Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oZf7LlD-50Ye9LXuYoRlj5gF1Eg.roa
File: oZf7LlD-50Ye9LXuYoRlj5gF1Eg.roa (raw, json)
Hash identifier: ad78Diav3V/n5O9ePG44w/vZSxV3nwdYtYUahnbslSs=
Subject key identifier: A1:97:FB:2E:50:FE:E7:46:1E:F4:B5:EE:62:84:65:8F:98:05:D4:48
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8ED71921AFCC4DDFAA3D47CE805805B2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oZf7LlD-50Ye9LXuYoRlj5gF1Eg.roa
Signing time: Sat 30 Mar 2024 10:10:45 +0000
ROA not before: Sat 30 Mar 2024 10:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8e:d7:19:21:af:cc:4d:df:aa:3d:47:ce:80:58:05:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 30 10:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a197fb2e50fee7461ef4b5ee6284658f9805d448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:87:70:cd:fe:36:f1:5e:d3:62:be:9e:84:d4:
5e:fb:c7:19:60:2d:70:cb:bb:a5:be:64:62:40:41:
42:f6:48:1e:79:0d:87:ff:60:cf:dc:6d:79:89:92:
26:1d:4b:e3:6a:57:3b:63:1e:ec:a5:d6:67:f9:00:
98:84:34:52:97:74:a2:ce:62:57:39:88:f9:76:76:
23:53:cb:18:a1:47:00:d1:65:cf:0e:81:ac:6a:fc:
7d:92:e8:8f:c9:26:c1:5f:d5:c4:6e:d1:e6:cf:e1:
e8:62:05:81:a7:ed:ed:dc:a2:ae:d5:12:0d:4a:0f:
f8:3b:6f:ea:0d:bc:b3:c6:0f:93:0e:c0:ca:59:09:
ef:a7:a5:1a:c6:37:7f:5e:e7:7e:64:db:66:22:38:
84:9f:fb:fd:db:22:31:64:c0:76:3d:76:ec:e9:6c:
3d:02:ea:0e:e9:c1:f5:75:42:6d:5f:c1:8d:6b:4a:
3a:f0:af:7a:97:e7:20:8c:f6:4d:a8:d1:23:e7:b9:
84:38:45:8d:28:01:c3:a1:a3:28:38:58:58:8d:48:
50:9f:28:55:d8:1a:20:cb:a6:ee:84:6b:6a:b2:45:
2f:2d:6f:1e:03:6c:a9:50:5e:92:c0:c5:f9:75:3a:
9d:b0:48:50:76:38:e5:1c:9a:8c:74:61:64:0f:55:
43:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:97:FB:2E:50:FE:E7:46:1E:F4:B5:EE:62:84:65:8F:98:05:D4:48
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oZf7LlD-50Ye9LXuYoRlj5gF1Eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:72:55:a0:95:11:0d:35:9d:fb:7e:32:1d:4d:97:2f:80:3a:
a7:95:73:0b:e3:df:92:87:64:fc:77:50:ff:0a:55:f1:0a:b2:
01:a1:8a:ef:32:28:80:2b:18:9a:70:4c:9b:95:b0:bc:22:84:
e4:4e:12:2f:39:5a:10:47:79:bf:f3:d9:44:4d:1d:1f:d9:38:
c6:3b:3d:e9:92:75:81:12:c4:96:92:f2:20:85:a6:9e:d4:0b:
23:2f:4d:af:b9:b7:08:0f:38:20:fe:3c:14:12:a3:d8:6e:ac:
e6:0b:9b:e9:d3:9f:de:7f:52:67:53:7a:cd:c9:59:b3:6d:ef:
48:46:7f:5d:57:c5:e9:ee:2f:bf:96:69:ed:98:25:c1:f5:7c:
4b:77:02:ad:54:2f:42:e4:c7:96:89:8b:e0:db:9b:1c:f1:19:
9c:86:c3:a1:6a:71:6e:32:de:cd:aa:32:af:b2:49:5a:1d:65:
b7:96:46:69:53:8e:7a:18:95:c8:a4:d6:b1:f3:73:50:e6:c7:
af:34:cc:cf:4f:28:0f:7f:ff:00:f1:b3:b8:f3:5f:db:49:63:
9a:0e:18:76:65:55:75:7c:49:fd:1f:5a:13:58:34:0d:dc:12:
da:87:d2:c2:35:64:9d:53:be:3e:bf:74:7d:7b:7c:3f:db:69:
85:24:b7:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6O1xkhr8xN36o9R86AWAWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMwMTAxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTk3ZmIyZTUwZmVlNzQ2MWVmNGI1ZWU2Mjg0NjU4Zjk4MDVkNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIdwzf428V7TYr6ehNRe+8cZYC1w
y7ulvmRiQEFC9kgeeQ2H/2DP3G15iZImHUvjalc7Yx7spdZn+QCYhDRSl3SizmJX
OYj5dnYjU8sYoUcA0WXPDoGsavx9kuiPySbBX9XEbtHmz+HoYgWBp+3t3KKu1RIN
Sg/4O2/qDbyzxg+TDsDKWQnvp6Uaxjd/Xud+ZNtmIjiEn/v92yIxZMB2PXbs6Ww9
AuoO6cH1dUJtX8GNa0o68K96l+cgjPZNqNEj57mEOEWNKAHDoaMoOFhYjUhQnyhV
2Bogy6buhGtqskUvLW8eA2ypUF6SwMX5dTqdsEhQdjjlHJqMdGFkD1VDGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKGX+y5Q/udGHvS17mKEZY+YBdRIMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvb1pmN0xsRC01MFllOUxYdVlvUmxqNWdGMUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADNyVaCVEQ01nft+Mh1N
ly+AOqeVcwvj35KHZPx3UP8KVfEKsgGhiu8yKIArGJpwTJuVsLwihOROEi85WhBH
eb/z2URNHR/ZOMY7PemSdYESxJaS8iCFpp7UCyMvTa+5twgPOCD+PBQSo9hurOYL
m+nTn95/UmdTes3JWbNt70hGf11XxenuL7+Wae2YJcH1fEt3Aq1UL0Lkx5aJi+Db
mxzxGZyGw6FqcW4y3s2qMq+ySVodZbeWRmlTjnoYlcik1rHzc1Dmx680zM9PKA9/
/wDxs7jzX9tJY5oOGHZlVXV8Sf0fWhNYNA3cEtqH0sI1ZJ1Tvj6/dH17fD/baYUk
t/I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:52 2024 by rpki-client on console-ams.rpki-client.org