Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zRHkVKdvcuRPHrNbrLlaBOP0fmI.roa
File: zRHkVKdvcuRPHrNbrLlaBOP0fmI.roa (raw, json)
Hash identifier: Qd+gjAVQu4uzjWo2QdX2VIJuTWjcOUsr1BsXg8wRTLE=
Subject key identifier: CD:11:E4:54:A7:6F:72:E4:4F:1E:B3:5B:AC:B9:5A:04:E3:F4:7E:62
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E1DC432D3338B1BD77B9D6EB2AEB85F2C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zRHkVKdvcuRPHrNbrLlaBOP0fmI.roa
Signing time: Fri 08 Mar 2024 11:13:01 +0000
ROA not before: Fri 08 Mar 2024 11:13:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1d:c4:32:d3:33:8b:1b:d7:7b:9d:6e:b2:ae:b8:5f:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 8 11:13:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd11e454a76f72e44f1eb35bacb95a04e3f47e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:08:ab:65:8e:aa:7d:96:c4:8b:ae:07:53:90:
4a:aa:cf:97:d5:51:1d:b9:ee:75:38:c0:05:63:de:
0d:8d:42:9b:11:f3:47:7b:4d:2b:7b:f4:1e:12:3f:
e3:a7:8d:f8:63:49:2e:00:4d:87:20:56:f3:a7:fe:
2c:5c:49:e5:46:94:be:d5:46:0b:b2:51:56:05:08:
76:4f:b0:24:25:75:db:1c:c3:c3:4a:1c:70:8e:82:
10:9b:f5:30:33:a8:48:b8:17:87:3a:16:7b:6b:85:
04:e3:ca:88:35:88:b4:d6:07:c0:1a:11:ab:30:12:
0e:40:04:a2:11:f8:d9:a1:1c:f9:cd:f0:f5:8b:60:
59:b8:26:f4:f6:ac:23:02:5f:5d:7a:c3:a5:e7:d9:
4e:5e:a3:32:82:fd:39:c6:46:bf:f9:b9:d1:91:71:
da:47:4d:61:d5:61:2b:76:d5:00:c3:4f:1f:07:b9:
a9:7f:30:0f:31:66:22:6c:6d:a4:0d:1a:b1:ed:6c:
db:3f:35:e4:a8:cd:72:3d:d1:96:64:9a:f9:f8:5b:
8c:d7:af:d1:96:2f:97:a5:be:25:00:f0:79:d6:04:
81:0f:d3:2d:ca:81:63:b1:60:99:ff:22:af:c5:27:
74:5c:8e:8d:a2:4b:d1:86:39:7e:f0:62:ce:22:7c:
61:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:11:E4:54:A7:6F:72:E4:4F:1E:B3:5B:AC:B9:5A:04:E3:F4:7E:62
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zRHkVKdvcuRPHrNbrLlaBOP0fmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:5f:13:0f:65:41:c8:87:d5:cd:28:d3:4e:01:fa:cc:42:40:
bb:a8:ca:bc:f2:8e:ec:2d:21:fd:38:95:c1:49:5c:f4:e5:16:
18:4b:1d:8d:39:7e:93:5d:5d:4d:fc:d9:d3:79:63:ea:d3:65:
cb:de:c3:45:36:ce:c3:cb:62:1f:35:b0:f2:1a:23:8f:59:ef:
ac:8b:3f:08:fa:ac:a1:b6:be:32:b7:0d:a7:88:5f:67:34:3d:
59:b4:41:31:11:a8:26:58:0d:28:bd:51:fb:43:a5:d5:92:6f:
9d:3c:3d:1f:9c:6f:53:24:f8:97:c0:15:72:a6:a0:0e:41:6b:
e8:75:a7:38:cd:73:a1:59:e6:7f:98:44:42:56:82:54:80:94:
65:b0:b1:e6:f6:b9:2d:55:41:a3:7a:25:79:0e:39:6a:f8:47:
9f:0b:b4:82:4d:02:e1:47:24:06:d2:83:e0:7a:19:c6:d8:c1:
59:64:19:00:1f:a6:ab:f3:15:e0:df:66:0b:61:8c:3e:cf:48:
3c:16:a6:67:e4:1a:3f:80:66:56:c2:ab:c0:0c:f8:e8:d9:65:
4e:f1:d4:a3:9f:62:75:c5:74:05:17:e8:83:97:19:40:cd:f7:
97:68:33:15:49:37:bb:90:f2:23:69:f0:82:a0:bc:76:16:ae:
e7:1c:5f:ed
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4dxDLTM4sb13udbrKuuF8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA4MTExMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDExZTQ1NGE3NmY3MmU0NGYxZWIzNWJhY2I5NWEwNGUzZjQ3ZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQirZY6qfZbEi64HU5BKqs+X1VEd
ue51OMAFY94NjUKbEfNHe00re/QeEj/jp434Y0kuAE2HIFbzp/4sXEnlRpS+1UYL
slFWBQh2T7AkJXXbHMPDShxwjoIQm/UwM6hIuBeHOhZ7a4UE48qINYi01gfAGhGr
MBIOQASiEfjZoRz5zfD1i2BZuCb09qwjAl9desOl59lOXqMygv05xka/+bnRkXHa
R01h1WErdtUAw08fB7mpfzAPMWYibG2kDRqx7WzbPzXkqM1yPdGWZJr5+FuM16/R
li+Xpb4lAPB51gSBD9MtyoFjsWCZ/yKvxSd0XI6NokvRhjl+8GLOInxhqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM0R5FSnb3LkTx6zW6y5WgTj9H5iMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvelJIa1ZLZHZjdVJQSHJOYnJMbGFCT1AwZm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGxfEw9lQciH1c0o004B
+sxCQLuoyrzyjuwtIf04lcFJXPTlFhhLHY05fpNdXU382dN5Y+rTZcvew0U2zsPL
Yh81sPIaI49Z76yLPwj6rKG2vjK3DaeIX2c0PVm0QTERqCZYDSi9UftDpdWSb508
PR+cb1Mk+JfAFXKmoA5Ba+h1pzjNc6FZ5n+YREJWglSAlGWwseb2uS1VQaN6JXkO
OWr4R58LtIJNAuFHJAbSg+B6GcbYwVlkGQAfpqvzFeDfZgthjD7PSDwWpmfkGj+A
ZlbCq8AM+OjZZU7x1KOfYnXFdAUX6IOXGUDN95doMxVJN7uQ8iNp8IKgvHYWrucc
X+0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org