Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iNNsKkg2rhLfxPc3hlnVcHAfra8.roa
File: iNNsKkg2rhLfxPc3hlnVcHAfra8.roa (raw, json)
Hash identifier: lKDpEwoGP6q1AYVZNAeqt+1v1exxmceyhNEyW4KVU0U=
Subject key identifier: 88:D3:6C:2A:48:36:AE:12:DF:C4:F7:37:86:59:D5:70:70:1F:AD:AF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C95B4B97DE03414A98057DEBCB07D162A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iNNsKkg2rhLfxPc3hlnVcHAfra8.roa
Signing time: Sat 23 Dec 2023 08:04:58 +0000
ROA not before: Sat 23 Dec 2023 08:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:95b4:f64/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:95:b4:b9:7d:e0:34:14:a9:80:57:de:bc:b0:7d:16:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 08:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88d36c2a4836ae12dfc4f7378659d570701fadaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f9:f0:76:92:f5:69:92:be:6b:fa:14:27:6f:
1c:25:a2:98:8c:f9:93:0b:13:22:4d:e1:98:9d:05:
f6:d1:70:62:3a:18:ce:ff:81:cf:a1:36:97:8e:41:
0e:1b:83:37:38:64:41:c0:42:a4:da:ed:fb:4c:a7:
c7:81:ad:e8:fe:b7:4d:a6:72:6d:3e:37:30:6b:27:
10:c5:b4:74:f8:4b:89:0c:8c:0f:f3:7a:ae:72:f1:
60:bc:32:da:92:f4:f5:51:b4:0c:02:f9:ec:42:0d:
a2:63:b8:33:8d:ce:a8:65:72:12:0c:c6:c3:ce:1f:
5c:59:8c:65:f9:a3:09:68:fc:3f:cf:8f:72:73:eb:
a9:14:9c:c0:a7:2d:1a:bb:0e:70:df:a8:b4:f2:f8:
bd:10:0f:a7:c3:3d:aa:64:f0:7c:a0:fa:9a:a9:72:
29:36:06:59:3e:46:18:08:a2:a2:21:7f:eb:97:b3:
1b:6c:0b:a0:61:7f:2c:25:48:0b:ed:43:1d:40:dc:
06:89:13:35:bf:2f:a4:b6:47:7d:d1:c2:c2:12:5d:
25:7a:f9:4b:dc:4d:4e:9a:fd:0c:9d:09:95:2a:86:
97:f6:aa:81:ef:da:d0:c0:f6:a2:ec:71:02:20:3c:
e9:6d:5b:c5:c0:17:aa:7d:c3:4c:06:ff:c7:0b:db:
37:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D3:6C:2A:48:36:AE:12:DF:C4:F7:37:86:59:D5:70:70:1F:AD:AF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iNNsKkg2rhLfxPc3hlnVcHAfra8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:22:66:b2:83:a6:df:41:e4:86:eb:53:3e:e7:c3:c0:8f:37:
80:b0:62:58:c3:0f:ca:a2:8c:5c:59:1d:9d:a8:3e:bc:9a:41:
cd:37:92:82:fb:7f:4f:ea:98:9f:50:53:1c:80:dc:3e:5a:49:
83:29:fc:48:49:78:76:db:61:bb:16:ea:f3:d2:05:fd:0b:e0:
d4:83:e3:e1:9a:99:72:0c:b0:34:e5:c7:ab:38:de:de:dd:32:
b6:37:3e:9f:a7:a9:30:06:db:dc:fd:2a:14:88:7f:bf:c8:34:
ee:d9:8c:62:87:71:65:34:6c:7f:47:5b:00:0b:2d:d3:53:0a:
0c:5e:1c:b0:56:b5:d6:7e:d5:64:98:85:27:f5:3d:2f:11:2e:
c1:d9:6c:1d:8f:72:62:cf:81:13:01:97:fa:9b:7e:a1:ac:b8:
1e:d9:44:45:c9:ff:23:9f:48:2b:2b:b1:38:17:e5:5f:06:b3:
89:62:dd:94:4d:59:46:6d:67:f9:e3:a6:c1:d0:b9:4f:02:bc:
c7:36:76:18:ec:fd:6f:71:ad:e5:ad:ff:1d:69:dd:d8:55:f6:
5a:88:8f:d9:ab:bc:b7:6e:b0:e9:38:bd:82:a9:7f:38:02:c9:
87:92:c7:39:65:ad:d5:cc:2c:66:2a:01:05:81:e3:09:17:8d:
65:52:60:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyVtLl94DQUqYBX3rywfRYqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMDgwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQzNmMyYTQ4MzZhZTEyZGZjNGY3Mzc4NjU5ZDU3MDcwMWZhZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPnwdpL1aZK+a/oUJ28cJaKYjPmT
CxMiTeGYnQX20XBiOhjO/4HPoTaXjkEOG4M3OGRBwEKk2u37TKfHga3o/rdNpnJt
PjcwaycQxbR0+EuJDIwP83qucvFgvDLakvT1UbQMAvnsQg2iY7gzjc6oZXISDMbD
zh9cWYxl+aMJaPw/z49yc+upFJzApy0auw5w36i08vi9EA+nwz2qZPB8oPqaqXIp
NgZZPkYYCKKiIX/rl7MbbAugYX8sJUgL7UMdQNwGiRM1vy+ktkd90cLCEl0levlL
3E1Omv0MnQmVKoaX9qqB79rQwPai7HECIDzpbVvFwBeqfcNMBv/HC9s3FQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIjTbCpINq4S38T3N4ZZ1XBwH62vMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaU5Oc0trZzJyaExmeFBjM2hsblZjSEFmcmE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJwiZrKDpt9B5IbrUz7n
w8CPN4CwYljDD8qijFxZHZ2oPryaQc03koL7f0/qmJ9QUxyA3D5aSYMp/EhJeHbb
YbsW6vPSBf0L4NSD4+GamXIMsDTlx6s43t7dMrY3Pp+nqTAG29z9KhSIf7/INO7Z
jGKHcWU0bH9HWwALLdNTCgxeHLBWtdZ+1WSYhSf1PS8RLsHZbB2PcmLPgRMBl/qb
fqGsuB7ZREXJ/yOfSCsrsTgX5V8Gs4li3ZRNWUZtZ/njpsHQuU8CvMc2dhjs/W9x
reWt/x1p3dhV9lqIj9mrvLdusOk4vYKpfzgCyYeSxzllrdXMLGYqAQWB4wkXjWVS
YLw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org