Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rQvfUDjl3-rwSMNln5pW5h9xaQQ.roa
File: rQvfUDjl3-rwSMNln5pW5h9xaQQ.roa (raw, json)
Hash identifier: SoALqR+r8oCDLNP2SYU3e7gjvPUABP7PP1mOEAhKaJA=
Subject key identifier: AD:0B:DF:50:38:E5:DF:EA:F0:48:C3:65:9F:9A:56:E6:1F:71:69:04
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D9A3D276BBEA3D5611632BFCDAA66C467
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rQvfUDjl3-rwSMNln5pW5h9xaQQ.roa
Signing time: Sun 11 Feb 2024 22:15:15 +0000
ROA not before: Sun 11 Feb 2024 22:15:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9a:3d:27:6b:be:a3:d5:61:16:32:bf:cd:aa:66:c4:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 11 22:15:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad0bdf5038e5dfeaf048c3659f9a56e61f716904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d4:52:cf:a2:aa:64:eb:81:54:85:e4:cf:c2:
51:d9:7f:2b:ec:d8:63:25:63:f4:49:4c:ca:29:3d:
0f:4e:e2:7b:16:35:32:dd:f7:3f:34:5c:9a:90:b6:
17:39:d5:d7:84:29:9e:d9:35:d3:fc:15:05:31:08:
08:10:2c:7b:c5:ee:1d:a7:34:b1:19:b0:1b:03:19:
17:65:c3:6b:04:03:8b:f4:09:d8:11:31:1c:4f:29:
81:8a:9f:67:6b:f1:17:70:12:b0:e8:65:eb:8e:48:
3e:2f:47:f9:e4:97:14:79:06:db:98:82:ce:39:b2:
e7:b0:70:24:ff:71:64:f1:a9:35:51:66:6a:22:51:
8e:45:aa:ff:31:9b:45:d0:fa:8c:3a:0d:31:ca:fb:
87:64:f7:29:d8:60:06:eb:92:31:a2:0c:ca:da:f6:
95:d2:15:78:a4:72:1a:93:21:19:e9:86:14:65:d6:
2d:09:1b:98:f7:04:86:98:7b:55:45:31:ad:47:17:
26:6b:85:c5:ec:94:c1:3c:6c:fd:1d:c2:9e:f6:2b:
a7:88:0d:52:f6:c8:9e:ee:44:a0:d9:f2:28:25:93:
e3:38:88:c6:a1:af:e6:33:de:8b:6b:65:54:b9:2a:
db:37:17:bc:ed:90:af:27:a6:c4:0d:a0:9f:5a:46:
f0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:0B:DF:50:38:E5:DF:EA:F0:48:C3:65:9F:9A:56:E6:1F:71:69:04
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rQvfUDjl3-rwSMNln5pW5h9xaQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:a7:32:1f:f9:99:0e:c8:69:c1:86:82:00:ec:8c:d0:e8:f2:
d1:aa:a7:18:d5:4e:53:b3:ff:e6:99:a5:c4:b2:00:42:99:6e:
24:17:f1:da:0c:3c:71:ac:1a:37:2d:a5:74:2d:73:95:e8:01:
d2:81:44:39:3d:bb:5d:89:db:87:3f:96:3a:5b:20:8d:fe:c1:
fb:08:df:a5:b5:71:b5:34:2f:df:e3:6a:e1:78:5b:40:fa:a4:
a6:40:af:6b:9d:67:f0:b5:6b:f9:b0:fb:96:6f:f6:6e:07:25:
de:13:07:67:28:09:65:03:50:4f:6d:3e:b3:55:30:21:67:09:
78:f0:8e:fd:32:7d:9a:b4:b4:17:dd:cd:00:95:99:cd:18:62:
16:87:d3:a6:f9:76:e3:ae:a8:40:93:fc:f8:9e:15:30:35:02:
52:cd:81:ba:fa:c4:e5:ae:37:8e:3c:64:c1:4a:41:1a:fd:5d:
6e:0f:67:62:49:85:9a:3b:29:93:1d:fe:a1:30:ad:3a:50:b5:
64:d0:8c:39:d9:3e:59:c4:7f:98:2e:59:58:f3:f0:78:2f:c5:
b4:48:54:c6:d6:43:9c:5d:d7:f1:17:a8:ef:a7:88:36:2f:b4:
83:3b:c2:59:80:e1:d1:8d:62:0b:30:7c:f9:70:c8:b4:7f:a6:
1a:e2:2a:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2aPSdrvqPVYRYyv82qZsRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjExMjIxNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDBiZGY1MDM4ZTVkZmVhZjA0OGMzNjU5ZjlhNTZlNjFmNzE2OTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9RSz6KqZOuBVIXkz8JR2X8r7Nhj
JWP0SUzKKT0PTuJ7FjUy3fc/NFyakLYXOdXXhCme2TXT/BUFMQgIECx7xe4dpzSx
GbAbAxkXZcNrBAOL9AnYETEcTymBip9na/EXcBKw6GXrjkg+L0f55JcUeQbbmILO
ObLnsHAk/3Fk8ak1UWZqIlGORar/MZtF0PqMOg0xyvuHZPcp2GAG65IxogzK2vaV
0hV4pHIakyEZ6YYUZdYtCRuY9wSGmHtVRTGtRxcma4XF7JTBPGz9HcKe9iuniA1S
9sie7kSg2fIoJZPjOIjGoa/mM96La2VUuSrbNxe87ZCvJ6bEDaCfWkbwKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK0L31A45d/q8EjDZZ+aVuYfcWkEMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvclF2ZlVEamwzLXJ3U01ObG41cFc1aDl4YVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEOnMh/5mQ7IacGGggDs
jNDo8tGqpxjVTlOz/+aZpcSyAEKZbiQX8doMPHGsGjctpXQtc5XoAdKBRDk9u12J
24c/ljpbII3+wfsI36W1cbU0L9/jauF4W0D6pKZAr2udZ/C1a/mw+5Zv9m4HJd4T
B2coCWUDUE9tPrNVMCFnCXjwjv0yfZq0tBfdzQCVmc0YYhaH06b5duOuqECT/Pie
FTA1AlLNgbr6xOWuN448ZMFKQRr9XW4PZ2JJhZo7KZMd/qEwrTpQtWTQjDnZPlnE
f5guWVjz8HgvxbRIVMbWQ5xd1/EXqO+niDYvtIM7wlmA4dGNYgswfPlwyLR/phri
Kjc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org