Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8M9xGLO-9d-OervPeccy0UGn_iU.roa
File: 8M9xGLO-9d-OervPeccy0UGn_iU.roa (raw, json)
Hash identifier: Ix1eTRuQHJMWxHUa/uYcgNfrwlRNm8Mmhsut/Gd6vsk=
Subject key identifier: F0:CF:71:18:B3:BE:F5:DF:8E:7A:BB:CF:79:C7:32:D1:41:A7:FE:25
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D5BFFAF1347734EEE369CAB48154A1DB2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8M9xGLO-9d-OervPeccy0UGn_iU.roa
Signing time: Tue 30 Jan 2024 20:11:39 +0000
ROA not before: Tue 30 Jan 2024 20:11:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5b:ff:af:13:47:73:4e:ee:36:9c:ab:48:15:4a:1d:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 30 20:11:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0cf7118b3bef5df8e7abbcf79c732d141a7fe25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7a:28:62:25:3c:bb:36:d2:e9:1d:f5:63:75:
5b:1d:cc:b9:bc:65:a1:5f:75:15:51:22:e8:4f:33:
cf:44:44:4c:b9:38:03:09:46:c4:c2:18:36:48:a5:
46:3f:18:a9:b7:d4:6f:bc:c8:e0:99:9d:87:32:f5:
dc:35:38:f1:be:29:1c:7c:24:96:29:60:75:4d:1c:
61:df:69:fd:02:65:a1:d7:cd:53:65:0f:c9:2a:b0:
cd:3f:50:41:6a:06:c9:ec:2f:f0:25:d9:bc:65:39:
dd:ab:b4:47:9d:cc:a2:fe:13:46:6c:f1:ff:d3:a2:
e8:6c:92:82:0f:be:89:0e:25:2a:1f:58:b4:76:39:
55:4e:bf:1d:c8:24:12:c3:c5:5c:4b:24:37:30:70:
8b:32:cd:50:52:7d:0d:c9:c6:70:d4:9e:26:da:ac:
85:ae:34:be:5e:c0:a8:98:9e:14:52:e0:6e:a8:69:
77:a4:38:d7:e2:63:d3:fc:a2:5a:ee:37:f4:22:84:
21:ee:f4:d7:55:a2:f9:f7:de:d4:37:b7:b6:0e:85:
aa:76:b0:59:bb:d4:51:2e:6e:8a:d9:7d:3d:2b:96:
35:88:c1:67:7d:47:d3:c0:99:dc:c3:9e:dc:2f:9f:
c5:c0:e6:60:5d:c9:ef:18:55:63:8c:61:04:a1:55:
9c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:CF:71:18:B3:BE:F5:DF:8E:7A:BB:CF:79:C7:32:D1:41:A7:FE:25
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8M9xGLO-9d-OervPeccy0UGn_iU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:67:10:7b:75:95:75:d4:a0:c0:6c:7e:03:68:d5:9e:d7:dd:
dd:b0:bd:ee:3c:1e:87:5c:d7:4e:dc:3d:e6:f6:ac:41:f2:ec:
bc:7a:1c:fb:cc:4d:04:cd:d8:94:7f:6a:64:56:df:ad:4f:70:
30:cb:11:a5:0a:2a:87:5d:7b:8d:68:fe:9f:07:7a:56:fe:62:
ac:0e:56:c3:9d:ff:92:d4:e9:be:dd:f3:d8:be:f0:ca:76:6a:
5b:90:21:2e:bf:e1:b9:d9:58:e4:1c:3f:6f:b1:23:d7:7f:62:
69:83:03:d1:b8:45:29:cc:86:c4:ec:72:03:5e:df:04:89:e2:
a2:e3:cc:be:fc:7f:81:84:43:44:e0:ed:d0:c6:1e:c7:50:95:
6b:0d:ae:bc:ef:e2:be:80:92:b0:9a:b9:40:f3:67:c8:80:92:
32:f0:c3:f2:06:37:5a:97:ae:e0:4b:32:f6:30:7f:9e:57:d0:
2a:63:26:f5:02:5b:30:d6:aa:c8:12:07:45:72:fb:9b:97:de:
de:40:17:ae:ce:6e:4c:11:f3:65:20:b1:3a:11:6a:e3:f6:6b:
ec:ff:39:64:36:8c:d3:c4:1a:4c:8e:6a:fe:d0:49:a0:5a:2e:
d5:5f:31:1b:67:04:60:30:a0:04:56:6a:c7:db:56:2c:df:44:
bf:e8:d4:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1b/68TR3NO7jacq0gVSh2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTMwMjAxMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGNmNzExOGIzYmVmNWRmOGU3YWJiY2Y3OWM3MzJkMTQxYTdmZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHooYiU8uzbS6R31Y3VbHcy5vGWh
X3UVUSLoTzPPRERMuTgDCUbEwhg2SKVGPxipt9RvvMjgmZ2HMvXcNTjxvikcfCSW
KWB1TRxh32n9AmWh181TZQ/JKrDNP1BBagbJ7C/wJdm8ZTndq7RHncyi/hNGbPH/
06LobJKCD76JDiUqH1i0djlVTr8dyCQSw8VcSyQ3MHCLMs1QUn0NycZw1J4m2qyF
rjS+XsComJ4UUuBuqGl3pDjX4mPT/KJa7jf0IoQh7vTXVaL5997UN7e2DoWqdrBZ
u9RRLm6K2X09K5Y1iMFnfUfTwJncw57cL5/FwOZgXcnvGFVjjGEEoVWcpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPDPcRizvvXfjnq7z3nHMtFBp/4lMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOE05eEdMTy05ZC1PZXJ2UGVjY3kwVUduX2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB5nEHt1lXXUoMBsfgNo
1Z7X3d2wve48Hodc107cPeb2rEHy7Lx6HPvMTQTN2JR/amRW361PcDDLEaUKKodd
e41o/p8Helb+YqwOVsOd/5LU6b7d89i+8Mp2aluQIS6/4bnZWOQcP2+xI9d/YmmD
A9G4RSnMhsTscgNe3wSJ4qLjzL78f4GEQ0Tg7dDGHsdQlWsNrrzv4r6AkrCauUDz
Z8iAkjLww/IGN1qXruBLMvYwf55X0CpjJvUCWzDWqsgSB0Vy+5uX3t5AF67ObkwR
82UgsToRauP2a+z/OWQ2jNPEGkyOav7QSaBaLtVfMRtnBGAwoARWasfbVizfRL/o
1Fo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:58:57 2025 by rpki-client