Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xNN1ONbyQwBa15RyYcrDBKs5TIY.roa
File: xNN1ONbyQwBa15RyYcrDBKs5TIY.roa (raw, json)
Hash identifier: za3DlLGq5VAr/NwKzttI3dWhulhIfnr14R6GxpC+n04=
Subject key identifier: C4:D3:75:38:D6:F2:43:00:5A:D7:94:72:61:CA:C3:04:AB:39:4C:86
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6E01A42564FF72B39D262E740345085A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xNN1ONbyQwBa15RyYcrDBKs5TIY.roa
Signing time: Sun 24 Mar 2024 01:09:45 +0000
ROA not before: Sun 24 Mar 2024 01:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6e:01:a4:25:64:ff:72:b3:9d:26:2e:74:03:45:08:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 24 01:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4d37538d6f243005ad7947261cac304ab394c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:25:e8:06:c4:70:de:11:a6:d1:bf:e1:6c:bc:
0a:f5:f3:42:c6:23:54:4c:5a:0a:2b:fe:c8:e9:c2:
7e:24:07:47:38:42:e5:41:83:98:c2:79:ad:91:6a:
e6:52:0b:8a:c6:4d:48:f3:e8:ad:c6:84:a9:29:9c:
3a:2b:2b:2c:44:f5:39:98:b8:f8:05:b4:b8:de:45:
fa:55:89:b3:89:5a:64:f6:1e:e3:7e:4d:e9:03:75:
f6:66:27:bb:93:f1:4b:70:78:45:96:25:3b:ed:9e:
24:5b:00:56:f5:e6:38:d9:25:4f:f4:8c:0a:bc:0a:
b2:d0:0c:58:2b:f3:21:7e:5f:e1:e4:cd:a6:e0:35:
0f:8b:57:72:e9:01:dd:0e:f4:8c:f3:a8:29:b0:83:
2f:a4:8f:98:5a:a4:5e:ad:ad:4d:2c:90:ba:a5:6a:
bd:77:22:46:97:d2:fe:b6:f8:d1:b1:ff:07:b0:c2:
e8:a5:6f:83:d9:6a:16:d7:f7:57:ff:86:6f:a6:96:
48:d5:7d:ce:f4:85:0f:50:d8:b6:59:18:1f:73:64:
16:6c:d2:0c:5d:35:07:a2:40:8b:f6:3b:3e:ac:fc:
c8:ba:de:3e:4c:e7:87:35:6b:eb:65:55:8e:56:c6:
d6:ee:ef:72:cf:e2:5a:8e:7d:8f:9b:6c:7a:20:ec:
3b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D3:75:38:D6:F2:43:00:5A:D7:94:72:61:CA:C3:04:AB:39:4C:86
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xNN1ONbyQwBa15RyYcrDBKs5TIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:57:5f:98:11:d8:d5:7e:8c:54:f6:b0:94:c5:7a:6e:39:c7:
82:7f:36:b8:c8:d2:6f:ac:4d:af:65:be:a6:e8:ce:4b:51:aa:
9b:15:01:cb:f1:ad:1c:24:26:25:a0:b7:d5:41:ec:7d:9d:72:
17:f8:20:33:ea:8b:4f:f1:54:2c:92:95:ee:b1:9c:42:49:61:
43:94:00:cf:7d:e8:83:2d:28:5a:f3:43:f5:18:e8:71:fc:cf:
d1:43:02:db:2c:39:42:cd:f8:e6:58:5c:62:f7:02:a2:f8:a4:
90:43:a3:b6:bc:2f:ca:50:a9:3c:9e:d3:1c:d8:da:40:0c:51:
79:70:21:84:fc:08:6d:83:15:10:2a:e6:69:28:b5:5c:e4:78:
e6:98:d4:6a:47:74:29:e8:4e:17:46:45:df:03:b8:18:b2:04:
d5:d8:d1:8b:55:c6:aa:c9:3a:e0:72:7a:d9:a8:58:90:fe:11:
72:b8:d9:94:eb:1c:b2:c7:aa:9e:b6:74:fe:92:b2:ea:d6:6b:
aa:98:7b:17:e2:b2:5b:61:ca:53:63:21:9b:87:60:d5:59:30:
be:82:01:c0:1f:fb:e6:c6:a9:2c:4a:65:31:a2:e7:f0:f3:53:
60:e5:cd:d2:fa:03:86:b9:4a:c3:75:55:7f:59:4c:54:b2:e5:
96:0b:42:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5uAaQlZP9ys50mLnQDRQhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI0MDEwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGQzNzUzOGQ2ZjI0MzAwNWFkNzk0NzI2MWNhYzMwNGFiMzk0Yzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiXoBsRw3hGm0b/hbLwK9fNCxiNU
TFoKK/7I6cJ+JAdHOELlQYOYwnmtkWrmUguKxk1I8+itxoSpKZw6KyssRPU5mLj4
BbS43kX6VYmziVpk9h7jfk3pA3X2Zie7k/FLcHhFliU77Z4kWwBW9eY42SVP9IwK
vAqy0AxYK/Mhfl/h5M2m4DUPi1dy6QHdDvSM86gpsIMvpI+YWqRera1NLJC6pWq9
dyJGl9L+tvjRsf8HsMLopW+D2WoW1/dX/4ZvppZI1X3O9IUPUNi2WRgfc2QWbNIM
XTUHokCL9js+rPzIut4+TOeHNWvrZVWOVsbW7u9yz+Jajn2Pm2x6IOw7owIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMTTdTjW8kMAWteUcmHKwwSrOUyGMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveE5OMU9OYnlRd0JhMTVSeVljckRCS3M1VElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFJXX5gR2NV+jFT2sJTF
em45x4J/NrjI0m+sTa9lvqbozktRqpsVAcvxrRwkJiWgt9VB7H2dchf4IDPqi0/x
VCySle6xnEJJYUOUAM996IMtKFrzQ/UY6HH8z9FDAtssOULN+OZYXGL3AqL4pJBD
o7a8L8pQqTye0xzY2kAMUXlwIYT8CG2DFRAq5mkotVzkeOaY1GpHdCnoThdGRd8D
uBiyBNXY0YtVxqrJOuByetmoWJD+EXK42ZTrHLLHqp62dP6SsurWa6qYexfislth
ylNjIZuHYNVZML6CAcAf++bGqSxKZTGi5/DzU2DlzdL6A4a5SsN1VX9ZTFSy5ZYL
Qko=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org