Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/y2qT3aGzNXzMEYrrncGBnWnEXPQ.roa
File: y2qT3aGzNXzMEYrrncGBnWnEXPQ.roa (raw, json)
Hash identifier: YzAhNkdSbKFH4fcg9a4q/gOBTozyBpbzgovagNNgmns=
Subject key identifier: CB:6A:93:DD:A1:B3:35:7C:CC:11:8A:EB:9D:C1:81:9D:69:C4:5C:F4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DF3109B512DD404332C35EC7CD06A7FE1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/y2qT3aGzNXzMEYrrncGBnWnEXPQ.roa
Signing time: Thu 29 Feb 2024 04:12:48 +0000
ROA not before: Thu 29 Feb 2024 04:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f3:10:9b:51:2d:d4:04:33:2c:35:ec:7c:d0:6a:7f:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 29 04:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb6a93dda1b3357ccc118aeb9dc1819d69c45cf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2a:85:3b:eb:81:3f:50:73:4a:a1:b5:2e:b2:
d9:e5:d9:82:35:ff:1b:3e:4f:1d:38:41:6d:76:64:
42:f1:d2:20:71:47:09:66:fb:56:45:2e:8e:0d:a4:
f2:15:ff:43:18:ec:6f:6b:b7:41:00:78:4a:d9:e4:
38:5c:61:be:7a:85:d2:b6:97:7e:d7:ec:41:06:5c:
70:56:df:fb:0d:e2:87:31:d2:3c:da:8c:b4:9b:d2:
76:87:d2:af:07:80:07:b9:a9:87:dc:93:cd:10:dc:
cf:be:3d:8a:9c:6d:78:b1:9e:69:d8:52:67:3a:29:
9f:f3:53:8c:38:41:80:34:ff:ee:2a:bc:8c:b5:a3:
d7:24:32:da:97:92:e4:1f:1d:70:5d:02:9a:46:f5:
4a:83:86:86:6d:38:ab:9d:39:7f:56:47:d7:08:e1:
44:8f:ab:cc:4c:e0:8c:da:8a:c3:d6:f9:d1:9a:de:
86:8f:8c:72:89:ee:3c:0b:ff:d4:d6:89:9a:fa:ea:
a2:45:81:a4:d0:dc:7d:55:2f:b3:a1:45:7d:78:12:
12:10:82:51:89:f4:35:8c:8f:0f:4d:9f:28:2b:d3:
d9:1e:05:45:5f:bf:f7:59:88:b8:de:5a:72:59:19:
51:ff:6f:02:34:e6:5f:f5:96:29:8f:35:09:ac:c8:
8d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:6A:93:DD:A1:B3:35:7C:CC:11:8A:EB:9D:C1:81:9D:69:C4:5C:F4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/y2qT3aGzNXzMEYrrncGBnWnEXPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:98:ea:a4:b4:3a:60:b2:98:97:17:18:4d:4a:52:be:00:15:
b5:d9:0d:e3:fd:14:2c:5a:40:f1:1d:10:9e:24:53:49:66:20:
5f:55:25:23:8d:29:10:74:21:7b:92:22:b0:4b:4a:25:28:4b:
07:bb:28:08:7d:e1:c4:af:69:c6:24:11:52:7f:d6:a8:8d:02:
2d:00:eb:c0:7d:dd:60:0c:a4:e5:40:c7:24:f8:fd:71:15:52:
4b:75:fb:78:7b:f3:b7:eb:ed:9d:a4:58:b5:bd:4f:c2:c6:c6:
0c:2f:f5:51:c5:1b:b6:1c:ee:e5:42:c1:59:d8:94:5e:4f:05:
eb:58:39:37:55:cc:71:ca:33:eb:4d:0b:83:06:63:88:f1:d0:
f7:12:0c:87:84:01:f1:97:99:13:7d:f6:c9:68:e6:c1:fe:06:
c7:bf:a5:1d:49:f6:33:6b:b7:05:47:f6:36:c1:4a:4b:42:e5:
83:45:e6:d4:be:39:7c:65:8c:3b:42:77:d6:25:a0:07:45:b9:
e5:5f:a7:a9:44:6b:91:b8:fd:7b:83:41:e1:62:17:c8:70:19:
d6:16:c9:db:0a:e6:f0:37:a6:7d:55:1c:3c:46:47:c3:fe:44:
50:57:eb:01:5c:ee:a5:9a:12:56:97:7d:0a:8c:02:c3:9b:6e:
23:8e:cb:63
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3zEJtRLdQEMyw17HzQan/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI5MDQxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjZhOTNkZGExYjMzNTdjY2MxMThhZWI5ZGMxODE5ZDY5YzQ1Y2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyqFO+uBP1BzSqG1LrLZ5dmCNf8b
Pk8dOEFtdmRC8dIgcUcJZvtWRS6ODaTyFf9DGOxva7dBAHhK2eQ4XGG+eoXStpd+
1+xBBlxwVt/7DeKHMdI82oy0m9J2h9KvB4AHuamH3JPNENzPvj2KnG14sZ5p2FJn
Oimf81OMOEGANP/uKryMtaPXJDLal5LkHx1wXQKaRvVKg4aGbTirnTl/VkfXCOFE
j6vMTOCM2orD1vnRmt6Gj4xyie48C//U1oma+uqiRYGk0Nx9VS+zoUV9eBISEIJR
ifQ1jI8PTZ8oK9PZHgVFX7/3WYi43lpyWRlR/28CNOZf9ZYpjzUJrMiN6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMtqk92hszV8zBGK653BgZ1pxFz0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveTJxVDNhR3pOWHpNRVlycm5jR0JuV25FWFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFGY6qS0OmCymJcXGE1K
Ur4AFbXZDeP9FCxaQPEdEJ4kU0lmIF9VJSONKRB0IXuSIrBLSiUoSwe7KAh94cSv
acYkEVJ/1qiNAi0A68B93WAMpOVAxyT4/XEVUkt1+3h787fr7Z2kWLW9T8LGxgwv
9VHFG7Yc7uVCwVnYlF5PBetYOTdVzHHKM+tNC4MGY4jx0PcSDIeEAfGXmRN99slo
5sH+Bse/pR1J9jNrtwVH9jbBSktC5YNF5tS+OXxljDtCd9YloAdFueVfp6lEa5G4
/XuDQeFiF8hwGdYWydsK5vA3pn1VHDxGR8P+RFBX6wFc7qWaElaXfQqMAsObbiOO
y2M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org