Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MOLGiVail6PpFBzdJLQSAc5cKhc.roa
File: MOLGiVail6PpFBzdJLQSAc5cKhc.roa (raw, json)
Hash identifier: /S1v72ajMfe2uguTppAoGNJVa2IcSWItzTM5XXuzBAk=
Subject key identifier: 30:E2:C6:89:56:A2:97:A3:E9:14:1C:DD:24:B4:12:01:CE:5C:2A:17
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E1C7348A84B7D1A22088FBD2D173648DA
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MOLGiVail6PpFBzdJLQSAc5cKhc.roa
Signing time: Fri 08 Mar 2024 05:05:01 +0000
ROA not before: Fri 08 Mar 2024 05:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:1c72:d219/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1c:73:48:a8:4b:7d:1a:22:08:8f:bd:2d:17:36:48:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 8 05:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30e2c68956a297a3e9141cdd24b41201ce5c2a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d2:dc:8f:2e:d0:09:eb:df:39:64:89:c6:43:
f2:73:bb:af:d8:71:04:62:6f:cc:e1:83:a0:6c:20:
8c:1c:5b:46:19:d4:cd:6a:df:a8:78:c8:2c:b4:53:
54:fe:b3:96:02:80:e6:19:18:8f:3d:c8:ad:4c:d1:
7c:3f:4a:12:3b:0b:db:bc:e5:7e:c5:4a:b4:12:68:
8a:95:c9:43:45:ec:9b:fc:d3:4f:8e:1a:47:7c:93:
65:87:67:14:b6:01:a5:8c:5e:5d:ef:e9:9a:2d:2f:
cb:b4:a6:18:ae:2d:a1:7d:7f:50:0d:a8:4d:0a:31:
9f:92:44:ad:89:4e:8c:35:e0:cf:b2:6d:6d:28:5c:
b8:66:04:6d:0c:f4:7b:7a:f9:c2:40:1b:3e:d5:7d:
9e:f3:4a:e0:c4:50:cd:17:2c:3f:14:12:82:e1:4f:
29:48:6a:fb:0e:64:26:d6:ef:58:90:a2:22:9a:86:
b5:5b:b4:33:d8:72:25:bd:64:9c:15:df:ec:c4:20:
01:e8:8d:4d:fa:68:1b:7e:5d:be:a6:b4:15:70:fb:
19:ce:2c:82:c6:5f:27:53:0a:d5:34:66:82:c0:be:
5a:f7:af:d3:1b:22:b9:1a:21:73:3d:69:b6:13:c1:
09:5f:78:83:56:6a:7b:c7:22:e9:10:5a:3d:74:8e:
89:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E2:C6:89:56:A2:97:A3:E9:14:1C:DD:24:B4:12:01:CE:5C:2A:17
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MOLGiVail6PpFBzdJLQSAc5cKhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
54:46:db:40:a0:71:47:44:1f:7e:b1:53:7b:de:82:f3:89:f8:
0b:a6:74:7c:1c:c4:68:2f:37:c8:4a:8c:ee:31:ef:98:41:57:
f0:bd:01:f3:53:db:dc:6c:c2:b6:2f:40:4b:dd:8d:18:59:96:
3a:29:e2:32:d3:9f:e9:4f:fa:55:9e:8b:d4:3d:60:d4:e8:ee:
24:dc:21:9f:3f:f9:59:13:41:b3:e0:9e:d0:0e:95:df:03:e2:
94:c6:9d:bd:b4:37:10:30:bc:d0:35:05:cd:22:7b:41:14:54:
6d:0f:96:3a:5a:b4:9f:5f:a3:4e:92:16:37:d7:85:c9:12:26:
7b:65:a1:7a:4d:bd:97:ac:07:42:03:4d:c7:df:d1:95:b6:93:
e8:0a:c2:1a:c7:65:36:84:db:ef:d4:9d:f7:75:fe:75:c5:d3:
2b:31:53:93:75:d1:28:1c:03:16:d5:c2:8c:29:64:8a:75:35:
06:0e:44:27:2d:29:fb:3c:70:68:a4:0b:81:e0:b1:c6:93:2a:
3e:d7:30:b8:48:80:db:c7:cc:5c:c9:e6:a4:30:c8:09:6b:3e:
da:54:73:f2:c8:a4:5d:b6:f6:d8:70:57:f6:dc:81:91:29:9d:
06:30:00:39:b2:ea:b1:53:9d:8e:a1:71:74:14:75:92:43:ef:
9a:93:ff:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4cc0ioS30aIgiPvS0XNkjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA4MDUwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGUyYzY4OTU2YTI5N2EzZTkxNDFjZGQyNGI0MTIwMWNlNWMyYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09Lcjy7QCevfOWSJxkPyc7uv2HEE
Ym/M4YOgbCCMHFtGGdTNat+oeMgstFNU/rOWAoDmGRiPPcitTNF8P0oSOwvbvOV+
xUq0EmiKlclDReyb/NNPjhpHfJNlh2cUtgGljF5d7+maLS/LtKYYri2hfX9QDahN
CjGfkkStiU6MNeDPsm1tKFy4ZgRtDPR7evnCQBs+1X2e80rgxFDNFyw/FBKC4U8p
SGr7DmQm1u9YkKIimoa1W7Qz2HIlvWScFd/sxCAB6I1N+mgbfl2+prQVcPsZziyC
xl8nUwrVNGaCwL5a96/TGyK5GiFzPWm2E8EJX3iDVmp7xyLpEFo9dI6JbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDDixolWopej6RQc3SS0EgHOXCoXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTU9MR2lWYWlsNlBwRkJ6ZEpMUVNBYzVjS2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFRG20CgcUdEH36xU3ve
gvOJ+AumdHwcxGgvN8hKjO4x75hBV/C9AfNT29xswrYvQEvdjRhZljop4jLTn+lP
+lWei9Q9YNTo7iTcIZ8/+VkTQbPgntAOld8D4pTGnb20NxAwvNA1Bc0ie0EUVG0P
ljpatJ9fo06SFjfXhckSJntloXpNvZesB0IDTcff0ZW2k+gKwhrHZTaE2+/Unfd1
/nXF0ysxU5N10SgcAxbVwowpZIp1NQYORCctKfs8cGikC4HgscaTKj7XMLhIgNvH
zFzJ5qQwyAlrPtpUc/LIpF229thwV/bcgZEpnQYwADmy6rFTnY6hcXQUdZJD75qT
/40=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:46 2025 by rpki-client