Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xHzF3gtQgc05td1e0ndDAV5b7rM.roa
File: xHzF3gtQgc05td1e0ndDAV5b7rM.roa (raw, json)
Hash identifier: kYbIpuIxXGpyYYkLqSz5xZ4xdIkkSeWnuviUKGaGapE=
Subject key identifier: C4:7C:C5:DE:0B:50:81:CD:39:B5:DD:5E:D2:77:43:01:5E:5B:EE:B3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E39DFFFC10BD3A36668BFEC5559BA02A9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xHzF3gtQgc05td1e0ndDAV5b7rM.roa
Signing time: Wed 13 Mar 2024 22:12:45 +0000
ROA not before: Wed 13 Mar 2024 22:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:39:df:ff:c1:0b:d3:a3:66:68:bf:ec:55:59:ba:02:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 13 22:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c47cc5de0b5081cd39b5dd5ed27743015e5beeb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cd:46:ff:48:7a:bf:6c:5c:3a:33:1f:66:ea:
90:d6:79:d3:fd:03:ff:fc:21:a2:20:83:48:6b:46:
d8:37:14:21:44:44:e9:1e:90:82:f0:b5:c2:d4:be:
e4:74:b4:87:05:1c:e0:08:96:00:64:75:8f:e8:ae:
53:fc:14:55:15:9d:71:f4:bd:48:0a:82:24:1e:c9:
f0:14:c4:f6:00:ab:a7:c7:ca:e1:70:30:1f:f8:c3:
ea:d7:22:6d:ec:ca:0e:e7:3e:6e:e1:de:16:f9:12:
7e:e1:eb:2d:ec:60:28:e6:3c:ed:48:40:54:f7:98:
f5:65:24:2b:d6:6e:d0:de:7a:25:b9:dc:d9:6e:83:
1e:d7:85:5d:56:b6:19:ba:12:78:d5:f7:3a:f5:9a:
c9:7a:55:66:a4:70:77:a5:ff:1e:69:94:35:29:4c:
7b:cc:82:b3:1e:f9:c6:f3:dd:f5:ca:60:09:7e:71:
51:72:6a:fa:30:f5:1d:66:f1:5c:b4:72:e7:d7:3d:
fb:82:72:96:f2:82:91:a7:98:d9:77:0c:14:37:67:
84:cf:c1:a3:7b:9c:ee:c2:f2:49:dd:2d:b5:28:57:
72:88:28:82:ac:12:3c:e2:8b:64:82:e6:b6:72:9a:
9f:28:a2:18:28:f2:17:c4:2a:e9:42:6b:bb:5f:52:
58:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:7C:C5:DE:0B:50:81:CD:39:B5:DD:5E:D2:77:43:01:5E:5B:EE:B3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xHzF3gtQgc05td1e0ndDAV5b7rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:bb:9e:b3:4d:0a:f2:c4:04:53:bf:86:84:5e:39:d8:0c:09:
5f:81:82:b2:39:35:d8:60:9f:f0:bf:aa:54:6b:7a:ce:a6:93:
6e:a5:1d:ed:3f:4c:70:eb:24:f5:9a:0f:0a:44:b8:18:aa:5c:
72:ee:17:64:28:6f:98:4c:17:8f:cd:8d:3f:99:aa:1c:41:b4:
43:d2:2e:f2:39:9d:c8:10:e3:fb:a5:1a:68:71:ac:04:8f:6b:
d1:2e:65:c6:6d:c2:78:2f:69:0a:1e:fa:a6:34:57:ec:76:e1:
01:df:43:aa:1d:70:2d:e5:b6:17:21:e0:c1:25:52:3d:60:29:
ab:72:89:ae:55:1f:74:f8:00:94:b0:b8:f9:83:37:fc:89:ff:
7f:8e:a0:7d:00:46:77:07:35:69:1e:1a:dc:e5:9e:d6:53:67:
ae:c3:84:25:97:e0:a0:bd:ab:59:27:85:14:f2:fe:96:5e:2f:
0a:03:63:5d:7d:5c:fb:5e:3d:45:31:d3:7d:f7:ff:95:72:6b:
60:c2:11:4b:68:f7:4a:bd:b6:44:15:99:bb:c8:53:1c:db:51:
83:f0:3a:56:b7:50:d2:b4:d4:2b:80:d6:66:68:9d:b0:6b:75:
ba:7d:d8:c2:82:7e:6e:d9:44:17:fd:6d:4f:09:3f:42:e1:6d:
d4:3c:85:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY453//BC9OjZmi/7FVZugKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEzMjIxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDdjYzVkZTBiNTA4MWNkMzliNWRkNWVkMjc3NDMwMTVlNWJlZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc1G/0h6v2xcOjMfZuqQ1nnT/QP/
/CGiIINIa0bYNxQhRETpHpCC8LXC1L7kdLSHBRzgCJYAZHWP6K5T/BRVFZ1x9L1I
CoIkHsnwFMT2AKunx8rhcDAf+MPq1yJt7MoO5z5u4d4W+RJ+4est7GAo5jztSEBU
95j1ZSQr1m7Q3noludzZboMe14VdVrYZuhJ41fc69ZrJelVmpHB3pf8eaZQ1KUx7
zIKzHvnG8931ymAJfnFRcmr6MPUdZvFctHLn1z37gnKW8oKRp5jZdwwUN2eEz8Gj
e5zuwvJJ3S21KFdyiCiCrBI84otkgua2cpqfKKIYKPIXxCrpQmu7X1JYvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMR8xd4LUIHNObXdXtJ3QwFeW+6zMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveEh6RjNndFFnYzA1dGQxZTBuZERBVjViN3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABS7nrNNCvLEBFO/hoRe
OdgMCV+BgrI5Ndhgn/C/qlRres6mk26lHe0/THDrJPWaDwpEuBiqXHLuF2Qob5hM
F4/NjT+ZqhxBtEPSLvI5ncgQ4/ulGmhxrASPa9EuZcZtwngvaQoe+qY0V+x24QHf
Q6odcC3lthch4MElUj1gKatyia5VH3T4AJSwuPmDN/yJ/3+OoH0ARncHNWkeGtzl
ntZTZ67DhCWX4KC9q1knhRTy/pZeLwoDY119XPtePUUx0333/5Vya2DCEUto90q9
tkQVmbvIUxzbUYPwOla3UNK01CuA1mZonbBrdbp92MKCfm7ZRBf9bU8JP0LhbdQ8
hcQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org