Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/s6QYB35mps9XifULo-OZ_Dsi4Eo.roa
File: s6QYB35mps9XifULo-OZ_Dsi4Eo.roa (raw, json)
Hash identifier: pGlwIenJI4OT8Uq7KEXqCAzPU08CoTxsfunhkfQylEk=
Subject key identifier: B3:A4:18:07:7E:66:A6:CF:57:89:F5:0B:A3:E3:99:FC:3B:22:E0:4A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D83EB59F925F39662FC24E5CC584029D8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/s6QYB35mps9XifULo-OZ_Dsi4Eo.roa
Signing time: Wed 07 Feb 2024 14:14:15 +0000
ROA not before: Wed 07 Feb 2024 14:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:eb:59:f9:25:f3:96:62:fc:24:e5:cc:58:40:29:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 7 14:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3a418077e66a6cf5789f50ba3e399fc3b22e04a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d9:9c:0e:a4:15:1c:b0:da:9c:2c:6f:01:2b:
f0:8c:ed:1b:11:7b:c7:ac:f6:8b:7b:31:be:a1:8e:
23:4a:1d:7c:60:f9:dd:94:ad:4b:84:c3:66:82:cf:
e1:ba:c8:0b:d6:6f:37:6a:40:06:7a:5f:1e:7b:4e:
19:24:0b:b1:1d:7d:3f:77:c1:75:71:7f:e4:ed:75:
28:c3:68:2a:2a:11:5c:86:20:94:db:1a:53:8c:c0:
c0:68:4d:ec:0f:00:cb:d4:05:a4:b0:8c:79:76:f8:
e5:a1:63:cd:d8:13:4d:be:27:b5:d2:3a:fd:02:a0:
1e:07:89:e9:9f:11:2f:13:a3:24:5d:6c:2a:a8:e0:
f4:e5:9f:24:aa:94:6f:76:23:64:14:13:31:30:cc:
00:28:34:c9:0a:02:81:d7:79:7f:5e:22:6d:94:ba:
22:7f:f5:a5:3e:45:58:da:d7:09:25:be:1a:dc:36:
15:96:d0:3d:f7:23:b1:10:7a:46:e5:9c:57:fb:7c:
e0:57:90:7a:7f:f1:1b:f7:c4:77:85:b2:7d:2d:0f:
1d:9f:5d:ed:fe:06:f0:68:e4:66:eb:66:7e:cb:27:
8c:b9:24:66:d7:89:b4:16:59:5a:9e:95:3a:c0:93:
c5:79:88:a5:5c:f4:bc:00:f4:53:28:c5:14:59:13:
ae:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A4:18:07:7E:66:A6:CF:57:89:F5:0B:A3:E3:99:FC:3B:22:E0:4A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/s6QYB35mps9XifULo-OZ_Dsi4Eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7a:16:88:e8:da:dc:81:92:6e:16:f5:c7:e9:dc:3b:82:6f:1f:
ca:7d:f7:35:12:0d:0a:5a:02:87:26:ec:27:d1:a9:1f:e9:db:
ce:61:a5:c9:33:80:78:08:68:5d:82:45:58:96:e2:eb:03:53:
5a:e1:7f:ae:dd:c8:f7:b3:e1:81:30:fd:18:93:da:30:89:88:
4d:17:9a:3d:08:d0:95:aa:7f:e5:be:17:71:25:e8:24:dc:54:
49:76:d7:cb:fe:08:75:29:11:3b:20:80:31:49:c8:a1:fa:da:
64:3b:f7:c1:4a:33:ab:3e:54:2c:b9:6a:23:32:00:37:75:81:
66:0e:3c:61:99:d4:60:ad:c3:cc:85:31:34:54:0e:d3:b1:1c:
2a:af:56:f3:fb:ac:d5:7c:f4:e2:4f:98:9d:da:4b:05:99:68:
70:c3:1e:ff:fd:90:35:df:d2:72:cb:d8:7b:19:45:ce:53:d2:
0c:fd:72:3e:84:f9:af:2d:1c:d8:11:6a:c6:47:40:72:4c:35:
a0:32:1a:29:8a:89:c3:1e:f0:f1:d3:02:34:ce:5b:7e:4e:8d:
e3:91:12:df:e0:87:57:9c:66:fe:d8:34:08:6e:f9:bd:f2:c6:
80:60:24:6f:1b:58:6a:a7:4f:68:ee:22:38:cb:90:37:b6:b8:
2c:a9:55:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2D61n5JfOWYvwk5cxYQCnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA3MTQxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2E0MTgwNzdlNjZhNmNmNTc4OWY1MGJhM2UzOTlmYzNiMjJlMDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNmcDqQVHLDanCxvASvwjO0bEXvH
rPaLezG+oY4jSh18YPndlK1LhMNmgs/husgL1m83akAGel8ee04ZJAuxHX0/d8F1
cX/k7XUow2gqKhFchiCU2xpTjMDAaE3sDwDL1AWksIx5dvjloWPN2BNNvie10jr9
AqAeB4npnxEvE6MkXWwqqOD05Z8kqpRvdiNkFBMxMMwAKDTJCgKB13l/XiJtlLoi
f/WlPkVY2tcJJb4a3DYVltA99yOxEHpG5ZxX+3zgV5B6f/Eb98R3hbJ9LQ8dn13t
/gbwaORm62Z+yyeMuSRm14m0FllanpU6wJPFeYilXPS8APRTKMUUWROuFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLOkGAd+ZqbPV4n1C6Pjmfw7IuBKMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvczZRWUIzNW1wczlYaWZVTG8tT1pfRHNpNEVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHoWiOja3IGSbhb1x+nc
O4JvH8p99zUSDQpaAocm7CfRqR/p285hpckzgHgIaF2CRViW4usDU1rhf67dyPez
4YEw/RiT2jCJiE0Xmj0I0JWqf+W+F3El6CTcVEl218v+CHUpETsggDFJyKH62mQ7
98FKM6s+VCy5aiMyADd1gWYOPGGZ1GCtw8yFMTRUDtOxHCqvVvP7rNV89OJPmJ3a
SwWZaHDDHv/9kDXf0nLL2HsZRc5T0gz9cj6E+a8tHNgRasZHQHJMNaAyGimKicMe
8PHTAjTOW35OjeOREt/gh1ecZv7YNAhu+b3yxoBgJG8bWGqnT2juIjjLkDe2uCyp
VSQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org