Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nD7XNemUwPgDBfEo8w4QFyx8NiI.roa
File: nD7XNemUwPgDBfEo8w4QFyx8NiI.roa (raw, json)
Hash identifier: T/tZpFScSG9V1JaqJqi+cys9HvuIdSCSHoeXxAH85WE=
Subject key identifier: 9C:3E:D7:35:E9:94:C0:F8:03:05:F1:28:F3:0E:10:17:2C:7C:36:22
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E528C390BB16CAA3600274E51F6371699
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nD7XNemUwPgDBfEo8w4QFyx8NiI.roa
Signing time: Mon 18 Mar 2024 17:11:45 +0000
ROA not before: Mon 18 Mar 2024 17:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:52:8c:39:0b:b1:6c:aa:36:00:27:4e:51:f6:37:16:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 18 17:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c3ed735e994c0f80305f128f30e10172c7c3622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:50:3c:7f:5d:2c:e8:e7:ad:ec:06:a6:87:ea:
66:35:82:91:d2:a5:0d:5e:db:de:ef:75:f5:ab:f1:
53:b9:05:a8:b8:7e:77:e0:70:5e:32:17:ff:26:f7:
96:70:cc:f8:d6:51:b4:78:75:ba:6a:ef:d3:88:5f:
52:0b:d6:0b:6b:04:3e:32:07:97:e2:2b:14:7d:17:
7a:97:65:18:9f:a9:85:c3:81:8d:f8:9a:1e:61:02:
c7:db:13:42:ba:75:79:d4:76:c5:5d:88:08:5c:fd:
2b:45:6a:92:96:c2:4f:52:ac:c7:61:77:50:45:03:
50:89:2a:d0:46:fb:1d:ba:6a:2b:22:05:77:d1:56:
0c:c2:aa:2d:37:57:87:c1:cd:5d:dd:5a:cf:53:9d:
98:e8:b6:e7:7c:12:96:e5:4d:04:2a:68:88:5b:08:
72:b4:81:27:83:35:ff:86:bb:2b:a0:c6:0a:df:37:
bf:f8:b4:db:f2:6b:7d:4c:b9:fb:07:b3:e1:29:d0:
14:a9:2a:4a:36:e6:da:c1:e6:ce:ea:20:81:7c:77:
ed:38:57:ed:4b:0d:06:95:b7:28:9c:82:df:81:a7:
dc:5d:0e:62:09:29:0c:a6:e4:b0:13:fc:d6:2a:ca:
6d:7f:dc:e3:d2:39:40:44:6f:71:63:b3:a5:00:24:
2f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3E:D7:35:E9:94:C0:F8:03:05:F1:28:F3:0E:10:17:2C:7C:36:22
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nD7XNemUwPgDBfEo8w4QFyx8NiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:2f:5e:d4:3f:38:ed:ea:60:d3:64:15:0f:07:0c:7a:a4:42:
87:b1:b7:80:96:3b:4f:3d:98:71:46:d6:d5:79:39:50:53:8b:
1f:38:fc:e4:83:7f:d2:4d:af:27:e0:0c:00:39:c7:47:cd:aa:
9f:e3:d6:76:51:3f:dd:1e:9d:60:3e:3b:84:f9:21:c2:70:04:
1d:f4:ed:40:a7:f1:15:0e:ba:19:3f:0c:b4:71:3f:42:e8:a7:
f8:df:88:b1:38:b1:be:0d:55:d2:cc:8b:d8:a1:10:0d:2a:a9:
18:aa:99:f2:59:7c:c7:db:b9:77:13:71:8f:cf:17:ec:d7:7e:
1a:da:86:61:96:69:27:21:62:09:9b:44:0d:30:3a:5a:ef:5b:
a3:cd:12:8b:de:42:49:4f:a6:78:4c:0d:e4:c9:d0:c2:34:b4:
cf:2f:19:67:0d:b5:7e:95:86:6b:23:62:f1:d9:b1:60:be:43:
a6:70:4e:41:88:7b:ba:ae:c4:f4:d5:df:39:30:84:93:89:ec:
84:95:13:56:be:fd:36:81:f0:34:d5:a9:8a:da:dd:a1:d8:83:
6d:65:ff:7a:6d:c6:98:1a:e1:34:2c:84:45:6a:32:ae:7a:52:
9e:4f:25:60:5b:a3:4a:6b:f6:1d:0c:59:16:94:d1:0f:03:cb:
00:fb:46:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5SjDkLsWyqNgAnTlH2NxaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE4MTcxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzNlZDczNWU5OTRjMGY4MDMwNWYxMjhmMzBlMTAxNzJjN2MzNjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlA8f10s6Oet7Aamh+pmNYKR0qUN
Xtve73X1q/FTuQWouH534HBeMhf/JveWcMz41lG0eHW6au/TiF9SC9YLawQ+MgeX
4isUfRd6l2UYn6mFw4GN+JoeYQLH2xNCunV51HbFXYgIXP0rRWqSlsJPUqzHYXdQ
RQNQiSrQRvsdumorIgV30VYMwqotN1eHwc1d3VrPU52Y6LbnfBKW5U0EKmiIWwhy
tIEngzX/hrsroMYK3ze/+LTb8mt9TLn7B7PhKdAUqSpKNubawebO6iCBfHftOFft
Sw0GlbconILfgafcXQ5iCSkMpuSwE/zWKsptf9zj0jlARG9xY7OlACQvTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJw+1zXplMD4AwXxKPMOEBcsfDYiMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbkQ3WE5lbVV3UGdEQmZFbzh3NFFGeXg4TmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFkvXtQ/OO3qYNNkFQ8H
DHqkQoext4CWO089mHFG1tV5OVBTix84/OSDf9JNryfgDAA5x0fNqp/j1nZRP90e
nWA+O4T5IcJwBB307UCn8RUOuhk/DLRxP0Lop/jfiLE4sb4NVdLMi9ihEA0qqRiq
mfJZfMfbuXcTcY/PF+zXfhrahmGWaSchYgmbRA0wOlrvW6PNEoveQklPpnhMDeTJ
0MI0tM8vGWcNtX6VhmsjYvHZsWC+Q6ZwTkGIe7quxPTV3zkwhJOJ7ISVE1a+/TaB
8DTVqYra3aHYg21l/3ptxpga4TQshEVqMq56Up5PJWBbo0pr9h0MWRaU0Q8DywD7
Rko=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:52 2024 by rpki-client on console-ams.rpki-client.org