Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kS7rBQq_QSnCeLADlmWqZl8xQek.roa
File: kS7rBQq_QSnCeLADlmWqZl8xQek.roa (raw, json)
Hash identifier: g71dx6VT1kcWKrwcn6z+RDg5EI0oeKsEoqEpR/R4kFU=
Subject key identifier: 91:2E:EB:05:0A:BF:41:29:C2:78:B0:03:96:65:AA:66:5F:31:41:E9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DA4F7D552204F5838863B042C758EFECC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kS7rBQq_QSnCeLADlmWqZl8xQek.roa
Signing time: Wed 14 Feb 2024 00:15:21 +0000
ROA not before: Wed 14 Feb 2024 00:15:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a4:f7:d5:52:20:4f:58:38:86:3b:04:2c:75:8e:fe:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 14 00:15:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=912eeb050abf4129c278b0039665aa665f3141e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:4f:b9:c3:f0:db:9e:68:cb:c9:75:33:24:6e:
99:95:e3:86:17:f8:1f:08:90:3b:8a:67:28:45:9b:
e4:92:9c:a7:5b:34:c3:80:ad:5e:7d:12:6e:d0:96:
a8:42:1a:33:f5:a0:d6:8d:88:ee:d6:c3:bf:cc:5b:
77:49:fa:89:c0:f0:47:92:9c:48:c6:ab:ad:d9:a2:
cb:fc:c2:6d:05:45:25:4b:be:4e:ad:ed:9f:d3:9a:
68:87:9b:5b:52:f6:8e:e7:08:f5:46:bd:95:1b:93:
09:2b:bd:2b:41:d0:49:ff:bb:e2:15:02:ff:10:d1:
6c:35:8a:79:f0:45:70:b2:b3:a3:f8:2c:bc:e0:a7:
21:e6:38:f7:27:91:1e:d1:6b:15:96:8f:51:76:53:
ad:ac:5e:45:37:f5:11:3a:26:20:ff:79:26:5c:68:
5f:28:29:96:ce:e5:c7:24:25:f0:a6:34:5f:0c:4b:
a7:2e:79:5d:86:58:ae:a6:2f:c1:83:a4:a6:f0:b3:
8b:c0:9a:00:6c:72:fc:62:32:d3:c4:c1:d6:22:7b:
69:8f:f5:5b:1a:e5:57:1a:22:9e:8d:35:d0:e1:0e:
f6:22:ec:14:21:12:eb:7d:a9:45:57:d4:ca:db:ea:
e2:cb:00:7c:f5:28:f1:16:f5:dc:b6:03:d6:0b:0e:
2b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:2E:EB:05:0A:BF:41:29:C2:78:B0:03:96:65:AA:66:5F:31:41:E9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kS7rBQq_QSnCeLADlmWqZl8xQek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:9e:0d:e8:bc:9b:52:51:45:6e:f5:20:d9:44:89:f9:ad:0c:
86:c4:82:d8:f8:c7:15:2a:0b:a4:63:aa:1c:f0:9d:c3:dc:2e:
6f:4d:a4:68:2b:9f:ba:14:6b:38:58:57:70:65:38:ca:06:07:
35:95:3c:ec:4a:5f:5a:21:88:2b:8b:e7:3e:40:a0:54:17:7c:
a7:3c:29:39:4b:ad:6d:94:d5:e2:89:35:2f:3d:b7:85:ee:09:
bc:fe:b2:d6:02:90:4a:f0:93:86:c5:c3:bd:0e:06:11:70:03:
18:cd:90:12:94:9d:4b:49:43:fb:f9:a9:0e:2f:f3:97:9f:7c:
8f:26:57:6d:9b:80:66:c0:8e:67:d5:9b:76:4f:3b:c0:bf:9a:
6d:13:94:90:07:c4:7f:59:a5:fe:64:74:58:79:ad:fd:b9:84:
7b:8b:52:9d:13:b0:89:f0:4e:49:b0:ec:a7:2f:ee:c1:84:d7:
a1:b5:e1:3c:7b:c6:c4:98:24:b5:7b:2d:b4:02:9b:79:58:86:
d5:dc:61:c5:d3:ca:eb:c3:8b:38:e6:66:41:c8:83:f6:0e:25:
9c:d6:fc:c0:83:a7:40:bc:14:0e:75:f2:fd:54:e6:84:a5:09:
89:52:e3:95:a8:ed:02:f6:ae:8d:e6:c2:aa:12:13:af:67:b7:
a4:13:dc:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2k99VSIE9YOIY7BCx1jv7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE0MDAxNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTJlZWIwNTBhYmY0MTI5YzI3OGIwMDM5NjY1YWE2NjVmMzE0MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6U+5w/DbnmjLyXUzJG6ZleOGF/gf
CJA7imcoRZvkkpynWzTDgK1efRJu0JaoQhoz9aDWjYju1sO/zFt3SfqJwPBHkpxI
xqut2aLL/MJtBUUlS75Ore2f05poh5tbUvaO5wj1Rr2VG5MJK70rQdBJ/7viFQL/
ENFsNYp58EVwsrOj+Cy84Kch5jj3J5Ee0WsVlo9RdlOtrF5FN/UROiYg/3kmXGhf
KCmWzuXHJCXwpjRfDEunLnldhliupi/Bg6Sm8LOLwJoAbHL8YjLTxMHWIntpj/Vb
GuVXGiKejTXQ4Q72IuwUIRLrfalFV9TK2+riywB89SjxFvXctgPWCw4rXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJEu6wUKv0EpwniwA5ZlqmZfMUHpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEva1M3ckJRcV9RU25DZUxBRGxtV3FabDh4UWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHieDei8m1JRRW71INlE
ifmtDIbEgtj4xxUqC6RjqhzwncPcLm9NpGgrn7oUazhYV3BlOMoGBzWVPOxKX1oh
iCuL5z5AoFQXfKc8KTlLrW2U1eKJNS89t4XuCbz+stYCkErwk4bFw70OBhFwAxjN
kBKUnUtJQ/v5qQ4v85effI8mV22bgGbAjmfVm3ZPO8C/mm0TlJAHxH9Zpf5kdFh5
rf25hHuLUp0TsInwTkmw7Kcv7sGE16G14Tx7xsSYJLV7LbQCm3lYhtXcYcXTyuvD
izjmZkHIg/YOJZzW/MCDp0C8FA518v1U5oSlCYlS45Wo7QL2ro3mwqoSE69nt6QT
3C0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org