Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qO6ozOzONkUKFFCqy7i7sOs5a_I.roa
File: qO6ozOzONkUKFFCqy7i7sOs5a_I.roa (raw, json)
Hash identifier: u3oA5TG7YXb6qD7klc5hL0PNEnctUPMDIO2n47l5wyM=
Subject key identifier: A8:EE:A8:CC:EC:CE:36:45:0A:14:50:AA:CB:B8:BB:B0:EB:39:6B:F2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C96598579F7A893B80BF2C86E6DF8C980
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qO6ozOzONkUKFFCqy7i7sOs5a_I.roa
Signing time: Sat 23 Dec 2023 11:04:58 +0000
ROA not before: Sat 23 Dec 2023 11:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:9659:45e6/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:96:59:85:79:f7:a8:93:b8:0b:f2:c8:6e:6d:f8:c9:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 11:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8eea8ccecce36450a1450aacbb8bbb0eb396bf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7a:8b:2b:e5:f9:f9:f4:87:3d:21:8e:59:c1:
c0:9a:55:59:eb:0d:91:af:e1:fe:7f:fc:f2:79:53:
12:78:79:76:0d:df:b8:77:ea:08:f2:d8:87:c8:50:
24:cd:61:8d:d6:19:78:e3:18:14:ff:ee:4a:d5:d0:
81:5a:13:32:35:66:66:39:18:82:1a:c0:b8:91:d7:
74:0b:0d:ca:f2:88:e1:c7:97:1b:35:de:36:54:d1:
4b:22:5d:43:3d:78:fe:2c:7b:65:07:8e:2b:c3:2d:
52:8b:ea:87:72:38:0b:6b:01:f1:03:58:e6:cc:fc:
1b:da:6b:e1:42:b5:ef:0e:de:41:c2:28:79:10:30:
c4:f7:ab:d4:c8:3e:4c:f3:32:8b:f7:ce:d1:7d:d2:
c1:f6:a5:7e:09:35:fd:4d:0a:fe:f5:5c:32:0f:3f:
52:57:78:8d:ea:04:cc:b1:55:15:1c:34:36:40:50:
dd:a6:36:6a:d0:06:31:45:dc:8d:18:3f:14:2c:42:
ea:2d:7d:9d:0d:4d:91:08:76:48:75:0b:c0:77:e0:
36:3d:6f:da:f8:42:2e:59:c7:c2:3c:fc:38:d9:50:
9c:94:06:24:61:e0:0a:bb:3d:e0:9e:4f:14:1c:1e:
54:c6:3f:e5:bd:6d:95:dc:84:60:33:db:93:40:fc:
d2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EE:A8:CC:EC:CE:36:45:0A:14:50:AA:CB:B8:BB:B0:EB:39:6B:F2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qO6ozOzONkUKFFCqy7i7sOs5a_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:a3:48:1d:63:a7:b1:9f:48:f8:8b:15:f7:10:04:7b:b6:15:
e5:ad:9f:ef:08:bc:4d:3a:cf:f0:67:5a:4a:5a:aa:fd:4f:38:
08:66:87:b6:31:51:69:86:a8:66:69:a0:65:54:00:c2:cc:62:
bf:4a:62:ab:91:d9:dd:3d:2c:08:3d:c1:f0:44:52:02:9e:4d:
f1:fc:be:9a:65:4d:9e:f8:47:4d:32:74:0a:88:ad:84:31:5e:
37:fb:62:ca:c4:06:ac:ec:1e:56:fd:b4:57:2e:a9:14:5b:1c:
82:cc:e6:b9:09:72:74:19:0a:7f:25:21:e0:f3:f1:7c:0e:f2:
76:09:7a:35:c8:6a:7c:74:73:78:1c:82:0f:f1:c6:d5:9b:d1:
e4:43:26:08:4f:cf:dc:c4:36:72:44:d3:0f:dd:7f:b9:0d:11:
18:b7:c3:3c:40:77:72:36:fb:71:02:7d:f4:ae:1b:c6:0a:f1:
19:21:06:80:3b:13:e5:20:c0:38:25:48:23:d5:38:6d:7f:79:
4e:44:f0:11:c7:f7:22:f1:44:a3:5d:50:bd:b5:1b:29:65:7a:
4e:98:bd:41:9e:e2:44:5d:ca:37:7a:58:72:26:20:a6:ac:75:
a0:95:5c:59:0c:6e:6b:be:d6:9c:af:85:16:4f:87:ec:ce:c8:
35:cc:ed:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyWWYV596iTuAvyyG5t+MmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMTEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGVlYThjY2VjY2UzNjQ1MGExNDUwYWFjYmI4YmJiMGViMzk2YmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3qLK+X5+fSHPSGOWcHAmlVZ6w2R
r+H+f/zyeVMSeHl2Dd+4d+oI8tiHyFAkzWGN1hl44xgU/+5K1dCBWhMyNWZmORiC
GsC4kdd0Cw3K8ojhx5cbNd42VNFLIl1DPXj+LHtlB44rwy1Si+qHcjgLawHxA1jm
zPwb2mvhQrXvDt5Bwih5EDDE96vUyD5M8zKL987RfdLB9qV+CTX9TQr+9VwyDz9S
V3iN6gTMsVUVHDQ2QFDdpjZq0AYxRdyNGD8ULELqLX2dDU2RCHZIdQvAd+A2PW/a
+EIuWcfCPPw42VCclAYkYeAKuz3gnk8UHB5Uxj/lvW2V3IRgM9uTQPzSnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKjuqMzszjZFChRQqsu4u7DrOWvyMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcU82b3pPek9Oa1VLRkZDcXk3aTdzT3M1YV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIqjSB1jp7GfSPiLFfcQ
BHu2FeWtn+8IvE06z/BnWkpaqv1POAhmh7YxUWmGqGZpoGVUAMLMYr9KYquR2d09
LAg9wfBEUgKeTfH8vpplTZ74R00ydAqIrYQxXjf7YsrEBqzsHlb9tFcuqRRbHILM
5rkJcnQZCn8lIeDz8XwO8nYJejXIanx0c3gcgg/xxtWb0eRDJghPz9zENnJE0w/d
f7kNERi3wzxAd3I2+3ECffSuG8YK8RkhBoA7E+UgwDglSCPVOG1/eU5E8BHH9yLx
RKNdUL21Gyllek6YvUGe4kRdyjd6WHImIKasdaCVXFkMbmu+1pyvhRZPh+zOyDXM
7Zo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org