Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MJrL22ybuUBUshVamY-w3CZxldM.roa
File: MJrL22ybuUBUshVamY-w3CZxldM.roa (raw, json)
Hash identifier: YfjMb1d79rexh/44UbEMZMrNTFGgp98kKVf2ww8J7j8=
Subject key identifier: 30:9A:CB:DB:6C:9B:B9:40:54:B2:15:5A:99:8F:B0:DC:26:71:95:D3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D19429A04E77A96AE539E445DB711AF43
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MJrL22ybuUBUshVamY-w3CZxldM.roa
Signing time: Wed 17 Jan 2024 21:10:11 +0000
ROA not before: Wed 17 Jan 2024 21:10:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:19:42:9a:04:e7:7a:96:ae:53:9e:44:5d:b7:11:af:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 17 21:10:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=309acbdb6c9bb94054b2155a998fb0dc267195d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:84:b4:6d:69:18:16:f9:c7:c8:83:f9:31:aa:
77:76:c0:67:6f:16:16:8b:a6:5b:5c:68:ff:35:61:
02:e4:41:48:e0:39:39:5a:40:f0:3e:57:56:83:d1:
5f:19:63:a4:b6:f5:89:89:c7:46:b6:b4:7d:85:2e:
b4:31:48:3d:b8:56:25:91:fc:18:38:38:b1:96:ef:
31:60:ff:b0:67:01:2a:3e:7d:e8:86:8c:cf:b0:64:
d4:62:1a:ba:c2:17:b1:fb:f9:e2:14:5d:6e:ae:fb:
d5:9a:de:d7:f7:f8:62:78:3a:d9:d5:fd:9f:85:47:
8a:53:ad:70:1c:5e:08:55:40:ef:37:4e:38:ee:ab:
89:1c:bb:3a:c1:14:7c:74:e4:40:52:5d:cf:c3:42:
fa:4b:55:7c:34:88:d9:31:2c:83:01:b5:af:17:df:
5e:ad:da:cc:f7:b2:7e:c4:a4:33:6c:87:6a:f0:8b:
7d:53:98:ea:7f:89:d2:a2:3d:5b:e2:10:f3:69:5e:
dd:ce:f9:f8:80:8d:a6:96:71:e2:a0:c8:c5:ef:a4:
bd:df:66:bc:09:02:f2:58:cd:f4:2c:71:27:26:63:
bc:13:8b:06:b6:c0:4f:88:bb:7c:9f:cf:df:51:64:
a1:0e:ae:a9:ab:0b:03:f4:61:be:aa:19:2f:57:6c:
f3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9A:CB:DB:6C:9B:B9:40:54:B2:15:5A:99:8F:B0:DC:26:71:95:D3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MJrL22ybuUBUshVamY-w3CZxldM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:21:c6:14:b1:40:5f:fa:39:44:4d:3d:b8:f4:ca:f6:9f:13:
fe:b9:af:8c:20:a8:7a:95:56:7b:1f:43:5d:be:38:e2:e7:9c:
30:7a:5d:ba:e7:dd:3f:aa:81:54:d4:b4:46:4a:4a:7c:61:16:
25:ae:1c:18:60:53:b1:7f:01:57:5e:58:5f:ed:36:1d:a6:23:
9a:89:93:72:f8:76:dd:27:5d:58:4d:dc:fc:5b:a4:98:a2:b5:
b3:96:c9:55:f0:db:ca:6c:85:9d:ae:89:99:56:47:5a:0f:7e:
7c:66:13:a4:59:43:95:a8:0c:13:a8:a6:df:d1:72:6d:88:25:
86:a5:97:1f:73:83:01:39:4f:da:92:e5:89:40:55:57:99:c4:
24:94:fd:7c:34:df:81:1e:12:4a:c3:76:f6:c1:5b:cb:73:90:
11:f5:e8:6f:55:46:1d:0a:e5:e0:bf:02:f5:38:7f:27:76:ec:
e1:90:c3:fd:83:8f:ce:76:94:2e:9a:b1:e8:c0:0a:9e:e7:9f:
c2:fd:c4:4c:2a:0e:ad:fd:61:69:f9:f7:c3:a0:34:f2:39:de:
e4:af:c6:f8:bb:ca:7c:12:55:db:7d:03:ba:d9:77:81:57:dc:
b5:b9:22:26:33:bf:c2:35:99:d5:f2:8a:47:11:14:95:42:41:
35:da:c2:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0ZQpoE53qWrlOeRF23Ea9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE3MjExMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDlhY2JkYjZjOWJiOTQwNTRiMjE1NWE5OThmYjBkYzI2NzE5NWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYS0bWkYFvnHyIP5Map3dsBnbxYW
i6ZbXGj/NWEC5EFI4Dk5WkDwPldWg9FfGWOktvWJicdGtrR9hS60MUg9uFYlkfwY
ODixlu8xYP+wZwEqPn3ohozPsGTUYhq6whex+/niFF1urvvVmt7X9/hieDrZ1f2f
hUeKU61wHF4IVUDvN0447quJHLs6wRR8dORAUl3Pw0L6S1V8NIjZMSyDAbWvF99e
rdrM97J+xKQzbIdq8It9U5jqf4nSoj1b4hDzaV7dzvn4gI2mlnHioMjF76S932a8
CQLyWM30LHEnJmO8E4sGtsBPiLt8n8/fUWShDq6pqwsD9GG+qhkvV2zzbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDCay9tsm7lAVLIVWpmPsNwmcZXTMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTUpyTDIyeWJ1VUJVc2hWYW1ZLXczQ1p4bGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFkhxhSxQF/6OURNPbj0
yvafE/65r4wgqHqVVnsfQ12+OOLnnDB6Xbrn3T+qgVTUtEZKSnxhFiWuHBhgU7F/
AVdeWF/tNh2mI5qJk3L4dt0nXVhN3PxbpJiitbOWyVXw28pshZ2uiZlWR1oPfnxm
E6RZQ5WoDBOopt/Rcm2IJYallx9zgwE5T9qS5YlAVVeZxCSU/Xw034EeEkrDdvbB
W8tzkBH16G9VRh0K5eC/AvU4fyd27OGQw/2Dj852lC6asejACp7nn8L9xEwqDq39
YWn598OgNPI53uSvxvi7ynwSVdt9A7rZd4FX3LW5IiYzv8I1mdXyikcRFJVCQTXa
wqM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:52:22 2025 by rpki-client