Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2MFTvpiklIQmgXS6YsebeD38yxg.roa
File: 2MFTvpiklIQmgXS6YsebeD38yxg.roa (raw, json)
Hash identifier: X4KprvT4fkUdSIHaMWzflljysCvVOhNxXSLcWV1tuic=
Subject key identifier: D8:C1:53:BE:98:A4:94:84:26:81:74:BA:62:C7:9B:78:3D:FC:CB:18
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E2BAF91B338AE441FA277FC4FD491E1EF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2MFTvpiklIQmgXS6YsebeD38yxg.roa
Signing time: Mon 11 Mar 2024 04:05:10 +0000
ROA not before: Mon 11 Mar 2024 04:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:2bae:e414/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2b:af:91:b3:38:ae:44:1f:a2:77:fc:4f:d4:91:e1:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 11 04:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8c153be98a49484268174ba62c79b783dfccb18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:40:34:89:b7:26:08:85:9a:25:fe:66:ff:4b:
f2:44:01:83:79:92:d7:fc:32:2c:f2:e5:ee:86:77:
6e:fb:74:46:8a:63:8c:21:29:06:da:67:03:04:56:
e8:5d:ec:db:b5:c1:8f:e4:58:d0:11:6a:27:6a:cf:
83:df:72:87:27:c1:83:a8:81:9f:f2:ab:72:6e:62:
6e:d7:93:c5:eb:f9:ea:58:eb:b8:d9:0a:88:0c:c0:
08:c0:f7:7b:79:de:97:f8:2c:76:a8:9a:52:75:12:
69:8a:20:2f:98:b2:2c:67:61:39:72:fb:f9:22:ca:
15:22:a3:27:bc:eb:8e:6c:97:a1:fe:61:51:af:95:
8f:f9:da:9a:06:bb:cb:f5:3c:04:4d:ad:58:db:ed:
8b:96:05:fb:7c:b0:95:d6:98:67:ae:61:45:29:4c:
85:19:5b:56:71:d7:33:5e:b2:cd:bd:77:43:d4:08:
4b:c3:59:f6:9e:d5:08:0b:c5:d3:86:7d:ee:28:e6:
8b:ac:4d:ba:3d:a1:65:61:7c:d8:37:9f:eb:df:79:
90:84:4f:bc:92:51:d5:a5:1c:d9:4e:58:d4:4b:7c:
1a:97:e0:dd:0a:56:47:41:50:9d:12:54:54:58:57:
01:07:53:8e:12:6f:54:60:b2:fc:75:2d:97:16:85:
00:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:C1:53:BE:98:A4:94:84:26:81:74:BA:62:C7:9B:78:3D:FC:CB:18
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2MFTvpiklIQmgXS6YsebeD38yxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:0a:36:cb:7f:57:58:ab:4f:26:f8:55:18:49:44:f6:e4:81:
e2:da:12:34:1a:cf:f4:bb:db:bf:6a:68:6d:87:68:e8:e8:7c:
78:83:d7:54:ae:ca:30:cd:00:f4:9f:69:8f:b8:2a:7f:81:00:
e5:46:ba:ae:55:55:88:99:2d:d7:f0:74:12:d3:15:e6:b8:25:
31:a4:b8:40:37:88:a8:fb:10:e8:5b:da:c3:9f:e5:b8:f7:af:
66:91:16:b9:52:27:e0:98:4f:c8:29:76:46:2e:d5:db:4c:e4:
31:12:e2:5b:a3:a0:7e:d0:29:f6:fe:95:7b:8f:a2:bc:ff:49:
33:1f:7c:ce:dc:cd:d5:7c:2b:b5:2f:19:e6:1c:d1:f0:62:b3:
34:fe:c3:b5:9b:24:bb:0a:36:67:bb:af:21:6d:85:a7:a9:71:
32:b2:44:71:f5:a7:df:b7:0d:41:e5:f3:15:27:d4:0c:c4:79:
26:25:04:81:48:ad:08:58:65:4e:a9:a8:d2:5f:63:83:f8:63:
06:08:71:e4:21:ac:b2:f4:ca:5e:61:20:2f:68:be:22:dd:c4:
00:fd:f5:58:89:2c:d4:d0:67:d6:b7:0c:3d:7d:d1:c9:c6:b9:
81:6c:35:c0:f9:dc:b7:67:b7:16:b4:17:54:e8:0a:22:94:49:
c0:66:b4:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4rr5GzOK5EH6J3/E/UkeHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzExMDQwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGMxNTNiZTk4YTQ5NDg0MjY4MTc0YmE2MmM3OWI3ODNkZmNjYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEA0ibcmCIWaJf5m/0vyRAGDeZLX
/DIs8uXuhndu+3RGimOMISkG2mcDBFboXezbtcGP5FjQEWonas+D33KHJ8GDqIGf
8qtybmJu15PF6/nqWOu42QqIDMAIwPd7ed6X+Cx2qJpSdRJpiiAvmLIsZ2E5cvv5
IsoVIqMnvOuObJeh/mFRr5WP+dqaBrvL9TwETa1Y2+2LlgX7fLCV1phnrmFFKUyF
GVtWcdczXrLNvXdD1AhLw1n2ntUIC8XThn3uKOaLrE26PaFlYXzYN5/r33mQhE+8
klHVpRzZTljUS3wal+DdClZHQVCdElRUWFcBB1OOEm9UYLL8dS2XFoUAAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNjBU76YpJSEJoF0umLHm3g9/MsYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMk1GVHZwaWtsSVFtZ1hTNllzZWJlRDM4eXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADgKNst/V1irTyb4VRhJ
RPbkgeLaEjQaz/S7279qaG2HaOjofHiD11SuyjDNAPSfaY+4Kn+BAOVGuq5VVYiZ
LdfwdBLTFea4JTGkuEA3iKj7EOhb2sOf5bj3r2aRFrlSJ+CYT8gpdkYu1dtM5DES
4lujoH7QKfb+lXuPorz/STMffM7czdV8K7UvGeYc0fBiszT+w7WbJLsKNme7ryFt
haepcTKyRHH1p9+3DUHl8xUn1AzEeSYlBIFIrQhYZU6pqNJfY4P4YwYIceQhrLL0
yl5hIC9oviLdxAD99ViJLNTQZ9a3DD190cnGuYFsNcD53Ldntxa0F1ToCiKUScBm
tOY=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:15:17 2025 by rpki-client