Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uOTOGtzcqUaR3MWhxzaCwoxD-9g.roa
File: uOTOGtzcqUaR3MWhxzaCwoxD-9g.roa (raw, json)
Hash identifier: cSuJWSlcmR6CRVfLfmVgKK+eUbNf9thvThB9Oo6HjSE=
Subject key identifier: B8:E4:CE:1A:DC:DC:A9:46:91:DC:C5:A1:C7:36:82:C2:8C:43:FB:D8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA595AA914A155BB4412B64CEAA48CB33
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uOTOGtzcqUaR3MWhxzaCwoxD-9g.roa
Signing time: Tue 26 Dec 2023 10:04:58 +0000
ROA not before: Tue 26 Dec 2023 10:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:a594:fc20/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a5:95:aa:91:4a:15:5b:b4:41:2b:64:ce:aa:48:cb:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 26 10:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b8e4ce1adcdca94691dcc5a1c73682c28c43fbd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ba:42:7f:50:16:61:6c:2d:12:bb:d6:0c:ba:
29:eb:80:06:fb:81:b1:17:09:5a:f2:96:ff:e9:4a:
6a:b6:c3:cf:9e:e8:a1:1d:30:f7:11:fb:4f:18:c6:
78:1d:7d:b4:64:65:ec:7c:69:c4:67:c7:a5:92:7d:
1a:71:b9:f1:54:09:2e:0a:9c:ae:9a:f4:cd:0a:99:
25:62:1b:11:c1:ca:12:09:1b:5e:21:18:3e:54:35:
ef:fe:e6:27:e5:4d:4d:18:70:27:c8:8b:3a:b3:dd:
0e:62:c8:92:14:05:58:32:9c:a5:b2:ad:5d:fa:5e:
12:ca:ec:d4:64:f3:58:80:3e:1a:30:85:41:c6:55:
da:6d:65:d7:8d:21:35:be:28:42:b3:04:84:75:c8:
f7:b9:5e:64:d3:63:47:3b:f5:11:d1:06:c1:05:c8:
ff:22:5b:c9:3f:b3:8a:b0:f0:d8:bf:ff:6e:e7:a5:
1a:cc:b8:e5:53:a8:96:25:eb:30:f2:c4:a7:ad:c9:
ff:90:5d:d2:36:78:da:cf:41:95:fe:a2:46:e8:25:
cb:0f:49:74:47:68:d7:64:0e:98:f3:51:15:dc:e3:
97:8e:75:dc:a6:68:1a:28:b5:12:06:40:32:7d:21:
fc:59:4e:dd:73:b7:bf:3a:1d:a0:c4:d1:0e:ba:da:
50:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E4:CE:1A:DC:DC:A9:46:91:DC:C5:A1:C7:36:82:C2:8C:43:FB:D8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uOTOGtzcqUaR3MWhxzaCwoxD-9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:b9:9b:1d:5e:b0:77:45:12:0a:ae:87:85:e8:9d:d2:30:a6:
0a:ee:92:63:23:87:cc:01:38:ca:77:e8:79:c6:47:c0:68:3b:
ad:df:e6:5b:fb:22:82:e7:b5:f8:9c:01:fb:a2:8a:a0:75:5c:
ce:87:44:89:2a:ea:13:0f:07:f5:dc:4f:fd:d6:a3:d7:6d:f3:
33:e0:ed:ea:3c:ad:ee:93:49:72:2a:6f:27:34:1b:1c:6f:b5:
b7:51:72:f0:d3:2d:fc:e8:76:d1:2b:ef:5e:e0:db:31:02:ec:
5c:96:3e:b8:88:a8:46:20:f9:de:10:ad:c2:fc:4f:71:94:29:
e0:b0:96:00:c2:b6:a9:08:56:4b:9d:e2:89:6e:ec:b6:28:25:
cd:83:f6:0a:5a:12:0a:37:0d:0d:34:d4:e6:e3:06:bd:34:fa:
aa:2d:bb:dd:69:ea:e6:cb:96:7a:8a:2b:e5:52:16:df:6b:30:
cc:3c:66:84:11:92:a4:e3:f7:41:62:4f:b4:34:46:e9:db:55:
f1:0b:36:bc:fa:24:9c:53:fc:91:1a:16:9d:e5:f9:83:8c:18:
87:4a:4f:60:51:d4:ff:c9:48:5c:a9:10:57:f4:60:fa:a1:4b:
eb:55:48:40:65:c1:28:12:4b:4d:4b:b8:3b:e8:cb:31:cd:6b:
e7:d6:40:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyllaqRShVbtEErZM6qSMszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI2MTAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGU0Y2UxYWRjZGNhOTQ2OTFkY2M1YTFjNzM2ODJjMjhjNDNmYmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7pCf1AWYWwtErvWDLop64AG+4Gx
Fwla8pb/6UpqtsPPnuihHTD3EftPGMZ4HX20ZGXsfGnEZ8elkn0acbnxVAkuCpyu
mvTNCpklYhsRwcoSCRteIRg+VDXv/uYn5U1NGHAnyIs6s90OYsiSFAVYMpylsq1d
+l4SyuzUZPNYgD4aMIVBxlXabWXXjSE1vihCswSEdcj3uV5k02NHO/UR0QbBBcj/
IlvJP7OKsPDYv/9u56UazLjlU6iWJesw8sSnrcn/kF3SNnjaz0GV/qJG6CXLD0l0
R2jXZA6Y81EV3OOXjnXcpmgaKLUSBkAyfSH8WU7dc7e/Oh2gxNEOutpQgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLjkzhrc3KlGkdzFocc2gsKMQ/vYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdU9UT0d0emNxVWFSM01XaHh6YUN3b3hELTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGW5mx1esHdFEgquh4Xo
ndIwpgrukmMjh8wBOMp36HnGR8BoO63f5lv7IoLntficAfuiiqB1XM6HRIkq6hMP
B/XcT/3Wo9dt8zPg7eo8re6TSXIqbyc0GxxvtbdRcvDTLfzodtEr717g2zEC7FyW
PriIqEYg+d4QrcL8T3GUKeCwlgDCtqkIVkud4olu7LYoJc2D9gpaEgo3DQ001Obj
Br00+qotu91p6ubLlnqKK+VSFt9rMMw8ZoQRkqTj90FiT7Q0RunbVfELNrz6JJxT
/JEaFp3l+YOMGIdKT2BR1P/JSFypEFf0YPqhS+tVSEBlwSgSS01LuDvoyzHNa+fW
QJg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:52 2024 by rpki-client on console-ams.rpki-client.org