Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/u_o72fEB1qVbqlhp3eIChv8_iKk.roa
File: u_o72fEB1qVbqlhp3eIChv8_iKk.roa (raw, json)
Hash identifier: Zt/RpxbpeB5xE4ra6GPY2STvw5jYTjfMjd6JOLhlQN8=
Subject key identifier: BB:FA:3B:D9:F1:01:D6:A5:5B:AA:58:69:DD:E2:02:86:FF:3F:88:A9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DBA3859ED9B52C547EBD20317EECD4037
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/u_o72fEB1qVbqlhp3eIChv8_iKk.roa
Signing time: Sun 18 Feb 2024 03:17:51 +0000
ROA not before: Sun 18 Feb 2024 03:17:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ba:38:59:ed:9b:52:c5:47:eb:d2:03:17:ee:cd:40:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 18 03:17:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbfa3bd9f101d6a55baa5869dde20286ff3f88a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:af:c0:93:a5:7a:70:1b:92:4b:43:96:c9:f0:
89:1c:e0:7d:74:77:eb:47:64:04:f5:44:0b:82:1e:
b4:02:da:22:cd:4f:43:bb:49:71:7c:b7:c4:b6:92:
d7:87:49:e7:e6:7e:6e:87:64:e5:ad:fb:6b:ab:62:
1c:78:35:b6:4f:50:f9:e0:f5:42:91:91:ec:f0:95:
0f:b9:2f:3b:92:d8:e5:fc:1f:61:87:1e:a3:f8:2e:
2c:0a:f7:9d:b8:a7:54:c7:15:bf:d9:06:49:6b:33:
f0:15:23:0a:01:84:8b:b7:0a:b5:e2:78:0b:83:27:
f1:79:c0:df:d1:db:7a:d7:70:f8:d9:38:b9:e8:cb:
fe:30:93:c3:b1:79:fb:62:58:ff:d9:13:26:f0:b2:
66:28:97:42:09:71:1a:94:ff:3d:c9:7a:21:b8:f3:
cf:de:7b:95:24:d0:34:a3:9a:91:5d:25:aa:c2:92:
af:a0:ba:f6:e3:98:4f:55:ec:8a:34:c3:d9:2a:31:
82:2f:e4:ad:a8:a0:c4:ef:ce:88:21:34:d8:13:f7:
2a:6b:4b:b1:9a:dc:fa:1c:f7:d4:7c:fb:3d:c5:6e:
13:b2:e6:3c:f9:26:67:9c:f2:91:43:bc:99:70:65:
38:3d:d8:5b:fd:4e:8d:a3:73:a1:20:0d:dd:41:4a:
d0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:FA:3B:D9:F1:01:D6:A5:5B:AA:58:69:DD:E2:02:86:FF:3F:88:A9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/u_o72fEB1qVbqlhp3eIChv8_iKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:b8:b6:4d:20:fb:54:30:c7:05:f3:e8:63:b0:64:d6:7d:4b:
f6:fe:97:30:92:f1:91:aa:11:30:9d:b7:aa:9d:26:a3:3b:9b:
52:4c:38:01:cc:60:e8:7d:e8:fb:36:1b:42:99:40:f2:aa:f6:
b7:09:e0:8a:41:65:b5:24:b3:cb:20:39:e7:1d:f1:1c:31:76:
44:c9:b8:f0:34:a5:3e:da:dd:ff:f5:e4:c4:90:a2:a8:3b:b3:
ad:ab:ab:28:1e:f1:d5:fc:05:6d:2a:ed:90:bc:ae:c0:5c:d8:
39:d6:a4:49:7d:d0:01:e8:ea:7b:ae:fc:20:68:34:2b:cd:6e:
f9:32:71:2f:26:ee:d0:45:ff:1b:9e:16:6f:1a:3a:10:87:09:
16:c2:1b:d3:fd:46:f3:12:62:21:30:d5:ed:a9:8e:9c:43:82:
48:65:b5:9a:51:76:d9:06:96:16:05:10:0d:bb:09:05:93:00:
fe:ac:fd:f1:5b:35:de:c9:45:e0:75:d0:6b:30:63:d8:9a:88:
2c:ae:77:58:30:be:97:1e:43:a0:c2:32:85:b0:34:fc:bb:16:
0a:42:ee:b1:b3:1f:e9:30:69:df:ef:b2:ac:33:61:0d:bf:ec:
c3:42:8f:4a:8e:ff:e8:80:72:35:e8:58:e1:d4:f8:14:af:1a:
08:c4:a3:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY26OFntm1LFR+vSAxfuzUA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE4MDMxNzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmZhM2JkOWYxMDFkNmE1NWJhYTU4NjlkZGUyMDI4NmZmM2Y4OGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK/Ak6V6cBuSS0OWyfCJHOB9dHfr
R2QE9UQLgh60AtoizU9Du0lxfLfEtpLXh0nn5n5uh2Tlrftrq2IceDW2T1D54PVC
kZHs8JUPuS87ktjl/B9hhx6j+C4sCveduKdUxxW/2QZJazPwFSMKAYSLtwq14ngL
gyfxecDf0dt613D42Ti56Mv+MJPDsXn7Ylj/2RMm8LJmKJdCCXEalP89yXohuPPP
3nuVJNA0o5qRXSWqwpKvoLr245hPVeyKNMPZKjGCL+StqKDE786IITTYE/cqa0ux
mtz6HPfUfPs9xW4TsuY8+SZnnPKRQ7yZcGU4Pdhb/U6No3OhIA3dQUrQcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLv6O9nxAdalW6pYad3iAob/P4ipMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdV9vNzJmRUIxcVZicWxocDNlSUNodjhfaUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ+4tk0g+1QwxwXz6GOw
ZNZ9S/b+lzCS8ZGqETCdt6qdJqM7m1JMOAHMYOh96Ps2G0KZQPKq9rcJ4IpBZbUk
s8sgOecd8RwxdkTJuPA0pT7a3f/15MSQoqg7s62rqyge8dX8BW0q7ZC8rsBc2DnW
pEl90AHo6nuu/CBoNCvNbvkycS8m7tBF/xueFm8aOhCHCRbCG9P9RvMSYiEw1e2p
jpxDgkhltZpRdtkGlhYFEA27CQWTAP6s/fFbNd7JReB10GswY9iaiCyud1gwvpce
Q6DCMoWwNPy7FgpC7rGzH+kwad/vsqwzYQ2/7MNCj0qO/+iAcjXoWOHU+BSvGgjE
o9o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org