Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/3drBnsdFM9i6-0PQ9uvcCGxkV4k.roa
File: 3drBnsdFM9i6-0PQ9uvcCGxkV4k.roa (raw, json)
Hash identifier: 9dl79LMgNRoFKjU8MlY9qNW3NeOkNaWCwlAzx4NhsgE=
Subject key identifier: DD:DA:C1:9E:C7:45:33:D8:BA:FB:43:D0:F6:EB:DC:08:6C:64:57:89
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4D06E4CB611C0AD21E6F776EEF5660B4
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/3drBnsdFM9i6-0PQ9uvcCGxkV4k.roa
Signing time: Thu 31 Aug 2023 19:16:51 +0000
ROA not before: Thu 31 Aug 2023 19:16:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4d:06:e4:cb:61:1c:0a:d2:1e:6f:77:6e:ef:56:60:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 19:16:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dddac19ec74533d8bafb43d0f6ebdc086c645789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4c:06:f3:03:59:0e:0d:c5:90:e6:70:e5:30:
29:83:ff:c4:f1:ef:db:97:98:49:2f:5c:29:d6:cb:
b7:21:30:94:36:72:58:ec:f4:69:fb:7a:e0:ff:3f:
67:96:77:e4:48:eb:57:31:9f:8c:25:ec:17:a7:1c:
c7:4f:62:9e:de:ae:26:9d:34:40:f5:21:02:fe:67:
f0:21:79:26:99:3f:be:a4:85:8d:99:ae:5c:77:bd:
ca:b7:7b:02:9a:a2:25:e4:57:78:c1:c8:36:ac:98:
e4:ca:5b:cb:c3:dc:dd:0a:51:9b:de:09:68:ae:38:
26:78:50:93:0c:e1:b9:89:f9:aa:5d:7e:db:91:39:
d9:17:9e:cd:71:ca:6f:39:06:d9:71:1e:56:a2:98:
c4:91:f9:4a:ff:dc:11:29:89:62:d2:c6:f0:5c:75:
83:21:d7:9a:c2:50:6a:05:59:a9:bb:7b:dd:f2:ec:
d9:9b:5d:b0:38:8c:2c:ea:ac:a7:65:05:54:56:60:
ee:3d:6f:be:6d:5e:9e:07:ca:54:24:2a:4a:df:36:
28:7d:ce:96:42:a9:35:5a:67:f8:92:5f:18:38:d5:
cf:d1:d6:20:f5:4f:17:ac:1c:05:51:71:af:d5:a6:
c1:ca:e7:34:47:1b:93:ed:1a:77:e2:90:90:3c:46:
ce:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:DA:C1:9E:C7:45:33:D8:BA:FB:43:D0:F6:EB:DC:08:6C:64:57:89
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/3drBnsdFM9i6-0PQ9uvcCGxkV4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:07:3b:fe:77:a8:c2:83:08:33:54:29:97:e4:d2:24:5f:7d:
c6:5c:6a:43:0b:78:69:3d:96:63:38:81:a5:f2:05:90:16:95:
39:ee:9f:2e:41:31:75:03:5e:ad:70:34:9d:8f:60:19:e1:c7:
69:59:f3:49:e8:a4:e0:7a:28:0a:9c:ee:60:e0:9b:58:39:cf:
40:df:e0:a8:66:41:e0:b3:9e:a8:16:fa:ed:d6:44:78:37:66:
57:87:e6:ba:89:cf:77:4f:85:c9:a3:fe:b7:b1:2d:e6:94:1c:
40:df:26:b0:59:e1:e1:a1:8e:a6:3d:ed:89:27:3a:60:b0:e3:
bd:7e:00:ea:be:0b:17:87:b2:93:19:9d:2b:c3:84:43:20:1b:
67:23:08:74:f6:52:43:1b:1c:90:56:8e:a4:8a:fd:f2:30:72:
95:bc:0e:aa:43:30:73:28:35:d9:ad:7b:61:55:1f:1d:b7:51:
7b:c5:4d:19:59:a8:30:4e:7c:58:a5:9a:2e:01:d1:9e:9b:f6:
6b:4b:d4:fa:56:89:bf:52:66:a8:11:67:3f:6d:86:de:9f:0e:
71:77:9f:44:5f:22:55:20:c0:cf:4c:3d:b6:26:5d:d6:fa:48:
29:da:5b:66:b8:f8:73:62:f2:90:2a:39:cb:1c:98:21:09:d5:
38:d6:26:06
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpNBuTLYRwK0h5vd27vVmC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMTkxNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGRhYzE5ZWM3NDUzM2Q4YmFmYjQzZDBmNmViZGMwODZjNjQ1Nzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUwG8wNZDg3FkOZw5TApg//E8e/b
l5hJL1wp1su3ITCUNnJY7PRp+3rg/z9nlnfkSOtXMZ+MJewXpxzHT2Ke3q4mnTRA
9SEC/mfwIXkmmT++pIWNma5cd73Kt3sCmqIl5Fd4wcg2rJjkylvLw9zdClGb3glo
rjgmeFCTDOG5ifmqXX7bkTnZF57NccpvOQbZcR5WopjEkflK/9wRKYli0sbwXHWD
IdeawlBqBVmpu3vd8uzZm12wOIws6qynZQVUVmDuPW++bV6eB8pUJCpK3zYofc6W
Qqk1Wmf4kl8YONXP0dYg9U8XrBwFUXGv1abByuc0RxuT7Rp34pCQPEbOlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN3awZ7HRTPYuvtD0Pbr3AhsZFeJMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvM2RyQm5zZEZNOWk2LTBQUTl1dmNDR3hrVjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAkHO/53qMKDCDNUKZfk
0iRffcZcakMLeGk9lmM4gaXyBZAWlTnuny5BMXUDXq1wNJ2PYBnhx2lZ80nopOB6
KAqc7mDgm1g5z0Df4KhmQeCznqgW+u3WRHg3ZleH5rqJz3dPhcmj/rexLeaUHEDf
JrBZ4eGhjqY97YknOmCw471+AOq+CxeHspMZnSvDhEMgG2cjCHT2UkMbHJBWjqSK
/fIwcpW8DqpDMHMoNdmte2FVHx23UXvFTRlZqDBOfFilmi4B0Z6b9mtL1PpWib9S
ZqgRZz9tht6fDnF3n0RfIlUgwM9MPbYmXdb6SCnaW2a4+HNi8pAqOcscmCEJ1TjW
JgY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:48 2025 by rpki-client