Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/o7XfrE9XmC-8taNUBuVc98v393o.roa
File: o7XfrE9XmC-8taNUBuVc98v393o.roa (raw, json)
Hash identifier: jcJcclSaaVZyzzGODyov5uTekqqp6B5XVtyk3KCtkpA=
Subject key identifier: A3:B5:DF:AC:4F:57:98:2F:BC:B5:A3:54:06:E5:5C:F7:CB:F7:F7:7A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5B1FA83A50AF46B0A2E5705A14648E24
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/o7XfrE9XmC-8taNUBuVc98v393o.roa
Signing time: Wed 20 Mar 2024 09:09:45 +0000
ROA not before: Wed 20 Mar 2024 09:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:1f:a8:3a:50:af:46:b0:a2:e5:70:5a:14:64:8e:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 20 09:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3b5dfac4f57982fbcb5a35406e55cf7cbf7f77a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f6:88:d2:e2:96:7e:31:72:c8:87:0f:2c:8b:
73:b5:7d:9c:8f:d7:b5:e0:73:6c:e3:30:45:13:e0:
78:a5:73:fe:44:5f:b8:e4:a1:e8:9d:07:57:36:4e:
13:13:29:e7:14:8c:23:69:cb:bb:78:fc:32:52:58:
de:76:d0:10:ef:a8:08:30:30:bd:36:b4:c4:e8:7a:
d8:d6:df:5f:ff:b0:7b:2e:74:ef:7b:a2:c6:bc:e8:
03:1f:63:89:51:37:43:f2:24:29:d6:a7:cb:41:0c:
61:0e:ff:de:f3:b1:db:93:fa:12:f7:e7:3b:04:31:
b5:58:d7:39:e8:71:20:ee:70:64:51:34:44:7a:b6:
8c:2e:b6:69:6e:21:ae:36:b7:15:81:36:d2:3b:9a:
56:dd:a0:ee:f7:d6:5d:40:b5:3e:35:95:26:1c:87:
b6:f8:3e:d8:a2:60:1c:b9:62:c8:cb:92:3c:12:2b:
45:65:cb:09:fd:a9:3b:0c:e0:a2:f3:74:3f:6a:28:
01:17:2f:c4:0d:a3:f2:9b:dc:95:54:b8:54:06:39:
27:bf:31:db:20:b1:d2:f2:df:18:a8:0c:cc:fd:ca:
41:a4:8c:57:57:70:1e:3b:18:3a:63:56:cf:df:81:
05:e3:cb:0b:a0:37:3c:6b:e1:5c:49:d2:69:20:3b:
ac:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B5:DF:AC:4F:57:98:2F:BC:B5:A3:54:06:E5:5C:F7:CB:F7:F7:7A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/o7XfrE9XmC-8taNUBuVc98v393o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:a5:cb:79:6f:d8:fe:35:e7:f2:9d:ac:da:4b:1f:c0:17:cd:
cb:b4:9e:5e:fa:87:d2:fb:ef:64:5b:a7:8e:54:6b:d5:fc:6d:
83:80:a7:1e:90:05:23:1a:75:25:e3:24:79:f7:6d:33:bf:5b:
2a:fd:96:30:f6:97:89:3d:f3:e9:9e:54:89:b2:6f:35:2f:fb:
a0:93:4a:35:0c:5d:86:14:3f:9b:dd:ad:b6:3c:94:a8:c3:90:
9c:5d:6f:dd:5c:77:ee:5c:16:19:76:79:be:1c:1a:0e:cb:23:
ad:a3:db:1f:a5:67:84:b2:06:a1:df:64:61:20:b2:31:91:58:
8e:54:e0:6d:0c:d4:7f:d4:c7:b8:90:31:b4:05:ae:6b:09:63:
3f:50:c2:54:33:97:d6:b9:d6:19:0b:e6:14:1a:51:40:6a:76:
a7:37:7b:2a:49:a2:9c:31:dd:f0:b3:8f:b9:1c:ad:51:a9:b0:
7d:8d:50:2c:2d:f1:53:3d:f6:d7:65:f3:0d:da:99:e9:80:da:
9b:b6:1c:ae:df:61:54:8a:a3:d6:e4:dd:82:4b:ff:c2:68:90:
1c:39:8a:0e:01:d3:da:20:bd:29:90:bb:d3:1e:86:59:64:31:
04:3b:b1:6d:2e:53:7d:e1:54:2f:b7:6e:e6:56:b7:b6:eb:d7:
fa:35:45:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5bH6g6UK9GsKLlcFoUZI4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIwMDkwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2I1ZGZhYzRmNTc5ODJmYmNiNWEzNTQwNmU1NWNmN2NiZjdmNzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfaI0uKWfjFyyIcPLItztX2cj9e1
4HNs4zBFE+B4pXP+RF+45KHonQdXNk4TEynnFIwjacu7ePwyUljedtAQ76gIMDC9
NrTE6HrY1t9f/7B7LnTve6LGvOgDH2OJUTdD8iQp1qfLQQxhDv/e87Hbk/oS9+c7
BDG1WNc56HEg7nBkUTREeraMLrZpbiGuNrcVgTbSO5pW3aDu99ZdQLU+NZUmHIe2
+D7YomAcuWLIy5I8EitFZcsJ/ak7DOCi83Q/aigBFy/EDaPym9yVVLhUBjknvzHb
ILHS8t8YqAzM/cpBpIxXV3AeOxg6Y1bP34EF48sLoDc8a+FcSdJpIDuscwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKO136xPV5gvvLWjVAblXPfL9/d6MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbzdYZnJFOVhtQy04dGFOVUJ1VmM5OHYzOTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFOly3lv2P415/KdrNpL
H8AXzcu0nl76h9L772Rbp45Ua9X8bYOApx6QBSMadSXjJHn3bTO/Wyr9ljD2l4k9
8+meVImybzUv+6CTSjUMXYYUP5vdrbY8lKjDkJxdb91cd+5cFhl2eb4cGg7LI62j
2x+lZ4SyBqHfZGEgsjGRWI5U4G0M1H/Ux7iQMbQFrmsJYz9QwlQzl9a51hkL5hQa
UUBqdqc3eypJopwx3fCzj7kcrVGpsH2NUCwt8VM99tdl8w3amemA2pu2HK7fYVSK
o9bk3YJL/8JokBw5ig4B09ogvSmQu9MehllkMQQ7sW0uU33hVC+3buZWt7br1/o1
RSw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:52 2024 by rpki-client on console-ams.rpki-client.org