Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tAMH-KTsVi_PwXAQo4a0rcavxvI.roa
File: tAMH-KTsVi_PwXAQo4a0rcavxvI.roa (raw, json)
Hash identifier: cy0g8vBzkT7JURJP5+LAz/OLuI3UGGjSVHYu8BISqpY=
Subject key identifier: B4:03:07:F8:A4:EC:56:2F:CF:C1:70:10:A3:86:B4:AD:C6:AF:C6:F2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DA9AD94A7130CAC3E06015C6BD783D8DE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tAMH-KTsVi_PwXAQo4a0rcavxvI.roa
Signing time: Wed 14 Feb 2024 22:12:21 +0000
ROA not before: Wed 14 Feb 2024 22:12:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a9:ad:94:a7:13:0c:ac:3e:06:01:5c:6b:d7:83:d8:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 14 22:12:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b40307f8a4ec562fcfc17010a386b4adc6afc6f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b2:c9:25:95:27:b0:e2:4e:5a:ce:be:c7:21:
c1:f7:9f:c2:fe:c0:b7:f6:a6:c5:a7:e1:06:09:d9:
3a:95:ce:89:ec:98:14:37:b5:46:32:31:c2:e8:a5:
fc:a4:e7:d6:cb:d6:cc:ee:cc:dc:1a:24:13:0a:88:
f2:97:00:10:bd:da:da:c5:49:ef:26:46:7c:19:28:
8b:34:6a:be:33:90:12:7a:74:cd:d4:86:74:e3:0e:
78:af:41:e0:e1:52:0a:6c:bf:62:9c:3f:50:1e:8f:
0d:d6:c7:81:e5:f7:bc:df:ca:ea:a4:45:fa:01:98:
77:98:39:dc:c8:48:9b:fa:af:eb:eb:cb:99:ff:74:
e5:13:28:4a:20:1f:05:94:f9:35:59:e1:e9:3c:aa:
a1:a3:56:c9:32:3a:72:fb:c9:9f:66:5d:39:46:40:
ce:db:75:df:b1:aa:f1:03:10:c2:38:f6:27:15:02:
47:bc:1f:53:26:b5:39:ae:fb:e5:8a:ec:10:6e:82:
87:79:81:79:4c:52:39:85:4b:94:09:0c:01:d6:26:
56:07:99:a1:16:df:08:ea:fa:7b:6e:0e:ee:a0:fa:
c9:d0:f9:57:b0:9a:11:83:53:01:66:55:6e:33:9c:
d4:96:ec:42:ea:5f:86:2d:1a:97:e5:5b:dc:94:fa:
cf:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:03:07:F8:A4:EC:56:2F:CF:C1:70:10:A3:86:B4:AD:C6:AF:C6:F2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tAMH-KTsVi_PwXAQo4a0rcavxvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:53:d1:49:72:b0:ad:06:2c:44:80:49:20:57:5d:a9:73:5d:
72:8f:ff:ca:02:c3:2a:d1:39:e2:af:db:30:de:60:c1:6a:c1:
bf:e5:94:de:57:18:97:3e:94:e6:47:27:76:29:f3:45:b4:09:
66:05:22:1a:58:db:68:f3:f0:d6:bd:60:9c:a6:03:67:07:6e:
c9:31:77:19:20:e2:2c:7b:76:5e:5e:c2:7c:6e:57:c5:ad:d4:
09:ee:c5:59:86:d8:9a:e1:93:8e:b1:8c:1b:5e:2a:76:a0:98:
44:c7:17:9a:df:1a:cf:00:11:b5:87:fa:8e:36:79:7e:bc:a6:
ef:16:32:48:23:b8:b0:7b:e5:7e:55:88:2c:a3:7f:df:fc:48:
85:98:bb:4a:01:84:0a:6e:37:3b:51:52:6d:ef:7a:04:4d:f2:
a6:ca:dc:b9:4c:c4:67:e9:c9:46:6f:42:17:cf:98:fb:de:b6:
58:a2:e0:06:7b:5c:d1:86:25:7e:aa:5a:2e:6d:6b:11:b4:13:
c2:9b:86:fb:58:09:b4:f0:6a:53:f4:54:6a:9d:2c:b6:02:89:
c3:fd:27:47:63:aa:cc:92:cc:a7:d8:f2:1f:67:4c:b2:84:32:
e3:c3:30:68:6a:d4:c3:9e:d3:ff:6e:6a:e8:e3:59:cc:d5:16:
d6:f1:71:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2prZSnEwysPgYBXGvXg9jeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE0MjIxMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDAzMDdmOGE0ZWM1NjJmY2ZjMTcwMTBhMzg2YjRhZGM2YWZjNmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrLJJZUnsOJOWs6+xyHB95/C/sC3
9qbFp+EGCdk6lc6J7JgUN7VGMjHC6KX8pOfWy9bM7szcGiQTCojylwAQvdraxUnv
JkZ8GSiLNGq+M5ASenTN1IZ04w54r0Hg4VIKbL9inD9QHo8N1seB5fe838rqpEX6
AZh3mDncyEib+q/r68uZ/3TlEyhKIB8FlPk1WeHpPKqho1bJMjpy+8mfZl05RkDO
23XfsarxAxDCOPYnFQJHvB9TJrU5rvvliuwQboKHeYF5TFI5hUuUCQwB1iZWB5mh
Ft8I6vp7bg7uoPrJ0PlXsJoRg1MBZlVuM5zUluxC6l+GLRqX5VvclPrPUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLQDB/ik7FYvz8FwEKOGtK3Gr8byMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdEFNSC1LVHNWaV9Qd1hBUW80YTByY2F2eHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGlT0UlysK0GLESASSBX
XalzXXKP/8oCwyrROeKv2zDeYMFqwb/llN5XGJc+lOZHJ3Yp80W0CWYFIhpY22jz
8Na9YJymA2cHbskxdxkg4ix7dl5ewnxuV8Wt1AnuxVmG2Jrhk46xjBteKnagmETH
F5rfGs8AEbWH+o42eX68pu8WMkgjuLB75X5ViCyjf9/8SIWYu0oBhApuNztRUm3v
egRN8qbK3LlMxGfpyUZvQhfPmPvetlii4AZ7XNGGJX6qWi5taxG0E8KbhvtYCbTw
alP0VGqdLLYCicP9J0djqsySzKfY8h9nTLKEMuPDMGhq1MOe0/9uaujjWczVFtbx
cVE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:56 2025 by rpki-client