Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jzNwxSjqo4cQyurlhdMN0qokwHQ.roa
File: jzNwxSjqo4cQyurlhdMN0qokwHQ.roa (raw, json)
Hash identifier: wN3hrx9K+JLy4VJS6OPko9kYqdwQGU1aiGAyvDXao14=
Subject key identifier: 8F:33:70:C5:28:EA:A3:87:10:CA:EA:E5:85:D3:0D:D2:AA:24:C0:74
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4C8A2342E7C68955F194F37146A7B001
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jzNwxSjqo4cQyurlhdMN0qokwHQ.roa
Signing time: Sun 17 Mar 2024 13:11:45 +0000
ROA not before: Sun 17 Mar 2024 13:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4c:8a:23:42:e7:c6:89:55:f1:94:f3:71:46:a7:b0:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 17 13:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f3370c528eaa38710caeae585d30dd2aa24c074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c0:48:f5:81:78:b4:bc:6c:3e:49:65:97:f9:
d9:6d:a5:45:46:ca:63:00:ca:73:cf:58:40:6b:10:
93:40:9c:29:20:f6:39:97:62:51:73:f9:b8:b2:07:
1b:0c:e3:cf:34:ae:f3:a9:77:cb:f3:ec:2d:d6:b2:
e0:ec:28:f3:51:ec:5e:00:29:7f:00:f2:b0:39:16:
d4:60:81:8c:33:7e:43:de:70:c4:45:83:8f:59:73:
07:f8:fe:b9:42:c8:fb:d1:51:70:e5:ac:0d:c9:10:
19:69:71:24:f2:88:0b:89:05:5f:7b:bd:37:29:d8:
14:5d:90:a1:88:38:c8:79:98:4e:99:f0:2b:dd:87:
a5:e9:f1:8b:ac:f8:16:d0:fb:1b:dd:f0:df:f8:30:
7a:da:d4:50:11:8a:3a:b5:31:52:ca:95:e7:32:3b:
11:80:6b:0c:c4:37:3d:09:a6:e5:e2:de:80:cf:69:
b8:1f:cb:fa:21:f4:1f:9b:e6:cb:d5:cf:bc:c7:a3:
2d:ad:8e:b8:5b:2a:2a:2b:7c:59:9f:c9:bf:4d:8b:
d4:d7:67:44:29:a2:a4:19:c2:38:2b:99:92:67:21:
c6:63:bf:15:b4:1f:4a:f3:86:cd:53:bf:50:8c:c4:
80:b5:a7:98:90:88:0f:fc:4b:9d:27:03:68:ac:be:
11:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:33:70:C5:28:EA:A3:87:10:CA:EA:E5:85:D3:0D:D2:AA:24:C0:74
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jzNwxSjqo4cQyurlhdMN0qokwHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:80:80:99:b0:12:f3:30:cf:91:30:df:00:73:49:b3:cd:ef:
63:bb:1b:85:fd:d9:9d:b4:b0:21:5e:bc:91:77:bf:73:bf:f6:
07:dd:54:99:27:fa:ba:55:d5:d9:a3:6b:18:e0:66:77:a0:90:
c6:48:5e:3a:d1:da:03:54:c4:f3:a9:c9:c3:a5:3a:fe:71:89:
50:01:16:fb:4f:81:0c:f7:66:7a:8e:80:ac:3a:1a:54:71:00:
1a:f7:e9:90:28:12:d5:04:b8:f0:fd:ca:78:eb:00:fd:8f:c6:
16:0b:e1:87:bb:55:28:78:1a:cb:fe:78:5b:0b:93:7a:e3:5a:
b6:9d:55:c6:71:e5:42:fd:db:ae:81:56:a0:ad:60:a4:c9:48:
0d:63:90:fc:ee:b4:bd:bc:85:b3:5b:b7:da:3f:db:8c:16:81:
77:df:9a:77:ed:fd:9b:d8:e4:93:81:51:c5:63:31:7d:f0:8a:
be:ac:ce:9f:5a:66:4f:c4:c2:57:27:dd:c4:7d:05:26:11:af:
d2:9b:50:0a:12:7c:a4:fb:de:25:8e:c6:2e:f8:59:09:8d:cd:
d3:8a:aa:ca:08:ae:ec:2b:42:dc:3f:bf:5e:7f:0a:2b:e3:d0:
58:5f:03:3b:d8:58:20:63:5a:d5:ee:89:5d:9d:42:40:56:12:
91:b5:29:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5MiiNC58aJVfGU83FGp7ABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE3MTMxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjMzNzBjNTI4ZWFhMzg3MTBjYWVhZTU4NWQzMGRkMmFhMjRjMDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8BI9YF4tLxsPklll/nZbaVFRspj
AMpzz1hAaxCTQJwpIPY5l2JRc/m4sgcbDOPPNK7zqXfL8+wt1rLg7CjzUexeACl/
APKwORbUYIGMM35D3nDERYOPWXMH+P65Qsj70VFw5awNyRAZaXEk8ogLiQVfe703
KdgUXZChiDjIeZhOmfAr3Yel6fGLrPgW0Psb3fDf+DB62tRQEYo6tTFSypXnMjsR
gGsMxDc9Cabl4t6Az2m4H8v6IfQfm+bL1c+8x6MtrY64WyoqK3xZn8m/TYvU12dE
KaKkGcI4K5mSZyHGY78VtB9K84bNU79QjMSAtaeYkIgP/EudJwNorL4RKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI8zcMUo6qOHEMrq5YXTDdKqJMB0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvanpOd3hTanFvNGNReXVybGhkTU4wcW9rd0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACqAgJmwEvMwz5Ew3wBz
SbPN72O7G4X92Z20sCFevJF3v3O/9gfdVJkn+rpV1dmjaxjgZnegkMZIXjrR2gNU
xPOpycOlOv5xiVABFvtPgQz3ZnqOgKw6GlRxABr36ZAoEtUEuPD9ynjrAP2PxhYL
4Ye7VSh4Gsv+eFsLk3rjWradVcZx5UL9266BVqCtYKTJSA1jkPzutL28hbNbt9o/
24wWgXffmnft/ZvY5JOBUcVjMX3wir6szp9aZk/Ewlcn3cR9BSYRr9KbUAoSfKT7
3iWOxi74WQmNzdOKqsoIruwrQtw/v15/Civj0FhfAzvYWCBjWtXuiV2dQkBWEpG1
KY8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org