Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/M3x4R3hIDx75MGKA83Qr-vCy1ww.roa
File: M3x4R3hIDx75MGKA83Qr-vCy1ww.roa (raw, json)
Hash identifier: 5X4rswQ3we09GKrBj9rDzNEI6XQvPjskdShHMNjcVXo=
Subject key identifier: 33:7C:78:47:78:48:0F:1E:F9:30:62:80:F3:74:2B:FA:F0:B2:D7:0C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D9249EFAF5171D6BD449E3408F335834B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/M3x4R3hIDx75MGKA83Qr-vCy1ww.roa
Signing time: Sat 10 Feb 2024 09:12:15 +0000
ROA not before: Sat 10 Feb 2024 09:12:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:92:49:ef:af:51:71:d6:bd:44:9e:34:08:f3:35:83:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 10 09:12:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=337c784778480f1ef9306280f3742bfaf0b2d70c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:87:18:98:15:7f:68:47:7e:1f:33:ae:b0:9d:
ba:94:28:34:a1:f3:d5:16:6b:8f:e3:93:63:1f:2d:
a1:08:c7:62:b9:cc:e6:0f:63:0b:a5:32:24:c3:5b:
8a:31:ea:6b:3a:24:d4:11:8b:d0:54:c6:7b:c3:f1:
27:b9:12:6d:ea:29:72:ea:db:f7:7e:d3:33:34:a3:
19:0b:fa:4e:55:28:d0:96:c5:fc:80:95:f3:9f:82:
ab:17:9d:c1:d0:c4:1f:a4:0b:50:13:fb:04:20:d5:
12:a8:d5:05:e3:37:d2:3a:02:0b:b5:14:d4:f2:dc:
53:0e:02:7f:33:2f:41:ee:75:88:36:cc:38:10:b7:
57:23:99:81:7c:90:e2:ea:a9:88:71:b7:c8:58:81:
80:99:0d:38:31:02:74:e7:1e:e8:49:d2:27:d9:a3:
7d:47:3f:56:cc:cd:f6:6b:b3:7b:ba:88:42:df:bb:
f0:6b:a6:64:2c:3d:ae:ca:dc:dc:16:79:01:76:30:
45:f1:fd:39:99:3e:10:a6:43:7b:43:0c:96:35:d8:
cb:bd:e0:23:ac:46:e6:93:73:9a:ba:8b:a4:66:b0:
c2:a2:c7:71:b3:98:ed:74:2d:20:a9:da:8f:1e:f1:
b5:d7:3d:60:dd:c5:6c:84:78:d7:05:0d:8d:6f:72:
b0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:7C:78:47:78:48:0F:1E:F9:30:62:80:F3:74:2B:FA:F0:B2:D7:0C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/M3x4R3hIDx75MGKA83Qr-vCy1ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1f:37:fe:f7:03:23:9d:1e:91:64:ba:cb:b7:c5:46:65:f0:c1:
57:a3:93:55:fe:03:7c:15:de:13:49:65:9b:ca:46:a0:5a:e2:
19:37:14:cf:94:5d:ed:3f:64:0c:a5:cf:66:e7:9b:6d:46:be:
01:9f:ca:ac:c2:dd:73:e2:a2:3b:4b:b0:bf:aa:9c:4e:84:b0:
3d:31:94:b7:d0:48:25:61:29:0e:c2:69:01:ae:9a:9a:94:82:
0a:b2:f3:b4:20:84:33:d9:7e:85:c4:f0:12:5b:b5:68:02:d0:
c5:70:78:56:33:5d:a0:16:75:f3:69:48:e5:1b:14:91:a9:4c:
33:e3:ad:55:10:c1:1f:32:40:c5:a6:b1:91:a2:73:df:f5:43:
a0:39:a3:18:4d:d3:52:2e:e6:ec:5b:fe:cd:98:fb:ff:1f:57:
4f:da:43:96:4f:ee:c9:2a:a0:86:81:f7:28:6b:73:a1:15:cb:
bc:eb:c3:ad:25:c9:35:33:3f:55:ab:1f:a4:42:5e:e4:0f:96:
f9:cc:74:96:3a:38:d8:36:59:36:af:6a:48:17:c8:33:62:88:
8b:b6:c0:49:87:39:e6:35:d3:8e:a1:09:bf:76:4c:b6:99:df:
eb:85:6a:14:42:3b:39:9d:d5:c8:a2:e4:4a:ff:3c:e8:f1:5d:
63:62:e9:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2SSe+vUXHWvUSeNAjzNYNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEwMDkxMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzdjNzg0Nzc4NDgwZjFlZjkzMDYyODBmMzc0MmJmYWYwYjJkNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIcYmBV/aEd+HzOusJ26lCg0ofPV
FmuP45NjHy2hCMdiuczmD2MLpTIkw1uKMeprOiTUEYvQVMZ7w/EnuRJt6ily6tv3
ftMzNKMZC/pOVSjQlsX8gJXzn4KrF53B0MQfpAtQE/sEINUSqNUF4zfSOgILtRTU
8txTDgJ/My9B7nWINsw4ELdXI5mBfJDi6qmIcbfIWIGAmQ04MQJ05x7oSdIn2aN9
Rz9WzM32a7N7uohC37vwa6ZkLD2uytzcFnkBdjBF8f05mT4QpkN7QwyWNdjLveAj
rEbmk3OauoukZrDCosdxs5jtdC0gqdqPHvG11z1g3cVshHjXBQ2Nb3KwBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDN8eEd4SA8e+TBigPN0K/rwstcMMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTTN4NFIzaElEeDc1TUdLQTgzUXItdkN5MXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB83/vcDI50ekWS6y7fF
RmXwwVejk1X+A3wV3hNJZZvKRqBa4hk3FM+UXe0/ZAylz2bnm21GvgGfyqzC3XPi
ojtLsL+qnE6EsD0xlLfQSCVhKQ7CaQGumpqUggqy87QghDPZfoXE8BJbtWgC0MVw
eFYzXaAWdfNpSOUbFJGpTDPjrVUQwR8yQMWmsZGic9/1Q6A5oxhN01Iu5uxb/s2Y
+/8fV0/aQ5ZP7skqoIaB9yhrc6EVy7zrw60lyTUzP1WrH6RCXuQPlvnMdJY6ONg2
WTavakgXyDNiiIu2wEmHOeY1046hCb92TLaZ3+uFahRCOzmd1cii5Er/POjxXWNi
6R8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:32 2025 by rpki-client