Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kDfuf2YRS2xGLb7XBAr0flZ56gM.roa
File: kDfuf2YRS2xGLb7XBAr0flZ56gM.roa (raw, json)
Hash identifier: 3K5jUWqa4xICN08LAOZ3LlHhSaokP7j1oKNxl71CrMY=
Subject key identifier: 90:37:EE:7F:66:11:4B:6C:46:2D:BE:D7:04:0A:F4:7E:56:79:EA:03
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DE17661FC81904657B00CC6EC04585DE0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kDfuf2YRS2xGLb7XBAr0flZ56gM.roa
Signing time: Sun 25 Feb 2024 18:10:48 +0000
ROA not before: Sun 25 Feb 2024 18:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e1:76:61:fc:81:90:46:57:b0:0c:c6:ec:04:58:5d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 25 18:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9037ee7f66114b6c462dbed7040af47e5679ea03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:a3:a2:8e:7f:1b:0f:c7:59:81:d5:f1:b4:62:
ea:34:65:bd:77:7c:6c:12:3b:92:1f:f8:1d:2d:ac:
84:97:96:97:53:45:c2:98:11:56:15:07:f3:db:fd:
4f:2b:0a:f7:dc:50:45:af:86:ec:b1:5e:2e:77:65:
e8:12:aa:70:36:f7:a3:9d:db:8e:e7:c3:92:7f:a3:
3f:35:e6:e4:d0:bc:31:3a:41:51:d2:79:6a:20:a1:
64:7b:a0:1e:de:5b:33:0f:31:2d:dd:c4:81:81:10:
f2:50:2b:df:c8:ee:de:93:2d:35:88:3e:ea:b2:0a:
14:51:df:a2:6c:76:a6:41:b9:3d:73:63:2a:90:22:
82:3d:bb:e1:22:ad:8b:78:9c:3b:78:2c:6a:e8:6c:
00:4c:c0:f2:78:05:f7:d1:ac:1b:1c:4d:70:be:d1:
fd:d8:f8:cd:23:b4:ac:3b:3a:22:ff:38:ed:9e:a8:
cd:2d:28:e9:ce:6f:18:e2:ef:23:76:5f:20:24:9d:
54:9e:4a:7e:fd:f0:6b:d2:cd:32:ea:16:e4:2b:e2:
9f:1e:da:bd:42:6e:75:82:53:b7:e2:f2:84:4f:73:
d7:19:26:0a:87:7e:35:d0:00:a9:fc:bd:59:63:ca:
e0:e4:d6:47:a0:2e:a5:6c:50:47:72:6e:c6:ec:a1:
6a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:37:EE:7F:66:11:4B:6C:46:2D:BE:D7:04:0A:F4:7E:56:79:EA:03
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kDfuf2YRS2xGLb7XBAr0flZ56gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:63:75:42:5e:ce:68:92:35:85:23:d0:2a:e7:32:9c:31:14:
cd:3b:a9:0d:99:db:82:4d:3f:67:f1:52:79:af:4c:b6:d0:b5:
ef:1a:6c:c1:05:1a:77:aa:aa:f3:b8:5e:10:0b:86:47:fe:17:
fc:44:69:7e:2e:85:be:c5:71:90:ca:2c:c6:76:e6:96:b7:13:
cb:8b:53:62:0f:5a:c6:8b:18:36:b0:22:6a:9a:6b:76:f9:8e:
c5:21:c5:d1:de:5f:d1:10:08:7c:b9:a1:81:72:d6:85:f4:24:
ad:8b:9f:03:63:c6:a1:1d:9c:f1:17:f7:ca:9d:1b:da:92:46:
b7:66:ea:f6:a6:fd:b4:26:8f:23:8f:b3:58:80:d4:e0:e5:40:
95:d1:12:fc:e1:1c:bf:3f:86:61:b0:5e:8e:d9:d5:1f:98:d1:
e7:9e:98:00:2e:81:a0:44:29:f9:01:db:99:47:05:5e:20:20:
c3:8f:7b:d3:b1:cc:98:19:79:22:b8:f2:c8:f4:a6:53:13:6b:
5d:fa:4d:8b:bb:62:3e:4c:57:d0:de:0f:ad:af:86:39:26:14:
8a:a0:db:c8:a8:25:cf:bc:4f:23:ca:5e:4c:79:f2:e3:00:8e:
97:68:10:d3:79:2a:03:42:95:bd:fc:c8:8a:d8:f2:62:50:06:
4f:27:47:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3hdmH8gZBGV7AMxuwEWF3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI1MTgxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDM3ZWU3ZjY2MTE0YjZjNDYyZGJlZDcwNDBhZjQ3ZTU2NzllYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6aOijn8bD8dZgdXxtGLqNGW9d3xs
EjuSH/gdLayEl5aXU0XCmBFWFQfz2/1PKwr33FBFr4bssV4ud2XoEqpwNvejnduO
58OSf6M/Nebk0LwxOkFR0nlqIKFke6Ae3lszDzEt3cSBgRDyUCvfyO7eky01iD7q
sgoUUd+ibHamQbk9c2MqkCKCPbvhIq2LeJw7eCxq6GwATMDyeAX30awbHE1wvtH9
2PjNI7SsOzoi/zjtnqjNLSjpzm8Y4u8jdl8gJJ1Unkp+/fBr0s0y6hbkK+KfHtq9
Qm51glO34vKET3PXGSYKh3410ACp/L1ZY8rg5NZHoC6lbFBHcm7G7KFqjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJA37n9mEUtsRi2+1wQK9H5WeeoDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEva0RmdWYyWVJTMnhHTGI3WEJBcjBmbFo1NmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEpjdUJezmiSNYUj0Crn
MpwxFM07qQ2Z24JNP2fxUnmvTLbQte8abMEFGneqqvO4XhALhkf+F/xEaX4uhb7F
cZDKLMZ25pa3E8uLU2IPWsaLGDawImqaa3b5jsUhxdHeX9EQCHy5oYFy1oX0JK2L
nwNjxqEdnPEX98qdG9qSRrdm6vam/bQmjyOPs1iA1ODlQJXREvzhHL8/hmGwXo7Z
1R+Y0eeemAAugaBEKfkB25lHBV4gIMOPe9OxzJgZeSK48sj0plMTa136TYu7Yj5M
V9DeD62vhjkmFIqg28ioJc+8TyPKXkx58uMAjpdoENN5KgNClb38yIrY8mJQBk8n
R04=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org