Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gNfxzkOu6quHjnFYxBlzP9DNidw.roa
File: gNfxzkOu6quHjnFYxBlzP9DNidw.roa (raw, json)
Hash identifier: gr3JrJKDVRd71y+qTQDfuwkS9lT1gZwaeIX/WJzBtqo=
Subject key identifier: 80:D7:F1:CE:43:AE:EA:AB:87:8E:71:58:C4:19:73:3F:D0:CD:89:DC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E0E880E005C2645872A5B781B12B2C5B8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gNfxzkOu6quHjnFYxBlzP9DNidw.roa
Signing time: Tue 05 Mar 2024 12:13:01 +0000
ROA not before: Tue 05 Mar 2024 12:13:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:88:0e:00:5c:26:45:87:2a:5b:78:1b:12:b2:c5:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 5 12:13:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80d7f1ce43aeeaab878e7158c419733fd0cd89dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b7:86:82:6e:c9:68:af:f4:fd:d9:18:2b:56:
37:21:74:84:59:cd:fd:b2:ae:cc:52:0e:80:3c:d6:
58:b5:c9:b5:8e:a9:a3:da:88:87:ca:d6:9d:8b:cd:
68:e3:4f:85:97:01:7f:5e:cf:cb:4d:c7:0c:29:96:
28:32:21:52:89:c8:ed:20:47:ef:00:c3:32:bb:71:
a8:4c:5d:0c:a5:50:ac:90:92:7f:27:cd:f5:0c:cb:
d3:6e:c0:e0:cd:92:07:3f:92:c5:6f:0c:39:15:e0:
c7:fa:17:f4:22:69:2d:a0:be:68:e5:c9:55:ac:57:
56:db:6f:97:12:db:36:30:20:15:bb:42:20:35:1e:
2b:c0:cd:a1:51:da:db:b3:45:7b:50:43:1f:9e:3f:
84:d0:00:69:1a:f1:3e:c7:c7:f2:28:5d:05:b3:49:
c7:13:41:b1:91:41:27:e7:5b:56:0d:5d:ce:ef:82:
73:c3:09:40:a3:2d:2b:c3:50:b5:8e:0d:cf:a6:3d:
c7:5b:de:d3:32:1c:18:aa:76:d6:a8:2b:b2:ae:dd:
a9:c5:9c:f2:1d:40:5b:6e:ad:02:b1:3c:44:9e:21:
ff:82:d4:99:20:d8:2a:bf:10:ee:a6:69:03:a2:d7:
be:9b:7b:e2:80:9a:d7:7d:0b:02:6e:c0:5e:38:1a:
a1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D7:F1:CE:43:AE:EA:AB:87:8E:71:58:C4:19:73:3F:D0:CD:89:DC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gNfxzkOu6quHjnFYxBlzP9DNidw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:92:cd:1b:53:26:3c:fa:6b:27:f1:22:33:7d:ba:8e:b5:8e:
9e:84:f5:94:f9:32:89:7e:0e:ae:61:c6:a7:48:c8:9e:0e:8a:
62:88:8e:df:70:25:83:ca:4b:f9:fe:88:2b:3b:62:cc:a0:24:
80:e2:2f:e7:0f:8e:cd:69:ec:ad:05:e0:1f:ec:e6:77:a5:20:
bf:e9:ba:2c:00:65:a1:70:a9:93:b1:77:e2:70:05:7f:61:fc:
ed:91:7a:e7:0e:be:60:1e:69:f3:a2:50:3c:68:30:71:3f:5b:
fb:03:12:75:ad:89:75:b5:60:48:ce:80:7c:a8:f5:5f:33:77:
f0:24:a9:f1:ae:0f:13:b3:20:02:5f:9a:c9:44:e2:c1:a1:92:
66:d9:5f:64:52:04:c5:94:a1:ea:ac:a3:ad:f7:8d:82:be:7c:
da:4a:fe:0d:74:0b:62:e8:6c:79:e2:b9:3f:e3:db:1a:b2:c7:
8a:74:b6:c5:f0:ae:a4:c7:71:30:d1:8a:74:48:72:0d:40:22:
70:c9:9d:a9:82:f0:b7:49:33:1e:fd:99:21:28:6e:3a:9f:b3:
c5:1b:b8:4f:60:24:05:19:48:da:d1:b9:0c:dc:b0:9f:7e:af:
bf:d1:9c:63:f7:1e:88:70:62:f5:2e:4f:46:0f:7a:1e:15:7b:
81:35:99:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4OiA4AXCZFhypbeBsSssW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA1MTIxMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQ3ZjFjZTQzYWVlYWFiODc4ZTcxNThjNDE5NzMzZmQwY2Q4OWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47eGgm7JaK/0/dkYK1Y3IXSEWc39
sq7MUg6APNZYtcm1jqmj2oiHytadi81o40+FlwF/Xs/LTccMKZYoMiFSicjtIEfv
AMMyu3GoTF0MpVCskJJ/J831DMvTbsDgzZIHP5LFbww5FeDH+hf0ImktoL5o5clV
rFdW22+XEts2MCAVu0IgNR4rwM2hUdrbs0V7UEMfnj+E0ABpGvE+x8fyKF0Fs0nH
E0GxkUEn51tWDV3O74JzwwlAoy0rw1C1jg3Ppj3HW97TMhwYqnbWqCuyrt2pxZzy
HUBbbq0CsTxEniH/gtSZINgqvxDupmkDote+m3vigJrXfQsCbsBeOBqhuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIDX8c5Druqrh45xWMQZcz/QzYncMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZ05meHprT3U2cXVIam5GWXhCbHpQOUROaWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABKSzRtTJjz6ayfxIjN9
uo61jp6E9ZT5Mol+Dq5hxqdIyJ4OimKIjt9wJYPKS/n+iCs7YsygJIDiL+cPjs1p
7K0F4B/s5nelIL/puiwAZaFwqZOxd+JwBX9h/O2ReucOvmAeafOiUDxoMHE/W/sD
EnWtiXW1YEjOgHyo9V8zd/AkqfGuDxOzIAJfmslE4sGhkmbZX2RSBMWUoeqso633
jYK+fNpK/g10C2LobHniuT/j2xqyx4p0tsXwrqTHcTDRinRIcg1AInDJnamC8LdJ
Mx79mSEobjqfs8UbuE9gJAUZSNrRuQzcsJ9+r7/RnGP3HohwYvUuT0YPeh4Ve4E1
mac=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org