Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hYFfku8clAe2MOcY5O99to6ytME.roa
File: hYFfku8clAe2MOcY5O99to6ytME.roa (raw, json)
Hash identifier: iTp040DL3nVQnDvlCNugRkg9jWKW0bNG3QIGi57dI1A=
Subject key identifier: 85:81:5F:92:EF:1C:94:07:B6:30:E7:18:E4:EF:7D:B6:8E:B2:B4:C1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DC0A884917E594D3FE200A102E7F76A7E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hYFfku8clAe2MOcY5O99to6ytME.roa
Signing time: Mon 19 Feb 2024 09:18:05 +0000
ROA not before: Mon 19 Feb 2024 09:18:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:a8:84:91:7e:59:4d:3f:e2:00:a1:02:e7:f7:6a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 19 09:18:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85815f92ef1c9407b630e718e4ef7db68eb2b4c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:13:03:39:b9:4d:03:32:da:89:dd:d9:31:f4:
74:61:25:49:39:27:53:9c:f4:6b:bc:f5:b6:26:a2:
20:52:92:0e:56:50:58:da:26:81:34:59:f6:af:ea:
67:c4:a7:95:bb:81:6e:80:a2:1f:ba:f0:de:33:ff:
9a:94:79:81:51:e5:a8:5b:49:b1:ec:c2:86:dc:a3:
61:79:97:29:81:1b:6d:1a:4e:c8:db:21:b7:7b:37:
4d:cf:1c:21:cd:6a:88:54:dc:d7:f9:0f:f3:f6:01:
87:08:43:e3:fe:6d:9f:fa:e3:b2:9a:2a:52:f4:31:
99:ff:33:7d:77:f2:8c:c2:14:bd:37:25:74:f2:09:
0d:7a:17:54:07:64:16:60:16:99:74:66:65:f6:44:
77:a4:f0:02:d7:0b:b9:6a:d0:50:9e:eb:ec:d1:b7:
9d:e1:e1:b0:ff:10:58:d7:ce:35:e4:08:b2:41:5a:
85:73:5d:9d:1f:c0:3f:04:0e:8f:fc:3a:16:66:99:
75:45:b9:e3:6c:18:9d:0a:6e:bc:57:75:59:8a:c0:
89:0b:2f:0b:e6:db:3b:6e:33:f7:c9:1c:6b:77:e5:
64:7f:f4:f2:a5:a3:4d:2d:a3:b0:b0:9a:0e:11:2c:
98:90:29:8a:ca:88:c6:d1:78:37:27:b6:5d:a9:b4:
ab:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:81:5F:92:EF:1C:94:07:B6:30:E7:18:E4:EF:7D:B6:8E:B2:B4:C1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/hYFfku8clAe2MOcY5O99to6ytME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:d3:d0:1f:7d:f2:88:9f:a5:8f:e3:36:5a:a5:0e:d1:31:6b:
b1:09:fa:e1:c6:4c:c5:27:24:78:71:c7:fa:3f:45:7d:15:58:
4b:10:ba:9e:ac:17:1a:48:7d:01:a0:a6:a2:0d:48:d1:df:ea:
eb:c3:a4:02:f1:a8:58:0a:e4:c8:0d:5d:43:06:46:73:4a:c8:
b3:51:7a:91:38:22:d3:99:a6:a1:4c:88:9c:e0:12:45:1d:a4:
2f:98:1d:1b:34:e4:ee:57:b5:b4:e1:ac:e2:a9:dd:13:96:1d:
2d:e4:21:e4:33:23:25:6e:52:b4:8b:61:6a:6d:0f:cc:f6:83:
98:a0:26:83:aa:11:7a:e4:04:6f:95:3b:75:8c:a0:b3:fe:89:
12:de:69:ba:2c:94:74:67:99:68:8f:2b:35:dd:12:dc:77:12:
43:ca:4e:32:b6:f1:b7:a1:e5:21:a4:40:44:39:03:7f:5d:a4:
7a:5d:11:b7:fc:da:a6:ff:e1:88:4c:71:55:08:da:ec:8a:01:
bf:1d:4a:7c:53:12:75:0e:5e:c2:9e:f2:07:7e:58:9d:84:4c:
8b:34:47:ee:47:34:d4:14:98:ba:3e:75:c8:c2:e3:c8:d0:a7:
92:c4:36:42:7f:3f:77:ef:58:71:05:e7:39:3e:1f:e5:43:59:
b6:83:92:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3AqISRfllNP+IAoQLn92p+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE5MDkxODA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTgxNWY5MmVmMWM5NDA3YjYzMGU3MThlNGVmN2RiNjhlYjJiNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRMDOblNAzLaid3ZMfR0YSVJOSdT
nPRrvPW2JqIgUpIOVlBY2iaBNFn2r+pnxKeVu4FugKIfuvDeM/+alHmBUeWoW0mx
7MKG3KNheZcpgRttGk7I2yG3ezdNzxwhzWqIVNzX+Q/z9gGHCEPj/m2f+uOymipS
9DGZ/zN9d/KMwhS9NyV08gkNehdUB2QWYBaZdGZl9kR3pPAC1wu5atBQnuvs0bed
4eGw/xBY18415AiyQVqFc12dH8A/BA6P/DoWZpl1RbnjbBidCm68V3VZisCJCy8L
5ts7bjP3yRxrd+Vkf/TypaNNLaOwsJoOESyYkCmKyojG0Xg3J7ZdqbSrEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIWBX5LvHJQHtjDnGOTvfbaOsrTBMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaFlGZmt1OGNsQWUyTU9jWTVPOTl0bzZ5dE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGXT0B998oifpY/jNlql
DtExa7EJ+uHGTMUnJHhxx/o/RX0VWEsQup6sFxpIfQGgpqINSNHf6uvDpALxqFgK
5MgNXUMGRnNKyLNRepE4ItOZpqFMiJzgEkUdpC+YHRs05O5XtbThrOKp3ROWHS3k
IeQzIyVuUrSLYWptD8z2g5igJoOqEXrkBG+VO3WMoLP+iRLeaboslHRnmWiPKzXd
Etx3EkPKTjK28beh5SGkQEQ5A39dpHpdEbf82qb/4YhMcVUI2uyKAb8dSnxTEnUO
XsKe8gd+WJ2ETIs0R+5HNNQUmLo+dcjC48jQp5LENkJ/P3fvWHEF5zk+H+VDWbaD
kqE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org