Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/o7GY6YXzEcUH8YSKGiAHOQqVszE.roa
File: o7GY6YXzEcUH8YSKGiAHOQqVszE.roa (raw, json)
Hash identifier: L/6aFh+AZvwAKTV3ybBZFcPUyHUfpMjKQQBRgASVXM0=
Subject key identifier: A3:B1:98:E9:85:F3:11:C5:07:F1:84:8A:1A:20:07:39:0A:95:B3:31
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D7255B601E9E81484E6C7C277CF1E1A86
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/o7GY6YXzEcUH8YSKGiAHOQqVszE.roa
Signing time: Sun 04 Feb 2024 04:17:16 +0000
ROA not before: Sun 04 Feb 2024 04:17:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:72:55:b6:01:e9:e8:14:84:e6:c7:c2:77:cf:1e:1a:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 4 04:17:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3b198e985f311c507f1848a1a2007390a95b331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6e:71:2d:7c:b1:56:4c:c8:64:78:6a:48:22:
9f:90:d2:cd:f6:32:26:16:16:0e:cd:9b:ca:27:f3:
d5:83:fc:95:f8:f4:1e:bf:73:bf:a4:20:77:2b:a2:
d9:62:61:32:0c:4d:35:32:30:55:e7:b9:cf:e6:0b:
84:64:38:6a:81:9b:ce:01:5e:e0:99:44:c3:5d:83:
21:35:07:a4:fc:c3:9b:0b:66:7b:58:88:e8:7d:4e:
5d:c6:cb:c8:38:e2:05:db:ab:a6:3e:f7:cd:4d:bc:
20:20:28:e7:d7:31:26:6c:56:08:72:71:c4:a3:1a:
32:b0:9d:81:d1:51:85:c8:97:84:f8:b4:15:a1:8e:
00:ac:35:21:e2:e5:d1:a6:f0:ab:08:72:9c:e1:ab:
4c:da:d6:3f:34:7f:85:c8:8b:fb:4a:96:35:18:65:
0b:43:7c:13:13:b5:38:79:f3:e6:42:66:15:26:57:
da:a4:81:f4:7b:34:7c:fb:18:fe:3f:9c:5c:f4:5d:
ef:1c:8b:23:6d:4d:5c:54:74:dc:b3:1f:a5:0b:4e:
2c:b9:9b:93:e7:58:e7:37:49:7d:b3:4b:56:b9:da:
44:dc:30:29:d0:ef:a4:97:92:5e:bf:b5:f9:ec:3f:
01:01:95:e1:3e:57:27:58:db:e6:74:45:83:b5:fd:
bb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B1:98:E9:85:F3:11:C5:07:F1:84:8A:1A:20:07:39:0A:95:B3:31
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/o7GY6YXzEcUH8YSKGiAHOQqVszE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:8c:72:fe:f6:f1:82:c9:65:e9:8e:31:36:16:40:d7:b9:72:
fd:66:9f:92:84:a5:d9:6c:d9:2e:e1:52:b2:54:59:c9:7c:3b:
d7:58:84:65:7b:db:8d:93:22:8e:e8:82:f0:41:d2:b4:62:00:
e9:bf:ca:a0:20:4f:08:6b:8a:d2:ac:93:d0:3a:32:cd:43:ea:
cf:2e:58:ad:cb:09:aa:0d:57:ce:60:70:76:9a:d0:8d:c7:28:
cb:d3:18:eb:82:d0:b1:06:53:4a:ad:da:73:76:25:3d:ef:53:
2b:39:04:b9:40:b3:90:ab:3e:e5:0d:ae:09:95:ac:d6:67:15:
9b:6c:0c:b4:6a:44:2c:84:99:5f:01:c1:c9:2f:23:6e:d3:2a:
d5:d7:98:22:09:39:c9:b6:8e:33:63:f4:09:13:1b:61:3d:28:
dc:5f:8e:b3:b5:42:8f:e0:14:92:c7:22:dd:3b:a6:a9:97:06:
54:fb:98:c9:5e:17:0c:53:d9:dd:cb:92:6f:c4:50:f0:21:7f:
c2:7b:51:b8:7c:5d:96:8c:e7:fc:35:9f:f4:0f:99:13:ca:24:
a6:5e:b7:9a:c1:70:fb:68:ee:89:12:b1:65:bc:92:63:1d:da:
b8:ff:6a:da:c4:64:25:eb:16:77:c8:dd:3c:35:fa:f7:7b:53:
4b:be:4e:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1yVbYB6egUhObHwnfPHhqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA0MDQxNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2IxOThlOTg1ZjMxMWM1MDdmMTg0OGExYTIwMDczOTBhOTViMzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm25xLXyxVkzIZHhqSCKfkNLN9jIm
FhYOzZvKJ/PVg/yV+PQev3O/pCB3K6LZYmEyDE01MjBV57nP5guEZDhqgZvOAV7g
mUTDXYMhNQek/MObC2Z7WIjofU5dxsvIOOIF26umPvfNTbwgICjn1zEmbFYIcnHE
oxoysJ2B0VGFyJeE+LQVoY4ArDUh4uXRpvCrCHKc4atM2tY/NH+FyIv7SpY1GGUL
Q3wTE7U4efPmQmYVJlfapIH0ezR8+xj+P5xc9F3vHIsjbU1cVHTcsx+lC04suZuT
51jnN0l9s0tWudpE3DAp0O+kl5Jev7X57D8BAZXhPlcnWNvmdEWDtf27CwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKOxmOmF8xHFB/GEihogBzkKlbMxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbzdHWTZZWHpFY1VIOFlTS0dpQUhPUXFWc3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI6Mcv728YLJZemOMTYW
QNe5cv1mn5KEpdls2S7hUrJUWcl8O9dYhGV7242TIo7ogvBB0rRiAOm/yqAgTwhr
itKsk9A6Ms1D6s8uWK3LCaoNV85gcHaa0I3HKMvTGOuC0LEGU0qt2nN2JT3vUys5
BLlAs5CrPuUNrgmVrNZnFZtsDLRqRCyEmV8BwckvI27TKtXXmCIJOcm2jjNj9AkT
G2E9KNxfjrO1Qo/gFJLHIt07pqmXBlT7mMleFwxT2d3Lkm/EUPAhf8J7Ubh8XZaM
5/w1n/QPmRPKJKZet5rBcPto7okSsWW8kmMd2rj/atrEZCXrFnfI3Tw1+vd7U0u+
Tlc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org