Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/M_hr1mEpfTh35RA0Qdx-UQXCPeg.roa
File: M_hr1mEpfTh35RA0Qdx-UQXCPeg.roa (raw, json)
Hash identifier: 5EnJuLcyli0mT4VifOmtCgfHZWEmqO9e0N3JeD2UMvE=
Subject key identifier: 33:F8:6B:D6:61:29:7D:38:77:E5:10:34:41:DC:7E:51:05:C2:3D:E8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D2D32AC64021F6656B61FD75DC4C6B491
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/M_hr1mEpfTh35RA0Qdx-UQXCPeg.roa
Signing time: Sun 21 Jan 2024 18:05:12 +0000
ROA not before: Sun 21 Jan 2024 18:05:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:2d31:e2b2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:32:ac:64:02:1f:66:56:b6:1f:d7:5d:c4:c6:b4:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 21 18:05:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33f86bd661297d3877e5103441dc7e5105c23de8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7b:6b:39:93:71:f2:41:5f:4f:c4:1a:67:8a:
d7:69:d9:f2:39:d6:1d:56:81:6e:e7:3e:13:fc:5f:
22:8f:51:71:e5:3b:87:d6:2d:b1:f7:ec:da:9d:27:
63:f5:e2:e5:32:d7:d0:dc:71:80:98:36:d6:19:b6:
a6:00:32:92:8b:51:64:57:17:f3:e0:32:73:c2:c2:
29:3c:6a:0a:e8:0c:6c:05:7b:a6:e7:51:6f:07:33:
cb:02:37:7c:55:cd:4b:ca:88:c2:5b:58:b0:42:76:
fb:7c:ef:3b:b9:b2:dd:c0:81:e8:a9:ec:a3:25:38:
8f:0f:8d:31:d5:f5:38:30:63:28:f9:32:95:49:11:
9c:18:0c:16:3e:b1:2e:6f:4c:bb:89:2f:bf:e5:a1:
38:11:bc:14:2c:de:cd:5f:a8:95:52:a1:3d:de:90:
40:47:74:4f:d4:54:af:01:41:0e:ba:c1:0a:20:57:
cc:24:a7:85:e9:c8:3d:14:dc:97:f5:cc:74:ae:68:
7d:72:5f:ac:f2:68:86:bd:c6:01:cd:62:ae:29:b9:
5c:03:9b:8e:05:23:4b:7b:1e:95:33:66:0b:bd:8a:
99:fd:3c:0c:fc:98:85:09:10:63:16:01:71:ed:65:
55:dc:5e:a8:1a:29:8c:85:12:cb:ce:fc:64:1f:3a:
e5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F8:6B:D6:61:29:7D:38:77:E5:10:34:41:DC:7E:51:05:C2:3D:E8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/M_hr1mEpfTh35RA0Qdx-UQXCPeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:8f:6d:37:c6:86:e3:ba:8d:ad:69:f8:43:6d:32:76:66:31:
f8:6c:cf:f0:7b:86:2e:8c:14:c9:f8:55:bd:f4:7f:af:a5:8b:
1c:97:a4:6e:e1:d7:f2:63:2c:54:7d:fb:43:23:fe:b4:73:7f:
ac:a1:e9:fd:20:f9:01:4f:a7:f0:a4:bf:7a:d6:4b:25:0e:63:
ab:df:28:7a:26:6a:52:9d:c5:f1:95:6e:92:36:a1:10:6a:74:
b2:be:5d:f0:a4:8a:0c:8f:aa:28:92:7e:97:2b:c4:cb:58:19:
e7:5f:58:65:f9:4e:4b:41:d6:21:1f:c6:e7:ba:31:f2:ea:07:
77:1e:bb:1e:46:99:1e:91:c4:55:70:c5:99:14:87:42:be:73:
88:f2:70:53:d6:22:4f:e3:2d:23:ae:a8:5b:7a:db:ea:57:0f:
d9:48:14:80:f8:df:03:55:68:37:ed:36:08:95:88:02:e3:42:
35:5e:47:57:7b:58:ad:8e:c9:38:38:99:70:ef:9b:44:82:c5:
63:40:b6:ef:dc:3b:3b:37:93:7a:ce:ac:a0:e7:ff:67:d5:0a:
ef:fa:b1:2e:08:1d:f8:98:27:6e:18:e7:01:b1:58:35:fb:70:
77:33:9e:e5:35:c6:8e:78:ad:e0:f0:d4:33:c7:3c:a3:60:e2:
fc:5a:f3:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0tMqxkAh9mVrYf113ExrSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIxMTgwNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Y4NmJkNjYxMjk3ZDM4NzdlNTEwMzQ0MWRjN2U1MTA1YzIzZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHtrOZNx8kFfT8QaZ4rXadnyOdYd
VoFu5z4T/F8ij1Fx5TuH1i2x9+zanSdj9eLlMtfQ3HGAmDbWGbamADKSi1FkVxfz
4DJzwsIpPGoK6AxsBXum51FvBzPLAjd8Vc1LyojCW1iwQnb7fO87ubLdwIHoqeyj
JTiPD40x1fU4MGMo+TKVSRGcGAwWPrEub0y7iS+/5aE4EbwULN7NX6iVUqE93pBA
R3RP1FSvAUEOusEKIFfMJKeF6cg9FNyX9cx0rmh9cl+s8miGvcYBzWKuKblcA5uO
BSNLex6VM2YLvYqZ/TwM/JiFCRBjFgFx7WVV3F6oGimMhRLLzvxkHzrlTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDP4a9ZhKX04d+UQNEHcflEFwj3oMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTV9ocjFtRXBmVGgzNVJBMFFkeC1VUVhDUGVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIePbTfGhuO6ja1p+ENt
MnZmMfhsz/B7hi6MFMn4Vb30f6+lixyXpG7h1/JjLFR9+0Mj/rRzf6yh6f0g+QFP
p/Ckv3rWSyUOY6vfKHomalKdxfGVbpI2oRBqdLK+XfCkigyPqiiSfpcrxMtYGedf
WGX5TktB1iEfxue6MfLqB3ceux5GmR6RxFVwxZkUh0K+c4jycFPWIk/jLSOuqFt6
2+pXD9lIFID43wNVaDftNgiViALjQjVeR1d7WK2OyTg4mXDvm0SCxWNAtu/cOzs3
k3rOrKDn/2fVCu/6sS4IHfiYJ24Y5wGxWDX7cHcznuU1xo54reDw1DPHPKNg4vxa
8wE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:18:16 2025 by rpki-client