Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-mlIm8biBOwu4zmQsg_Q3Ht4SM.roa
File: 1-mlIm8biBOwu4zmQsg_Q3Ht4SM.roa (raw, json)
Hash identifier: B+F6237pwllScYp0521viCDfIlneejJb3tBsKvXJ+/s=
Subject key identifier: D7:E9:A5:22:6F:1B:88:13:B0:BB:8C:E6:42:C8:3F:43:71:ED:E1:23
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E17FAE05BB9A08B6C8C1F7E649B777877
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-mlIm8biBOwu4zmQsg_Q3Ht4SM.roa
Signing time: Thu 07 Mar 2024 08:15:01 +0000
ROA not before: Thu 07 Mar 2024 08:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:17:fa:e0:5b:b9:a0:8b:6c:8c:1f:7e:64:9b:77:78:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 7 08:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7e9a5226f1b8813b0bb8ce642c83f4371ede123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:20:38:0d:87:b2:50:c7:d1:0b:84:8b:b4:de:
75:ce:b7:a0:d0:1b:df:da:1d:92:94:eb:d7:a7:ac:
ca:9a:65:02:b4:61:c9:f7:75:f6:53:00:77:70:43:
c7:bc:fe:58:e1:46:cd:e9:db:e2:8c:33:cc:ae:a5:
68:94:0b:48:84:7d:c6:9d:e5:f2:91:f2:7f:15:d6:
3b:6b:fb:4c:bc:33:42:a6:f9:e1:e1:14:62:de:46:
f4:0e:03:db:86:b8:a3:8b:b0:c5:15:4d:d9:1a:38:
79:0d:dc:8a:e8:93:bb:d1:00:ba:7f:21:6d:88:c1:
8f:c5:20:a3:b3:40:5d:fe:ef:92:fe:7a:e3:a5:01:
de:f8:96:32:78:0d:de:00:f0:67:57:34:e4:de:5a:
da:c6:d5:b7:9a:14:65:4c:3d:27:f0:43:d3:21:aa:
17:34:7a:47:2c:7b:82:c5:29:9f:c8:dc:01:ad:6a:
93:67:db:66:c0:35:29:d3:2b:ff:57:1b:0d:67:4c:
2e:a6:fa:24:b8:ca:23:b4:b7:eb:f1:bc:d1:8f:fb:
06:ca:52:4c:71:27:83:fe:95:29:6c:a4:a8:03:02:
55:03:be:e1:cc:63:0f:18:e0:56:3e:f2:53:ac:13:
27:c7:f6:c9:f6:29:b9:ec:c4:f2:57:72:28:fb:f9:
8c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E9:A5:22:6F:1B:88:13:B0:BB:8C:E6:42:C8:3F:43:71:ED:E1:23
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-mlIm8biBOwu4zmQsg_Q3Ht4SM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:da:be:7d:ce:29:08:40:cc:5a:9b:85:4c:c9:93:7e:03:28:
e2:c1:7c:ed:d0:47:d1:1e:b6:f1:a8:05:0f:35:2b:c3:c7:d2:
8f:55:52:c4:8e:2e:ac:c0:09:8e:3d:d3:bb:ca:3b:fc:34:19:
d4:f3:3a:2c:2a:5a:b1:4e:5d:ee:0c:94:ae:df:93:9e:3d:7c:
a8:a9:c8:99:d1:3a:47:aa:f0:86:d4:8d:7c:e2:7d:9a:4e:22:
ee:9d:41:72:90:4a:46:40:0c:04:2c:25:44:7d:fa:5a:0e:08:
1e:3b:a1:4a:01:51:53:9c:f4:2d:4d:91:d8:0b:43:42:bf:51:
b8:1c:1e:c3:6a:a2:23:14:a8:de:5a:6d:4c:ec:45:f7:ff:25:
51:74:d5:f5:dd:d9:58:09:0f:fa:44:ce:30:35:f7:a6:3a:87:
f9:e9:42:13:3d:4c:1a:fb:12:93:d6:38:7d:6a:14:26:8a:43:
5e:13:5f:fa:e0:31:86:50:13:af:7f:71:0f:c8:11:fc:9f:8d:
fa:9f:e5:51:4b:52:4f:2e:05:3b:cc:a8:85:ac:16:cc:98:1b:
fe:21:24:0f:0d:88:b9:e0:ed:cd:61:3d:83:43:98:18:bb:ab:
62:6d:23:84:6c:9d:2b:13:1c:b3:1a:a7:ee:ab:9e:90:d8:f4:
36:a9:16:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4X+uBbuaCLbIwffmSbd3h3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA3MDgxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2U5YTUyMjZmMWI4ODEzYjBiYjhjZTY0MmM4M2Y0MzcxZWRlMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCA4DYeyUMfRC4SLtN51zreg0Bvf
2h2SlOvXp6zKmmUCtGHJ93X2UwB3cEPHvP5Y4UbN6dvijDPMrqVolAtIhH3GneXy
kfJ/FdY7a/tMvDNCpvnh4RRi3kb0DgPbhriji7DFFU3ZGjh5DdyK6JO70QC6fyFt
iMGPxSCjs0Bd/u+S/nrjpQHe+JYyeA3eAPBnVzTk3lraxtW3mhRlTD0n8EPTIaoX
NHpHLHuCxSmfyNwBrWqTZ9tmwDUp0yv/VxsNZ0wupvokuMojtLfr8bzRj/sGylJM
cSeD/pUpbKSoAwJVA77hzGMPGOBWPvJTrBMnx/bJ9im57MTyV3Io+/mM3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNfppSJvG4gTsLuM5kLIP0Nx7eEjMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS1tbEltOGJpQk93dTR6bVFzZ19RM0h0NFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKTavn3OKQhAzFqbhUzJ
k34DKOLBfO3QR9EetvGoBQ81K8PH0o9VUsSOLqzACY4907vKO/w0GdTzOiwqWrFO
Xe4MlK7fk549fKipyJnROkeq8IbUjXzifZpOIu6dQXKQSkZADAQsJUR9+loOCB47
oUoBUVOc9C1NkdgLQ0K/UbgcHsNqoiMUqN5abUzsRff/JVF01fXd2VgJD/pEzjA1
96Y6h/npQhM9TBr7EpPWOH1qFCaKQ14TX/rgMYZQE69/cQ/IEfyfjfqf5VFLUk8u
BTvMqIWsFsyYG/4hJA8NiLng7c1hPYNDmBi7q2JtI4RsnSsTHLMap+6rnpDY9Dap
Fk8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:17:00 2025 by rpki-client