Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rTGXm6x7Zs8FQOlKaKmy1OslvXA.roa
File: rTGXm6x7Zs8FQOlKaKmy1OslvXA.roa (raw, json)
Hash identifier: Z9mFkh7zkjJ7hDsvDconN8zu4FPDbKQ6QMU+NCsbDgM=
Subject key identifier: AD:31:97:9B:AC:7B:66:CF:05:40:E9:4A:68:A9:B2:D4:EB:25:BD:70
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D8F110C5B2ABD7F51D5E76A684C121A71
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rTGXm6x7Zs8FQOlKaKmy1OslvXA.roa
Signing time: Fri 09 Feb 2024 18:11:15 +0000
ROA not before: Fri 09 Feb 2024 18:11:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8f:11:0c:5b:2a:bd:7f:51:d5:e7:6a:68:4c:12:1a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 9 18:11:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad31979bac7b66cf0540e94a68a9b2d4eb25bd70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:24:d6:86:6a:4a:01:9e:6d:0f:7a:1e:6e:95:
30:ea:ce:af:2a:eb:7e:1c:ce:f5:ba:31:82:75:4e:
3a:c5:bb:d5:3d:12:f5:9c:04:f5:4a:2f:14:c2:a9:
dd:28:a0:09:2b:b2:1a:06:4e:9f:f0:47:78:fd:d7:
b1:fd:70:93:68:c9:cf:da:06:da:39:33:2a:5f:ae:
5c:fd:6f:76:6c:8a:4f:3f:f2:2f:71:53:be:36:fd:
aa:c6:bf:21:14:35:09:d0:cb:35:3e:13:c6:bc:73:
f6:b7:75:3b:5f:b0:0f:69:4c:1e:11:1b:7e:91:7d:
80:3e:cf:ab:da:13:5a:c5:ba:cc:6b:a8:7b:b9:65:
81:73:ce:99:95:d1:73:20:28:85:98:d2:fc:5a:9a:
bc:fc:67:9f:27:74:1f:3f:12:4f:2f:cf:15:23:ae:
cd:5f:df:da:04:3e:42:c1:5e:17:52:9f:b7:2b:43:
5d:ae:ef:99:1a:04:94:2b:8e:54:13:cd:c7:e6:3b:
44:15:97:2c:1d:78:ad:d5:37:8a:55:b8:3b:92:24:
95:19:0e:b3:07:95:01:f1:bd:15:1f:fd:15:bf:ff:
96:a3:d2:2d:66:0e:ae:c8:bc:fe:47:8f:2d:25:90:
bf:24:4e:d7:31:4b:3d:5a:38:ae:d7:4f:f5:52:45:
c9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:31:97:9B:AC:7B:66:CF:05:40:E9:4A:68:A9:B2:D4:EB:25:BD:70
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rTGXm6x7Zs8FQOlKaKmy1OslvXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:00:c3:23:25:87:ba:d2:0a:f6:13:33:c2:ff:01:0c:c7:ac:
fa:0e:7a:7f:b6:55:fb:28:b2:f3:0c:74:dc:69:9d:0f:4a:f7:
07:67:9c:96:44:f9:cf:db:6e:75:be:1a:85:f4:1d:d0:d0:5c:
25:35:bd:78:74:bd:ee:47:e1:96:1d:0f:e6:ce:e7:c8:00:88:
69:09:a7:9e:c5:3f:65:76:72:65:5a:cd:8d:4c:4b:a9:0a:9d:
5c:21:66:d5:de:22:bc:a9:f0:99:fe:d8:8e:d8:db:d9:c7:66:
3a:f2:a0:21:c3:11:09:54:c4:fc:2f:d3:a1:79:39:48:4a:35:
76:bc:5c:06:bd:e5:f6:f5:2a:b3:6b:36:6c:83:e5:fc:08:f0:
61:e4:ab:a3:10:04:61:2f:a2:8e:a6:86:42:9a:2d:40:27:6f:
e7:84:0e:c4:d6:15:1d:49:5c:95:31:c1:8d:67:a1:e8:e0:46:
51:7f:de:06:41:d5:5d:ec:35:20:cb:73:74:7f:b6:3c:af:f5:
7d:9f:35:4f:47:92:a1:c2:a5:75:3c:a8:8e:fc:9f:8b:fe:a9:
c6:a6:c7:c1:a9:5d:c3:f4:79:c5:a6:69:2a:2c:19:be:44:b1:
31:76:70:00:b0:d3:b9:34:b0:6e:1e:f0:04:e5:95:e1:ec:f2:
4e:ab:5d:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2PEQxbKr1/UdXnamhMEhpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA5MTgxMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDMxOTc5YmFjN2I2NmNmMDU0MGU5NGE2OGE5YjJkNGViMjViZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyTWhmpKAZ5tD3oebpUw6s6vKut+
HM71ujGCdU46xbvVPRL1nAT1Si8UwqndKKAJK7IaBk6f8Ed4/dex/XCTaMnP2gba
OTMqX65c/W92bIpPP/IvcVO+Nv2qxr8hFDUJ0Ms1PhPGvHP2t3U7X7APaUweERt+
kX2APs+r2hNaxbrMa6h7uWWBc86ZldFzICiFmNL8Wpq8/GefJ3QfPxJPL88VI67N
X9/aBD5CwV4XUp+3K0Ndru+ZGgSUK45UE83H5jtEFZcsHXit1TeKVbg7kiSVGQ6z
B5UB8b0VH/0Vv/+Wo9ItZg6uyLz+R48tJZC/JE7XMUs9Wjiu10/1UkXJswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK0xl5use2bPBUDpSmipstTrJb1wMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvclRHWG02eDdaczhGUU9sS2FLbXkxT3NsdlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKMAwyMlh7rSCvYTM8L/
AQzHrPoOen+2VfsosvMMdNxpnQ9K9wdnnJZE+c/bbnW+GoX0HdDQXCU1vXh0ve5H
4ZYdD+bO58gAiGkJp57FP2V2cmVazY1MS6kKnVwhZtXeIryp8Jn+2I7Y29nHZjry
oCHDEQlUxPwv06F5OUhKNXa8XAa95fb1KrNrNmyD5fwI8GHkq6MQBGEvoo6mhkKa
LUAnb+eEDsTWFR1JXJUxwY1noejgRlF/3gZB1V3sNSDLc3R/tjyv9X2fNU9HkqHC
pXU8qI78n4v+qcamx8GpXcP0ecWmaSosGb5EsTF2cACw07k0sG4e8ATlleHs8k6r
XQQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org