Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oS4-iCJXLyl1Zh1d1CYTczu7QFo.roa
File: oS4-iCJXLyl1Zh1d1CYTczu7QFo.roa (raw, json)
Hash identifier: b43f+/KFmcCJOjDaRyaErwWopRUUM0pljOmatYDa5oE=
Subject key identifier: A1:2E:3E:88:22:57:2F:29:75:66:1D:5D:D4:26:13:73:3B:BB:40:5A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CC3A76B711C85CB2F8CF0E9F241D61526
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oS4-iCJXLyl1Zh1d1CYTczu7QFo.roa
Signing time: Mon 01 Jan 2024 06:12:58 +0000
ROA not before: Mon 01 Jan 2024 06:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:a7:6b:71:1c:85:cb:2f:8c:f0:e9:f2:41:d6:15:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 1 06:12:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a12e3e8822572f2975661d5dd42613733bbb405a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:11:25:b4:8f:9f:f5:f0:dd:9a:ae:78:32:65:
a3:65:b5:32:78:f0:63:79:e4:89:c2:93:56:b1:3d:
77:59:c1:e7:0b:44:82:33:96:aa:34:d1:48:52:34:
84:bf:e9:5a:17:c0:2f:56:a7:af:4f:f4:6d:14:9c:
02:37:0f:0b:22:f6:fa:ca:a9:7b:45:7d:2e:63:ff:
2f:49:55:91:ce:cd:e4:4b:ee:51:3a:03:89:a7:79:
f1:fc:2e:62:81:b3:0d:8a:48:a1:77:a4:e4:29:69:
be:9b:72:86:22:32:15:f3:59:d1:0b:f2:dd:29:35:
c4:29:fd:d6:74:ab:6b:76:87:3c:f5:8d:ad:1c:4c:
ff:93:0d:4b:f6:07:b2:ec:97:19:64:a7:db:8c:b5:
5c:a5:18:34:01:1a:79:86:f3:73:ee:cb:b4:1b:01:
36:4e:f5:5b:44:48:55:51:9e:75:7e:59:df:57:ba:
55:fa:cf:d2:3e:01:4e:ec:9a:61:44:f1:0f:eb:02:
6c:2a:ef:9a:83:78:25:47:89:94:7a:23:25:6e:f9:
1c:35:d9:78:7b:b8:56:9c:18:38:0a:87:5f:ed:50:
17:bd:e1:17:de:d9:e7:68:fd:26:86:96:0c:79:cc:
57:12:9c:b1:31:95:df:5d:aa:be:5b:58:b1:69:99:
90:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2E:3E:88:22:57:2F:29:75:66:1D:5D:D4:26:13:73:3B:BB:40:5A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oS4-iCJXLyl1Zh1d1CYTczu7QFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
54:1c:b0:b9:65:98:a5:4a:fe:6f:51:4c:d6:a0:8c:62:82:46:
6e:4a:ed:79:6f:db:a3:fe:22:a6:9e:3d:88:6d:7a:fc:14:fc:
62:97:47:67:cc:4c:1c:e7:0f:ba:5d:43:e3:5d:60:17:aa:8c:
0e:9d:bb:37:df:cd:ac:2d:6c:37:4e:f6:43:96:84:ec:31:09:
b0:b8:80:21:20:93:7f:1e:40:4e:06:f3:7e:77:ee:7b:39:b2:
39:ef:2e:7c:60:8e:0d:76:ac:3b:30:83:ec:6e:3b:98:94:e7:
ca:78:cd:b5:5a:46:1f:5c:a5:57:1f:ff:00:9d:2d:1a:35:49:
83:c9:e7:8f:11:d2:8a:91:b5:66:33:1d:0e:67:22:4d:a5:cb:
77:0e:36:9d:a1:80:34:8a:70:45:65:c8:90:cc:32:bd:08:1f:
46:71:40:71:01:c9:23:8d:af:b0:ca:e7:5e:b1:f9:b1:c7:37:
69:6c:97:2c:5b:36:ef:3e:60:74:90:84:df:28:68:46:b4:2a:
1a:94:f8:af:c5:9b:7c:63:34:a8:69:dd:b8:a1:05:30:25:02:
c9:8b:e3:dd:86:8a:9e:dd:ad:5c:45:5a:d4:9e:65:6c:f6:dc:
14:7d:de:27:93:cb:19:d9:ee:0f:5a:e1:39:76:5e:7c:ab:c9:
8c:9d:51:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDp2txHIXLL4zw6fJB1hUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAxMDYxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTJlM2U4ODIyNTcyZjI5NzU2NjFkNWRkNDI2MTM3MzNiYmI0MDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxEltI+f9fDdmq54MmWjZbUyePBj
eeSJwpNWsT13WcHnC0SCM5aqNNFIUjSEv+laF8AvVqevT/RtFJwCNw8LIvb6yql7
RX0uY/8vSVWRzs3kS+5ROgOJp3nx/C5igbMNikihd6TkKWm+m3KGIjIV81nRC/Ld
KTXEKf3WdKtrdoc89Y2tHEz/kw1L9gey7JcZZKfbjLVcpRg0ARp5hvNz7su0GwE2
TvVbREhVUZ51flnfV7pV+s/SPgFO7JphRPEP6wJsKu+ag3glR4mUeiMlbvkcNdl4
e7hWnBg4Codf7VAXveEX3tnnaP0mhpYMecxXEpyxMZXfXaq+W1ixaZmQLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKEuPogiVy8pdWYdXdQmE3M7u0BaMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvb1M0LWlDSlhMeWwxWmgxZDFDWVRjenU3UUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFQcsLllmKVK/m9RTNag
jGKCRm5K7Xlv26P+IqaePYhtevwU/GKXR2fMTBznD7pdQ+NdYBeqjA6duzffzawt
bDdO9kOWhOwxCbC4gCEgk38eQE4G83537ns5sjnvLnxgjg12rDswg+xuO5iU58p4
zbVaRh9cpVcf/wCdLRo1SYPJ548R0oqRtWYzHQ5nIk2ly3cONp2hgDSKcEVlyJDM
Mr0IH0ZxQHEBySONr7DK516x+bHHN2lslyxbNu8+YHSQhN8oaEa0KhqU+K/Fm3xj
NKhp3bihBTAlAsmL492Gip7drVxFWtSeZWz23BR93ieTyxnZ7g9a4Tl2XnyryYyd
UQ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org