Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nz5rOPOgUeMW-rUARf-PH0wfVsg.roa
File: nz5rOPOgUeMW-rUARf-PH0wfVsg.roa (raw, json)
Hash identifier: 7fsOGfTeWT82tCOmDrBZrUlx9puJYr1FWW7lR5gkysU=
Subject key identifier: 9F:3E:6B:38:F3:A0:51:E3:16:FA:B5:00:45:FF:8F:1F:4C:1F:56:C8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EBAD5231C7616A1F113DFDEFFBACD6C9B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nz5rOPOgUeMW-rUARf-PH0wfVsg.roa
Signing time: Sun 07 Apr 2024 23:11:53 +0000
ROA not before: Sun 07 Apr 2024 23:11:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ba:d5:23:1c:76:16:a1:f1:13:df:de:ff:ba:cd:6c:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 7 23:11:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f3e6b38f3a051e316fab50045ff8f1f4c1f56c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b1:ec:b2:96:20:11:c4:a8:b6:62:7c:5d:f8:
dc:8f:d4:65:60:aa:91:2a:be:98:4d:20:7a:cc:48:
9c:85:fe:60:7f:c4:68:33:ba:71:7d:a9:1a:70:42:
ae:b2:d4:5e:40:b4:ac:71:39:b1:d3:41:c9:a0:91:
1c:9a:72:f0:90:d0:a3:b0:b2:71:b7:4b:f1:09:48:
87:c9:3b:66:e0:65:7f:00:48:8b:52:c0:28:98:4f:
6a:ae:49:d7:35:ce:ef:db:04:a5:9c:a5:7a:82:ae:
2c:64:2b:79:38:75:a0:cf:74:9b:28:fc:97:57:cc:
1b:5a:c6:91:3e:d4:cc:46:2a:db:b8:da:7e:32:af:
7a:9c:bb:17:d0:16:97:04:b1:dd:0b:17:dc:1a:32:
1a:91:2f:9f:a9:89:b8:84:b2:b9:3d:5c:34:48:45:
3a:39:df:46:d2:bc:c9:76:cd:21:80:b2:47:ad:68:
31:24:c5:22:da:aa:fe:d5:01:51:b4:a5:5b:36:56:
c2:0f:86:8e:aa:13:56:91:b5:63:88:06:39:d5:c0:
d8:a4:29:94:d9:63:68:1d:a0:9f:f8:00:82:aa:1e:
02:b5:bf:04:5e:6a:9d:20:68:57:d0:89:2b:a6:e9:
78:3f:95:bc:73:68:bb:b6:39:d3:35:db:84:15:13:
b7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:3E:6B:38:F3:A0:51:E3:16:FA:B5:00:45:FF:8F:1F:4C:1F:56:C8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nz5rOPOgUeMW-rUARf-PH0wfVsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:83:4a:db:ea:d5:56:eb:08:46:4c:c3:fc:61:2c:6e:7d:d9:
ae:c4:44:83:06:ab:9b:c2:f1:43:5c:7c:aa:82:1c:f8:6b:3a:
91:3a:a2:71:20:12:00:ab:04:10:d6:de:b9:e0:15:ab:99:f6:
18:4f:05:46:aa:1b:0d:93:37:b4:59:5b:9e:b0:12:51:02:e6:
3a:2c:54:e1:29:a7:f2:38:c0:3a:5a:a1:86:d1:ca:d7:f6:73:
aa:18:5e:2d:5e:2d:6e:6d:a4:9d:a5:73:d2:bc:7e:94:86:b4:
53:bb:5d:fe:d0:b6:da:6c:2c:61:6c:00:98:70:51:b1:7e:eb:
97:01:dd:86:59:f0:05:15:49:f1:f0:99:be:8f:07:c2:96:cf:
fd:34:91:70:5c:ff:f3:59:71:8f:f9:15:1f:cb:01:5f:d7:a7:
6a:e6:7b:80:e7:bd:cf:93:df:e3:e6:1b:a1:c0:6c:bb:6a:29:
c7:ba:5d:5d:b4:49:6b:71:e0:19:7e:0d:7d:77:c2:dc:79:bf:
e3:98:1b:44:ea:45:28:3b:a1:23:2e:43:e4:23:b6:f4:b2:75:
f6:e0:05:bc:32:21:5f:9b:c0:b3:16:0c:f3:ef:d6:70:91:2d:
69:b6:70:40:a4:66:98:c6:0c:de:b6:c1:3b:67:55:0c:59:e9:
c8:96:b1:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY661SMcdhah8RPf3v+6zWybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA3MjMxMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjNlNmIzOGYzYTA1MWUzMTZmYWI1MDA0NWZmOGYxZjRjMWY1NmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprHsspYgEcSotmJ8Xfjcj9RlYKqR
Kr6YTSB6zEichf5gf8RoM7pxfakacEKustReQLSscTmx00HJoJEcmnLwkNCjsLJx
t0vxCUiHyTtm4GV/AEiLUsAomE9qrknXNc7v2wSlnKV6gq4sZCt5OHWgz3SbKPyX
V8wbWsaRPtTMRirbuNp+Mq96nLsX0BaXBLHdCxfcGjIakS+fqYm4hLK5PVw0SEU6
Od9G0rzJds0hgLJHrWgxJMUi2qr+1QFRtKVbNlbCD4aOqhNWkbVjiAY51cDYpCmU
2WNoHaCf+ACCqh4Ctb8EXmqdIGhX0Ikrpul4P5W8c2i7tjnTNduEFRO33QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ8+azjzoFHjFvq1AEX/jx9MH1bIMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbno1ck9QT2dVZU1XLXJVQVJmLVBIMHdmVnNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF+DStvq1VbrCEZMw/xh
LG592a7ERIMGq5vC8UNcfKqCHPhrOpE6onEgEgCrBBDW3rngFauZ9hhPBUaqGw2T
N7RZW56wElEC5josVOEpp/I4wDpaoYbRytf2c6oYXi1eLW5tpJ2lc9K8fpSGtFO7
Xf7QttpsLGFsAJhwUbF+65cB3YZZ8AUVSfHwmb6PB8KWz/00kXBc//NZcY/5FR/L
AV/Xp2rme4Dnvc+T3+PmG6HAbLtqKce6XV20SWtx4Bl+DX13wtx5v+OYG0TqRSg7
oSMuQ+QjtvSydfbgBbwyIV+bwLMWDPPv1nCRLWm2cECkZpjGDN62wTtnVQxZ6ciW
sUc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:52 2024 by rpki-client on console-ams.rpki-client.org