC9Vyq7PoRe5uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:38:3f:7d:5e:f1:68:37:6b:21:59:a7:8e:cd:8d:b3:64:1b:
72:56:f0:58:c4:9a:d8:df:82:d2:b9:63:06:1a:78:81:2a:d4:
91:84:7a:fa:e4:34:92:64:55:70:4e:32:6e:cd:f8:e3:35:63:
81:00:6f:d3:98:a2:39:58:09:ca:61:77:ab:bd:64:5b:46:4b:
bd:62:41:5c:22:b6:d6:44:a1:69:6d:e2:49:6d:98:4b:66:cd:
f1:5a:6d:4d:38:f6:c0:9a:e4:9c:0c:0c:84:36:4c:3c:72:6b:
c1:4d:b6:92:bd:9f:7d:26:8b:9a:93:e2:d1:9c:11:f3:bd:37:
1b:1c:83:a7:58:2a:25:44:2b:c5:a1:b6:d5:4f:9b:62:8e:df:
c9:ba:89:d7:28:58:6b:5a:c4:50:12:5c:e7:cd:7a:7c:3d:93:
51:6b:f3:0f:2e:aa:f7:54:d5:0b:2b:fe:8e:aa:6b:92:31:4b:
40:f5:84:0f:de:7a:84:d6:06:82:9d:50:eb:ba:3f:f1:87:ad:
59:53:f6:f5:1a:40:00:09:c6:51:8c:d9:a0:70:58:39:a2:a9:
e3:7b:ce:16:37:df:8e:2b:ad:ac:da:04:aa:84:e5:8e:2b:e2:
44:d9:44:e6:01:fb:0f:04:e1:4e:a7:86:fc:7f:1c:43:9f:08:
df:65:81:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzesnueEZUTxAVwsFv0y7EiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA2MTIxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2MzMzQ1ZmJjZmU3OGZhMTgwNGYwYmQ1NzJhYmIzZTg0NWVlNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm7VqjHUtiF8HmJ/v4Qpyfdokq2D
7nENSYD2wpqpowr6JF71dqVsOBH1nXzwQBVUbwZIwKaGxiFdF7gRFMHYp9QRBQSW
EOCYMfvOngy3/CIc2lNxOj+qCTSthqU9hvjMCvvExGa3KmuBx4W0JFifZ7T8z7s/
fehF7t/A2PSDS/Dg/sf6yHiJ6zw+dfvI0jNWSCoet7qp2QG0hivPsXkWoUo9xUGw
t5kmvYY5e02XFOP0HyAEHFK9NO6ZUfGjQzsMW5w4cv0Q8Onc3kS6WmbRWVkWEi4T
LlRjUf1/JA2tl7UnpVdLLBKZX3+naUubYHUemxpPzHowxwmK33j5LR6fDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIPDNF+8/nj6GATwvVcquz6EXubpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZzhNMFg3ei1lUG9ZQlBDOVZ5cTdQb1JlNXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEA4P31e8Wg3ayFZp47N
jbNkG3JW8FjEmtjfgtK5YwYaeIEq1JGEevrkNJJkVXBOMm7N+OM1Y4EAb9OYojlY
Ccphd6u9ZFtGS71iQVwittZEoWlt4kltmEtmzfFabU049sCa5JwMDIQ2TDxya8FN
tpK9n30mi5qT4tGcEfO9Nxscg6dYKiVEK8WhttVPm2KO38m6idcoWGtaxFASXOfN
enw9k1Fr8w8uqvdU1Qsr/o6qa5IxS0D1hA/eeoTWBoKdUOu6P/GHrVlT9vUaQAAJ
xlGM2aBwWDmiqeN7zhY3344rrazaBKqE5Y4r4kTZROYB+w8E4U6nhvx/HEOfCN9l
gWs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org