Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/G-MICXiBz6ZwjsWUhnXyIeTPbsc.roa
File: G-MICXiBz6ZwjsWUhnXyIeTPbsc.roa (raw, json)
Hash identifier: pzzHCRbwdniQv6rdEqddigrBPAEBsRW2P37LC+utLu8=
Subject key identifier: 1B:E3:08:09:78:81:CF:A6:70:8E:C5:94:86:75:F2:21:E4:CF:6E:C7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E423E558497947EAD4F5E2B374DBFEF91
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/G-MICXiBz6ZwjsWUhnXyIeTPbsc.roa
Signing time: Fri 15 Mar 2024 13:12:45 +0000
ROA not before: Fri 15 Mar 2024 13:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:3e:55:84:97:94:7e:ad:4f:5e:2b:37:4d:bf:ef:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 15 13:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1be308097881cfa6708ec5948675f221e4cf6ec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a0:89:b5:e7:8b:e4:26:96:b3:e8:82:6b:ca:
4c:73:a5:34:a4:f7:95:8c:19:71:10:3d:bf:d3:cd:
e9:33:ac:97:da:17:f5:26:81:a9:c6:21:9d:95:2e:
62:39:17:12:fa:e5:9f:03:d0:3c:15:0a:09:84:45:
66:bd:29:52:f1:28:4e:4a:9a:92:66:09:7c:c5:42:
e0:0a:5a:3b:08:74:3a:fa:64:2c:e8:1b:9b:4a:d2:
16:bb:a7:2b:07:30:ba:e9:ae:94:ce:95:85:f3:18:
7d:0e:8b:c1:dd:d6:20:e7:f1:11:cd:4a:0d:ce:ad:
54:2a:89:30:8b:56:40:04:75:79:69:c8:f5:5c:9d:
bf:c3:91:59:1f:1d:1b:ac:45:fe:ce:4c:d1:e2:54:
db:44:f0:ee:53:92:2a:cf:b0:df:af:1f:08:d8:c7:
7b:4f:c9:f2:b4:08:e9:ed:07:d1:5d:61:e7:24:be:
21:bd:2e:8f:41:56:7e:b4:ae:a0:7b:12:7f:23:c6:
72:72:7b:02:5f:fc:5c:76:29:53:0e:77:f3:94:fc:
62:02:90:22:88:05:3b:78:82:27:f6:a3:83:57:ab:
8c:80:50:d0:8a:2b:05:26:fc:c8:0c:59:c5:94:66:
ff:1d:d5:99:f6:ed:a1:83:82:fb:d6:f4:3c:6f:45:
4b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E3:08:09:78:81:CF:A6:70:8E:C5:94:86:75:F2:21:E4:CF:6E:C7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/G-MICXiBz6ZwjsWUhnXyIeTPbsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:b7:ab:fc:a2:86:14:02:5d:2b:45:8a:d4:7d:40:86:ee:7f:
0f:6d:05:5f:b6:41:4c:c9:1f:68:fa:a7:94:04:f5:a5:3d:6e:
f6:ae:a9:68:5f:40:ca:bf:af:82:67:e5:1f:a4:f5:21:e9:1e:
03:1e:57:01:65:e9:d7:78:98:d5:bf:63:d5:59:57:20:91:fa:
1f:61:6d:e1:da:e9:35:21:26:28:53:35:b6:38:d2:aa:ae:18:
c1:1c:cd:2c:8c:71:88:64:07:ff:e5:f9:bd:22:7b:93:ea:2b:
93:39:38:5a:b2:30:28:d5:e1:7b:73:e2:54:04:64:a4:c2:5e:
f9:7e:ca:3e:7d:cf:99:02:d2:91:df:94:17:91:0b:54:26:8f:
a9:5c:07:82:14:10:32:10:de:69:cc:63:00:c4:25:8a:aa:9f:
90:88:ea:e0:52:c3:bc:a4:74:c5:e6:1f:c4:4e:f1:e4:59:6c:
5a:34:74:bc:b8:d1:fc:c2:61:1d:80:ce:6f:0d:69:33:52:1d:
46:6b:8d:83:82:1c:ee:54:10:06:84:ff:c3:39:2a:63:8b:14:
57:ba:f6:7e:61:81:6f:01:1e:9a:98:09:4b:24:78:39:22:e8:
2b:d8:25:88:52:91:5f:0e:65:57:a4:27:be:d0:8e:f0:af:c0:
81:27:4a:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5CPlWEl5R+rU9eKzdNv++RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE1MTMxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmUzMDgwOTc4ODFjZmE2NzA4ZWM1OTQ4Njc1ZjIyMWU0Y2Y2ZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6CJteeL5CaWs+iCa8pMc6U0pPeV
jBlxED2/083pM6yX2hf1JoGpxiGdlS5iORcS+uWfA9A8FQoJhEVmvSlS8ShOSpqS
Zgl8xULgClo7CHQ6+mQs6BubStIWu6crBzC66a6UzpWF8xh9DovB3dYg5/ERzUoN
zq1UKokwi1ZABHV5acj1XJ2/w5FZHx0brEX+zkzR4lTbRPDuU5Iqz7Dfrx8I2Md7
T8nytAjp7QfRXWHnJL4hvS6PQVZ+tK6gexJ/I8ZycnsCX/xcdilTDnfzlPxiApAi
iAU7eIIn9qODV6uMgFDQiisFJvzIDFnFlGb/HdWZ9u2hg4L71vQ8b0VLqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBvjCAl4gc+mcI7FlIZ18iHkz27HMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRy1NSUNYaUJ6Nlp3anNXVWhuWHlJZVRQYnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHK3q/yihhQCXStFitR9
QIbufw9tBV+2QUzJH2j6p5QE9aU9bvauqWhfQMq/r4Jn5R+k9SHpHgMeVwFl6dd4
mNW/Y9VZVyCR+h9hbeHa6TUhJihTNbY40qquGMEczSyMcYhkB//l+b0ie5PqK5M5
OFqyMCjV4Xtz4lQEZKTCXvl+yj59z5kC0pHflBeRC1Qmj6lcB4IUEDIQ3mnMYwDE
JYqqn5CI6uBSw7ykdMXmH8RO8eRZbFo0dLy40fzCYR2Azm8NaTNSHUZrjYOCHO5U
EAaE/8M5KmOLFFe69n5hgW8BHpqYCUskeDki6CvYJYhSkV8OZVekJ77QjvCvwIEn
SlM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:45 2025 by rpki-client