Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iiusDSkWV4tD1c-tvA2QQTQysGE.roa
File: iiusDSkWV4tD1c-tvA2QQTQysGE.roa (raw, json)
Hash identifier: iYKOGBGe0T47BX5DQ+iYhNBxLIb1j1qhjvnIkCUTme8=
Subject key identifier: 8A:2B:AC:0D:29:16:57:8B:43:D5:CF:AD:BC:0D:90:41:34:32:B0:61
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D2AA7BB18C2513B7E7CD4D1EA801E85F4
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iiusDSkWV4tD1c-tvA2QQTQysGE.roa
Signing time: Sun 21 Jan 2024 06:14:11 +0000
ROA not before: Sun 21 Jan 2024 06:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2a:a7:bb:18:c2:51:3b:7e:7c:d4:d1:ea:80:1e:85:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 21 06:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a2bac0d2916578b43d5cfadbc0d90413432b061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6e:44:c0:a0:4a:36:2f:b5:f1:e0:20:f1:70:
37:c8:ce:27:eb:7f:4d:2b:75:92:f1:e0:52:e5:08:
53:c8:a0:a1:c3:4c:d0:ec:e2:36:1b:c7:66:cb:b8:
f6:6a:86:fe:8d:62:73:48:d8:67:24:13:f7:ef:be:
1a:c0:75:c7:98:64:e2:b3:ea:fb:63:bd:5c:0c:8d:
b8:f9:74:11:9a:3e:68:48:d4:ee:29:12:5e:00:bf:
88:fd:3f:56:7f:ad:e3:8d:6d:10:90:63:39:33:e7:
13:ef:08:b1:3a:af:4e:04:c1:18:96:59:85:4d:0a:
6e:7b:9c:99:eb:b3:59:8b:19:91:45:c7:fe:1b:79:
d5:c9:6d:e5:9f:b6:a1:b8:6b:dc:2c:1a:1c:85:ff:
24:c6:3b:92:5a:26:b2:bd:f9:90:49:8a:d0:0f:f2:
a0:37:c1:ef:b4:bb:26:32:5a:36:fd:8e:9c:5a:60:
6d:c4:7f:d5:e8:df:4c:83:25:6d:aa:c2:98:c6:9e:
f3:7f:9a:bd:c5:49:7a:43:01:a3:cf:fe:da:fb:4b:
ca:d6:d9:02:f0:1f:cd:0d:7f:bc:87:0a:81:7b:64:
0a:8f:3a:cc:84:6b:ed:b2:88:1a:4e:16:10:26:b8:
0e:dc:db:a1:0d:53:57:c3:ea:8e:04:b4:c6:7b:80:
91:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:2B:AC:0D:29:16:57:8B:43:D5:CF:AD:BC:0D:90:41:34:32:B0:61
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iiusDSkWV4tD1c-tvA2QQTQysGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:fd:4f:b5:93:a5:f1:37:f9:40:de:2f:d2:31:99:97:ec:56:
f3:0e:0b:bf:c2:d6:72:66:01:7a:be:b7:db:ad:d7:99:93:d8:
33:8c:59:4d:9c:8e:cc:2a:51:df:4f:7d:c8:44:38:e2:ce:c5:
75:14:76:de:0a:eb:40:02:64:eb:24:66:c8:6f:69:d1:28:c2:
1f:8f:9c:47:44:2f:5b:25:49:17:61:ba:c7:10:b9:51:79:76:
13:2e:a0:41:3c:dd:55:81:38:90:4b:d0:94:32:2a:96:62:26:
3e:be:a6:09:86:25:c8:6a:b3:84:0f:8a:33:e5:f7:76:95:2a:
ed:3e:fd:96:aa:91:30:24:b8:ed:6e:82:f7:df:3e:50:62:10:
9e:32:22:fa:7d:a8:d3:7a:41:2f:4d:7b:d6:54:cf:6a:05:a4:
60:9f:ce:a9:ff:90:98:69:d3:82:09:9a:c3:b5:7d:ea:f3:f1:
e7:4f:d0:f8:b1:fd:db:2a:ab:9a:da:6b:77:bb:d5:af:4e:b6:
7a:8f:48:c8:5d:92:ae:1f:f1:d2:41:85:e9:0e:a8:a3:74:dc:
3f:ca:d4:41:c8:d8:e3:c6:c9:18:94:d7:a1:5a:2c:d9:27:60:
f6:7f:d9:9c:ed:12:38:81:f3:48:77:64:94:89:b3:84:af:27:
4c:14:6b:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0qp7sYwlE7fnzU0eqAHoX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIxMDYxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTJiYWMwZDI5MTY1NzhiNDNkNWNmYWRiYzBkOTA0MTM0MzJiMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApm5EwKBKNi+18eAg8XA3yM4n639N
K3WS8eBS5QhTyKChw0zQ7OI2G8dmy7j2aob+jWJzSNhnJBP3774awHXHmGTis+r7
Y71cDI24+XQRmj5oSNTuKRJeAL+I/T9Wf63jjW0QkGM5M+cT7wixOq9OBMEYllmF
TQpue5yZ67NZixmRRcf+G3nVyW3ln7ahuGvcLBochf8kxjuSWiayvfmQSYrQD/Kg
N8HvtLsmMlo2/Y6cWmBtxH/V6N9MgyVtqsKYxp7zf5q9xUl6QwGjz/7a+0vK1tkC
8B/NDX+8hwqBe2QKjzrMhGvtsogaThYQJrgO3NuhDVNXw+qOBLTGe4CRfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIorrA0pFleLQ9XPrbwNkEE0MrBhMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaWl1c0RTa1dWNHREMWMtdHZBMlFRVFF5c0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB79T7WTpfE3+UDeL9Ix
mZfsVvMOC7/C1nJmAXq+t9ut15mT2DOMWU2cjswqUd9PfchEOOLOxXUUdt4K60AC
ZOskZshvadEowh+PnEdEL1slSRdhuscQuVF5dhMuoEE83VWBOJBL0JQyKpZiJj6+
pgmGJchqs4QPijPl93aVKu0+/ZaqkTAkuO1ugvffPlBiEJ4yIvp9qNN6QS9Ne9ZU
z2oFpGCfzqn/kJhp04IJmsO1ferz8edP0Pix/dsqq5raa3e71a9OtnqPSMhdkq4f
8dJBhekOqKN03D/K1EHI2OPGyRiU16FaLNknYPZ/2ZztEjiB80h3ZJSJs4SvJ0wU
a/I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org