Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gZB6XSiws1Ep0JNgwPyKTovrFrs.roa
File: gZB6XSiws1Ep0JNgwPyKTovrFrs.roa (raw, json)
Hash identifier: Wz/u0dj8R1Scew8eopyQXZM/W1ir3t712gyFZAQiOLo=
Subject key identifier: 81:90:7A:5D:28:B0:B3:51:29:D0:93:60:C0:FC:8A:4E:8B:EB:16:BB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA2A1D236DB7F0E9841F4C3795749509C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gZB6XSiws1Ep0JNgwPyKTovrFrs.roa
Signing time: Wed 03 Apr 2024 06:24:57 +0000
ROA not before: Wed 03 Apr 2024 06:24:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:a1:d2:36:db:7f:0e:98:41:f4:c3:79:57:49:50:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 3 06:24:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81907a5d28b0b35129d09360c0fc8a4e8beb16bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b3:cd:2f:ea:fc:71:eb:bc:29:eb:63:63:b0:
8b:bf:51:a4:2c:13:a8:eb:b3:ff:7e:de:d7:50:25:
b9:fa:57:21:e1:b2:f5:dd:5b:12:59:78:dc:8a:39:
c0:8c:56:b4:11:70:88:fe:75:0e:12:73:3c:e6:5a:
a3:c9:2d:b2:40:12:15:d6:1f:86:65:92:34:71:9b:
48:42:bb:a0:e4:0c:4e:a8:4e:5b:05:5b:c1:73:e5:
e1:9f:4a:34:83:6d:66:26:36:94:d2:7f:b7:ea:64:
3d:17:cd:b0:05:57:0b:6b:f9:dc:a2:a0:57:dc:e2:
85:09:27:61:8b:b6:5c:76:25:66:2e:7a:43:8c:fd:
34:51:a2:bd:59:0e:4c:dd:bf:25:2d:10:9f:ba:33:
10:8f:01:2d:a7:ac:60:50:8b:4c:6c:f9:30:bb:3b:
e0:88:42:6b:12:d4:1e:cc:e6:7b:82:39:aa:71:fc:
6a:a3:d1:58:d9:81:08:8c:56:a2:91:aa:14:b3:b2:
b9:9e:62:33:a7:34:fc:13:5d:92:35:6d:2d:1d:a7:
40:6e:7d:99:29:41:a2:2b:b6:f8:3e:a6:39:a4:57:
93:72:4a:50:ac:f6:41:8a:d0:fa:b6:28:8f:41:cc:
89:a7:24:fe:c5:01:1f:01:5f:05:f5:b1:b9:7e:07:
50:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:90:7A:5D:28:B0:B3:51:29:D0:93:60:C0:FC:8A:4E:8B:EB:16:BB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/gZB6XSiws1Ep0JNgwPyKTovrFrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:a1:55:bd:05:88:db:38:cf:e1:71:c3:53:cb:6b:09:79:93:
d7:9d:5e:6a:d9:10:b5:b5:3e:ab:7d:bb:a0:1f:e6:14:16:76:
9c:82:91:f9:e4:d3:27:98:4d:30:6a:7f:3c:7f:d9:08:44:b3:
91:12:3b:cc:ff:86:3a:46:1d:40:74:9f:ca:cf:fa:df:10:ed:
9a:73:33:f2:0e:4d:c2:15:41:42:71:c9:6e:45:0d:93:b2:ab:
bd:f7:49:3d:08:79:4c:3f:9f:7b:3d:04:3b:c6:87:de:3d:6b:
e2:e8:5b:05:e0:fe:b6:54:40:96:20:9d:c6:ee:9e:67:c9:d9:
40:e0:ca:e0:6e:38:a4:d1:c0:44:49:26:7f:ec:44:e3:29:55:
98:9d:fe:dc:2a:01:bf:4a:63:1f:da:52:25:e2:6d:15:89:93:
7d:57:65:2d:15:91:94:7a:e8:9b:c9:c3:60:8c:7a:97:72:e6:
99:e4:5e:d8:f3:4c:35:7c:9e:04:9a:ed:ea:17:f6:d3:c6:f8:
cc:e3:e9:76:00:b7:97:b9:0b:48:2b:5c:9e:2a:01:9c:2b:a6:
60:7b:db:16:af:d3:fe:c0:85:42:c7:6f:fd:2f:23:bb:b1:df:
43:c8:d4:fb:71:ee:c6:32:a4:22:c1:30:09:05:24:b5:43:67:
73:b0:24:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6iodI2238OmEH0w3lXSVCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAzMDYyNDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTkwN2E1ZDI4YjBiMzUxMjlkMDkzNjBjMGZjOGE0ZThiZWIxNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLPNL+r8ceu8KetjY7CLv1GkLBOo
67P/ft7XUCW5+lch4bL13VsSWXjcijnAjFa0EXCI/nUOEnM85lqjyS2yQBIV1h+G
ZZI0cZtIQrug5AxOqE5bBVvBc+Xhn0o0g21mJjaU0n+36mQ9F82wBVcLa/ncoqBX
3OKFCSdhi7ZcdiVmLnpDjP00UaK9WQ5M3b8lLRCfujMQjwEtp6xgUItMbPkwuzvg
iEJrEtQezOZ7gjmqcfxqo9FY2YEIjFaikaoUs7K5nmIzpzT8E12SNW0tHadAbn2Z
KUGiK7b4PqY5pFeTckpQrPZBitD6tiiPQcyJpyT+xQEfAV8F9bG5fgdQDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIGQel0osLNRKdCTYMD8ik6L6xa7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZ1pCNlhTaXdzMUVwMEpOZ3dQeUtUb3ZyRnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIuhVb0FiNs4z+Fxw1PL
awl5k9edXmrZELW1Pqt9u6Af5hQWdpyCkfnk0yeYTTBqfzx/2QhEs5ESO8z/hjpG
HUB0n8rP+t8Q7ZpzM/IOTcIVQUJxyW5FDZOyq733ST0IeUw/n3s9BDvGh949a+Lo
WwXg/rZUQJYgncbunmfJ2UDgyuBuOKTRwERJJn/sROMpVZid/twqAb9KYx/aUiXi
bRWJk31XZS0VkZR66JvJw2CMepdy5pnkXtjzTDV8ngSa7eoX9tPG+Mzj6XYAt5e5
C0grXJ4qAZwrpmB72xav0/7AhULHb/0vI7ux30PI1Ptx7sYypCLBMAkFJLVDZ3Ow
JEQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org