Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xUr16dvBLfGOByGtLCgGutEGm8Y.roa
File: xUr16dvBLfGOByGtLCgGutEGm8Y.roa (raw, json)
Hash identifier: 1YoUS/ErECTvpQ17GY84ENtl30x155KtdPeg6E8o5q8=
Subject key identifier: C5:4A:F5:E9:DB:C1:2D:F1:8E:07:21:AD:2C:28:06:BA:D1:06:9B:C6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4F8B2DA2B2B13E0780B16D6076E56C5C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xUr16dvBLfGOByGtLCgGutEGm8Y.roa
Signing time: Mon 18 Mar 2024 03:11:44 +0000
ROA not before: Mon 18 Mar 2024 03:11:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4f:8b:2d:a2:b2:b1:3e:07:80:b1:6d:60:76:e5:6c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 18 03:11:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c54af5e9dbc12df18e0721ad2c2806bad1069bc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b1:dc:73:33:4c:e2:d9:2c:c1:0b:81:39:30:
be:c4:e0:ea:0c:53:3b:03:34:3c:fe:b5:22:a8:2a:
6b:f6:ff:75:d6:66:d5:08:62:ad:b7:c6:59:5a:f8:
f1:1e:6a:a6:ee:84:3c:ff:e0:31:92:78:dd:b0:35:
d9:91:bf:ed:d7:7c:7d:59:67:66:96:12:a1:d3:06:
e0:9c:cb:12:3d:eb:9b:9c:de:40:77:f8:91:a6:92:
f9:9c:c1:f5:85:61:b1:29:a0:09:3f:f9:28:ba:ee:
60:f3:47:25:d2:66:ac:45:9c:dd:1d:cf:7e:1f:bd:
64:fa:21:ae:10:af:b0:52:6c:6f:66:eb:14:90:79:
65:cb:07:d5:c9:16:7c:6e:5d:3d:2a:56:80:45:bf:
d8:eb:fb:8c:58:55:71:1b:d8:16:65:9f:76:0e:b0:
ac:c9:ac:ee:42:79:e1:9b:b8:9b:83:7c:10:17:dd:
53:44:c4:66:b7:01:1c:a9:37:7b:5e:c3:fd:ca:f7:
ef:64:0b:60:48:e5:ec:f4:24:2e:ed:23:6e:6f:d7:
5d:17:ee:2f:d2:2d:32:20:97:17:f3:91:d6:25:3f:
5f:05:36:e0:f7:60:23:93:de:20:ec:29:e8:bc:c3:
e9:08:6f:aa:79:64:9a:11:40:c5:ff:15:08:26:3d:
36:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4A:F5:E9:DB:C1:2D:F1:8E:07:21:AD:2C:28:06:BA:D1:06:9B:C6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xUr16dvBLfGOByGtLCgGutEGm8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:6a:f9:d4:7f:b3:60:52:b0:0b:99:40:a3:08:97:70:f4:1c:
24:24:90:9f:23:a1:c0:d4:5d:d6:e2:05:cd:a9:d0:91:5c:16:
b2:04:4f:3f:d1:e3:e9:94:9d:24:fa:04:d4:5b:16:42:79:ea:
da:fb:56:94:1d:98:24:2f:ee:45:07:90:ad:e5:90:19:16:58:
18:1f:89:dd:7a:2d:6d:f5:65:d4:b4:13:f6:69:2a:e5:2a:86:
d8:18:33:cb:10:5c:7e:ec:58:32:af:67:b3:7e:8d:e5:86:c2:
d2:53:21:fb:be:51:55:7c:83:10:e1:68:89:0c:2f:94:a1:5e:
cf:a0:64:d8:1e:ff:08:23:90:a8:26:a2:8c:6e:56:d8:3d:93:
17:b6:31:50:02:8d:80:3c:da:0e:1b:5d:8a:91:14:c7:61:1f:
2f:fc:5e:1e:6e:3d:a0:9a:68:42:4b:78:ca:d3:28:99:06:68:
b3:8c:af:bf:79:ac:86:e1:d7:55:f7:42:b1:d7:f6:d6:aa:84:
1b:89:93:ee:64:51:e5:a9:2a:e6:0a:18:53:1a:44:28:bd:e0:
65:5d:a5:f1:5b:cd:8f:52:88:16:bc:a3:5a:b5:af:13:59:34:
ed:a6:3c:b2:64:bc:bb:e6:ba:51:ef:6a:8b:d4:00:a5:14:6e:
ee:ac:39:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5Piy2isrE+B4CxbWB25WxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE4MDMxMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTRhZjVlOWRiYzEyZGYxOGUwNzIxYWQyYzI4MDZiYWQxMDY5YmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbHcczNM4tkswQuBOTC+xODqDFM7
AzQ8/rUiqCpr9v911mbVCGKtt8ZZWvjxHmqm7oQ8/+AxknjdsDXZkb/t13x9WWdm
lhKh0wbgnMsSPeubnN5Ad/iRppL5nMH1hWGxKaAJP/kouu5g80cl0masRZzdHc9+
H71k+iGuEK+wUmxvZusUkHllywfVyRZ8bl09KlaARb/Y6/uMWFVxG9gWZZ92DrCs
yazuQnnhm7ibg3wQF91TRMRmtwEcqTd7XsP9yvfvZAtgSOXs9CQu7SNub9ddF+4v
0i0yIJcX85HWJT9fBTbg92Ajk94g7CnovMPpCG+qeWSaEUDF/xUIJj02CQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMVK9enbwS3xjgchrSwoBrrRBpvGMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveFVyMTZkdkJMZkdPQnlHdExDZ0d1dEVHbThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHZq+dR/s2BSsAuZQKMI
l3D0HCQkkJ8jocDUXdbiBc2p0JFcFrIETz/R4+mUnST6BNRbFkJ56tr7VpQdmCQv
7kUHkK3lkBkWWBgfid16LW31ZdS0E/ZpKuUqhtgYM8sQXH7sWDKvZ7N+jeWGwtJT
Ifu+UVV8gxDhaIkML5ShXs+gZNge/wgjkKgmooxuVtg9kxe2MVACjYA82g4bXYqR
FMdhHy/8Xh5uPaCaaEJLeMrTKJkGaLOMr795rIbh11X3QrHX9taqhBuJk+5kUeWp
KuYKGFMaRCi94GVdpfFbzY9SiBa8o1q1rxNZNO2mPLJkvLvmulHvaovUAKUUbu6s
OTo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org