Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tOU7q7yVSd0OFmy2_AvsoeKQJTs.roa
File: tOU7q7yVSd0OFmy2_AvsoeKQJTs.roa (raw, json)
Hash identifier: zNOj/dnZ3cV+nyqkMoIHXVkCfP4f0iJLqdheu6SYoJE=
Subject key identifier: B4:E5:3B:AB:BC:95:49:DD:0E:16:6C:B6:FC:0B:EC:A1:E2:90:25:3B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D479C433FEABD2EEAED3C6252A10393A9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tOU7q7yVSd0OFmy2_AvsoeKQJTs.roa
Signing time: Fri 26 Jan 2024 21:10:39 +0000
ROA not before: Fri 26 Jan 2024 21:10:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:47:9c:43:3f:ea:bd:2e:ea:ed:3c:62:52:a1:03:93:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 26 21:10:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4e53babbc9549dd0e166cb6fc0beca1e290253b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c6:bf:bb:ff:ac:e9:ce:41:e7:20:9c:d4:f2:
38:a3:b1:56:1b:3b:c0:6c:65:9e:5c:8c:28:68:4c:
47:a1:4c:b1:d4:8b:59:2c:89:cc:eb:b3:11:e7:78:
1e:c6:d5:a5:c7:c7:c1:02:21:21:53:f7:d7:3a:ff:
de:e9:69:4f:21:7f:f2:7a:24:73:50:18:cc:07:5a:
c2:33:9a:17:94:fc:5a:e8:a9:3b:21:eb:1f:ef:43:
d5:75:23:f1:24:e7:f9:27:8f:60:9d:86:fe:05:86:
e8:49:f5:91:80:96:ac:3b:40:79:9c:65:6f:6c:86:
8a:ca:02:02:90:b0:94:68:64:4c:ca:62:59:65:d6:
bf:07:e0:50:ea:84:4e:5f:c1:ce:d5:1a:9a:81:c2:
3f:c3:80:23:26:55:0f:90:cf:f3:8c:70:9d:c1:87:
52:36:29:5a:6d:57:c8:0b:8e:fb:89:13:8d:a4:97:
9a:2d:28:94:8d:e9:01:8d:f1:ac:98:58:61:63:21:
2f:fc:5b:74:cf:67:9a:ee:60:a4:2c:01:32:11:d8:
08:8a:fd:6d:ca:0f:3b:c5:62:65:0a:82:7a:c8:d8:
cc:50:de:22:a5:cf:96:34:c5:39:d9:ab:40:82:40:
1f:0e:a9:55:3e:01:d4:5f:3d:3c:7e:ba:15:e3:8d:
95:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E5:3B:AB:BC:95:49:DD:0E:16:6C:B6:FC:0B:EC:A1:E2:90:25:3B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tOU7q7yVSd0OFmy2_AvsoeKQJTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:c4:27:cf:01:e9:4e:57:a7:98:f4:ab:cc:7a:88:9d:02:d4:
aa:a9:88:c8:d8:16:b9:0c:a4:fc:c5:53:33:b7:ef:b1:0c:b6:
11:69:1f:f9:af:44:da:d5:56:c2:22:65:84:9b:46:ea:11:d6:
ae:44:7e:5b:16:35:e3:90:a4:19:73:98:34:57:d4:a9:04:97:
44:b5:80:fb:af:4b:56:59:5c:ac:49:cb:a9:9b:aa:9a:27:7c:
f7:f1:11:46:81:17:80:50:7d:d6:12:6f:88:aa:f0:87:31:b6:
0a:92:81:04:dd:e4:9d:b0:b7:ba:75:a6:60:ee:ab:f8:ef:16:
5c:2f:e6:85:0a:01:ca:76:1a:47:1a:bd:ae:d7:6a:18:e6:f8:
44:6e:e1:23:86:78:cc:59:70:eb:47:9d:17:27:fd:f0:fb:09:
4e:de:d3:05:20:2a:dd:09:70:73:06:7c:2c:0c:46:4b:fa:31:
76:e8:76:f5:11:80:df:df:66:37:bd:de:52:79:3c:a3:d7:8d:
45:13:08:72:49:1c:ec:73:d0:76:0c:95:93:1c:a2:89:6f:ae:
68:e3:ba:9e:c4:84:b7:6e:9c:aa:a2:e4:69:b1:fa:85:fa:60:
25:f0:28:48:1f:0c:7f:b3:a7:d5:d5:71:e8:43:fd:7b:76:58:
42:a8:7d:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1HnEM/6r0u6u08YlKhA5OpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI2MjExMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGU1M2JhYmJjOTU0OWRkMGUxNjZjYjZmYzBiZWNhMWUyOTAyNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsa/u/+s6c5B5yCc1PI4o7FWGzvA
bGWeXIwoaExHoUyx1ItZLInM67MR53gextWlx8fBAiEhU/fXOv/e6WlPIX/yeiRz
UBjMB1rCM5oXlPxa6Kk7Iesf70PVdSPxJOf5J49gnYb+BYboSfWRgJasO0B5nGVv
bIaKygICkLCUaGRMymJZZda/B+BQ6oROX8HO1RqagcI/w4AjJlUPkM/zjHCdwYdS
NilabVfIC477iRONpJeaLSiUjekBjfGsmFhhYyEv/Ft0z2ea7mCkLAEyEdgIiv1t
yg87xWJlCoJ6yNjMUN4ipc+WNMU52atAgkAfDqlVPgHUXz08froV442VUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLTlO6u8lUndDhZstvwL7KHikCU7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdE9VN3E3eVZTZDBPRm15Ml9BdnNvZUtRSlRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH/EJ88B6U5Xp5j0q8x6
iJ0C1KqpiMjYFrkMpPzFUzO377EMthFpH/mvRNrVVsIiZYSbRuoR1q5EflsWNeOQ
pBlzmDRX1KkEl0S1gPuvS1ZZXKxJy6mbqponfPfxEUaBF4BQfdYSb4iq8IcxtgqS
gQTd5J2wt7p1pmDuq/jvFlwv5oUKAcp2Gkcava7Xahjm+ERu4SOGeMxZcOtHnRcn
/fD7CU7e0wUgKt0JcHMGfCwMRkv6MXbodvURgN/fZje93lJ5PKPXjUUTCHJJHOxz
0HYMlZMcoolvrmjjup7EhLdunKqi5Gmx+oX6YCXwKEgfDH+zp9XVcehD/Xt2WEKo
fVg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:52 2024 by rpki-client on console-ams.rpki-client.org