Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nSwT4rk1SP_7TqCjarlce28Blpw.roa
File: nSwT4rk1SP_7TqCjarlce28Blpw.roa (raw, json)
Hash identifier: F9wjM4OIhamR7PLtFM7BFlPdorrceZiw4qDfWiB63QQ=
Subject key identifier: 9D:2C:13:E2:B9:35:48:FF:FB:4E:A0:A3:6A:B9:5C:7B:6F:01:96:9C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E2991944058F4B7C83D5265541BDA4FCA
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nSwT4rk1SP_7TqCjarlce28Blpw.roa
Signing time: Sun 10 Mar 2024 18:13:10 +0000
ROA not before: Sun 10 Mar 2024 18:13:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:29:91:94:40:58:f4:b7:c8:3d:52:65:54:1b:da:4f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 10 18:13:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d2c13e2b93548fffb4ea0a36ab95c7b6f01969c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:78:af:82:00:37:0d:26:4d:99:04:4a:81:4a:
24:15:0f:10:a0:f0:92:14:df:38:5b:2d:0a:2f:8f:
3d:73:07:f1:d5:ec:c5:e2:ff:0e:19:e8:01:72:6c:
87:e6:b0:ba:88:90:65:b2:38:4d:2d:8d:72:20:4b:
7d:f8:5a:40:a2:fb:e9:d9:47:31:3a:ea:cb:19:ec:
d2:b5:eb:bd:4c:4c:09:53:d8:a8:3e:10:bd:75:84:
95:78:ba:da:ed:dd:56:a2:33:b4:fc:b1:63:eb:fe:
91:10:57:25:a0:83:5c:ef:66:cb:e4:6c:e9:fc:34:
0f:38:21:4f:04:1b:9b:93:b0:3c:8a:fe:1b:17:1e:
4f:6e:d2:97:a8:2b:b7:83:f6:d6:1b:df:30:52:de:
6c:97:4e:03:0e:62:c7:bc:f9:7e:0f:4a:85:b1:0d:
c1:47:e6:1f:b6:61:dc:1c:60:5e:51:50:0c:a8:db:
af:72:db:e1:23:f6:70:55:ff:17:05:5a:ab:52:89:
22:4d:21:18:66:79:01:6f:1a:7f:2d:66:21:06:40:
3d:3f:1c:09:c9:28:d0:a8:7c:ff:fd:b6:f3:5a:65:
5c:8a:e4:09:cd:ba:88:e2:1b:af:6a:16:a6:0c:2d:
86:6b:2a:94:c6:6e:57:24:ea:f4:31:8f:89:29:3f:
3a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:2C:13:E2:B9:35:48:FF:FB:4E:A0:A3:6A:B9:5C:7B:6F:01:96:9C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nSwT4rk1SP_7TqCjarlce28Blpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:93:ef:6d:fd:b4:69:85:2d:8b:b0:18:c9:4c:f9:e1:6e:19:
b5:5a:2a:bc:83:cf:6c:99:09:b7:11:f9:26:e9:40:5d:15:18:
1b:55:9a:fa:1f:57:a1:7a:3c:31:a3:59:ec:49:ca:99:24:15:
66:5d:ce:6c:27:81:5a:e4:c1:00:9c:8a:bf:98:9d:de:bd:23:
1f:ae:d4:fe:31:c6:f8:3f:79:c3:4c:7f:50:8a:40:be:cd:e5:
ad:0c:9e:f6:44:22:76:91:55:b2:72:33:a1:65:e1:5a:c8:69:
cf:d2:e3:48:23:6b:ac:5a:41:e8:ce:4c:4d:ec:83:74:48:b2:
b1:aa:d1:a0:e0:c8:11:2b:32:a2:1f:7d:81:a6:f5:fa:7c:69:
44:91:43:93:7d:81:47:4a:39:ef:49:24:1e:2e:54:ab:0f:15:
fb:7d:d7:12:88:de:d4:51:1d:f1:07:00:31:9e:36:8f:f2:85:
dc:4e:20:fc:9b:4b:3b:66:81:39:58:a5:01:7a:e9:38:fb:09:
42:88:2f:9b:0e:0e:ba:1a:0d:5d:6b:01:c7:d3:55:be:12:92:
3a:79:ac:be:bb:03:79:bf:36:06:d8:d6:67:60:86:de:7f:29:
a3:f8:f9:56:38:a2:4f:62:6d:e9:9b:da:91:87:06:34:59:ae:
5f:63:69:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4pkZRAWPS3yD1SZVQb2k/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEwMTgxMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDJjMTNlMmI5MzU0OGZmZmI0ZWEwYTM2YWI5NWM3YjZmMDE5NjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3ivggA3DSZNmQRKgUokFQ8QoPCS
FN84Wy0KL489cwfx1ezF4v8OGegBcmyH5rC6iJBlsjhNLY1yIEt9+FpAovvp2Ucx
OurLGezSteu9TEwJU9ioPhC9dYSVeLra7d1WojO0/LFj6/6REFcloINc72bL5Gzp
/DQPOCFPBBubk7A8iv4bFx5PbtKXqCu3g/bWG98wUt5sl04DDmLHvPl+D0qFsQ3B
R+YftmHcHGBeUVAMqNuvctvhI/ZwVf8XBVqrUokiTSEYZnkBbxp/LWYhBkA9PxwJ
ySjQqHz//bbzWmVciuQJzbqI4huvahamDC2GayqUxm5XJOr0MY+JKT86aQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ0sE+K5NUj/+06go2q5XHtvAZacMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvblN3VDRyazFTUF83VHFDamFybGNlMjhCbHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF6T7239tGmFLYuwGMlM
+eFuGbVaKryDz2yZCbcR+SbpQF0VGBtVmvofV6F6PDGjWexJypkkFWZdzmwngVrk
wQCcir+Ynd69Ix+u1P4xxvg/ecNMf1CKQL7N5a0MnvZEInaRVbJyM6Fl4VrIac/S
40gja6xaQejOTE3sg3RIsrGq0aDgyBErMqIffYGm9fp8aUSRQ5N9gUdKOe9JJB4u
VKsPFft91xKI3tRRHfEHADGeNo/yhdxOIPybSztmgTlYpQF66Tj7CUKIL5sODroa
DV1rAcfTVb4Skjp5rL67A3m/NgbY1mdght5/KaP4+VY4ok9ibemb2pGHBjRZrl9j
af4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:52 2024 by rpki-client on console-ams.rpki-client.org