Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/n3VxOCOf5ec7lTFL3b7BnuMIQBc.roa
File: n3VxOCOf5ec7lTFL3b7BnuMIQBc.roa (raw, json)
Hash identifier: VRjhfBM/vJNgDGnlrXGzTBWYmu9e/0DOx7VXwWthGJo=
Subject key identifier: 9F:75:71:38:23:9F:E5:E7:3B:95:31:4B:DD:BE:C1:9E:E3:08:40:17
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E03CC5C0D17317C98C3C4F0A2CB8B704B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/n3VxOCOf5ec7lTFL3b7BnuMIQBc.roa
Signing time: Sun 03 Mar 2024 10:11:48 +0000
ROA not before: Sun 03 Mar 2024 10:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:03:cc:5c:0d:17:31:7c:98:c3:c4:f0:a2:cb:8b:70:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 3 10:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f757138239fe5e73b95314bddbec19ee3084017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:73:53:83:5a:2e:1b:6c:b1:8e:b3:ff:84:42:
28:20:47:00:b3:84:7a:e2:ba:e2:ff:c6:58:8f:c3:
1c:06:95:af:ce:9d:8c:5d:8a:ef:a5:3b:fb:d9:4d:
39:b6:a1:3c:05:ef:a1:40:50:00:1c:7e:e2:ce:6d:
46:b5:27:8e:2e:20:01:d8:71:13:8d:18:e8:1d:64:
6e:59:09:89:6c:7a:89:5f:22:8f:fe:1f:38:e9:76:
02:ae:45:ba:b8:3f:25:b2:85:6f:88:03:84:2f:04:
a6:9e:ea:b7:64:5f:fd:56:a1:e4:05:e0:61:2a:36:
10:d1:bf:11:c6:7f:2d:24:b2:3f:80:91:a5:0d:59:
f4:67:45:ee:16:58:65:9d:90:a6:e2:43:b9:51:11:
ba:1c:10:7f:85:0e:cc:25:2f:8f:a4:3d:8f:b5:d5:
8f:5b:4d:21:31:19:52:0d:23:33:83:1b:7a:64:7c:
bb:63:80:46:10:ad:ae:27:35:57:d9:ec:ec:22:be:
6e:18:01:60:f3:a4:17:76:f9:64:c0:68:a9:b1:ae:
3d:89:a9:b4:ca:0e:e4:f7:54:fb:57:87:79:23:08:
52:eb:bc:82:46:64:82:31:d7:fa:43:49:2a:d9:9c:
5e:c2:91:9e:a2:4f:c0:b1:b1:aa:cb:49:ef:5a:7c:
bf:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:75:71:38:23:9F:E5:E7:3B:95:31:4B:DD:BE:C1:9E:E3:08:40:17
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/n3VxOCOf5ec7lTFL3b7BnuMIQBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:21:8b:a3:89:54:34:f7:c2:24:ce:39:00:62:a2:50:cd:a9:
1e:92:61:b6:bc:46:70:8c:e0:19:61:4e:d0:14:68:25:ea:e1:
aa:54:81:cd:c4:5f:1b:4e:25:f8:5e:05:e7:41:d3:50:3e:c6:
2b:d8:70:bc:be:ca:f8:e0:02:6e:7d:e0:18:28:19:3a:e7:18:
a1:b0:b6:b9:ac:56:b2:78:98:3d:ea:2a:a2:c1:bd:e6:7d:5f:
0f:39:ca:ac:01:46:d3:5a:00:1e:b0:4b:fd:6d:41:23:ef:75:
29:cf:6a:5f:1f:60:e1:19:ee:66:bd:87:9f:10:62:f9:88:07:
e3:01:8b:aa:33:d8:87:a5:cb:42:52:a6:c8:67:e2:a9:05:2c:
69:c3:8d:71:93:35:a7:f4:b4:d7:46:8d:1b:d5:47:39:a0:ef:
4a:de:25:22:4c:7c:ac:72:f7:42:52:3c:e0:da:e4:11:dd:d9:
98:6c:3c:ea:e5:67:c2:a7:3c:74:e6:dc:e8:28:a5:ba:e1:bb:
f3:d7:29:2a:20:cc:4d:3b:03:19:df:e7:a6:c2:59:96:26:b1:
eb:5f:4c:19:86:14:9a:62:76:24:2c:38:c7:41:0b:9e:99:7d:
f0:22:ba:a2:ae:01:ff:e9:4f:ad:a7:77:6d:89:4c:3d:9f:54:
7f:0e:49:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4DzFwNFzF8mMPE8KLLi3BLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAzMTAxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjc1NzEzODIzOWZlNWU3M2I5NTMxNGJkZGJlYzE5ZWUzMDg0MDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnNTg1ouG2yxjrP/hEIoIEcAs4R6
4rri/8ZYj8McBpWvzp2MXYrvpTv72U05tqE8Be+hQFAAHH7izm1GtSeOLiAB2HET
jRjoHWRuWQmJbHqJXyKP/h846XYCrkW6uD8lsoVviAOELwSmnuq3ZF/9VqHkBeBh
KjYQ0b8Rxn8tJLI/gJGlDVn0Z0XuFlhlnZCm4kO5URG6HBB/hQ7MJS+PpD2PtdWP
W00hMRlSDSMzgxt6ZHy7Y4BGEK2uJzVX2ezsIr5uGAFg86QXdvlkwGipsa49iam0
yg7k91T7V4d5IwhS67yCRmSCMdf6Q0kq2ZxewpGeok/AsbGqy0nvWny/EQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ91cTgjn+XnO5UxS92+wZ7jCEAXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbjNWeE9DT2Y1ZWM3bFRGTDNiN0JudU1JUUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH0hi6OJVDT3wiTOOQBi
olDNqR6SYba8RnCM4BlhTtAUaCXq4apUgc3EXxtOJfheBedB01A+xivYcLy+yvjg
Am594BgoGTrnGKGwtrmsVrJ4mD3qKqLBveZ9Xw85yqwBRtNaAB6wS/1tQSPvdSnP
al8fYOEZ7ma9h58QYvmIB+MBi6oz2Iely0JSpshn4qkFLGnDjXGTNaf0tNdGjRvV
Rzmg70reJSJMfKxy90JSPODa5BHd2ZhsPOrlZ8KnPHTm3Ogopbrhu/PXKSogzE07
Axnf56bCWZYmsetfTBmGFJpidiQsOMdBC56ZffAiuqKuAf/pT62nd22JTD2fVH8O
SS0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org