Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Ma3lXVzOb6liY7Bhe6aYtxl_pX4.roa
File: Ma3lXVzOb6liY7Bhe6aYtxl_pX4.roa (raw, json)
Hash identifier: voBdBc1NBAxkWiUB/+A0ALN0LOtXM94Z0olzv5QISp0=
Subject key identifier: 31:AD:E5:5D:5C:CE:6F:A9:62:63:B0:61:7B:A6:98:B7:19:7F:A5:7E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D3CE4EA1937C2D068E48F7DECEBC2E6C9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Ma3lXVzOb6liY7Bhe6aYtxl_pX4.roa
Signing time: Wed 24 Jan 2024 19:14:11 +0000
ROA not before: Wed 24 Jan 2024 19:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3c:e4:ea:19:37:c2:d0:68:e4:8f:7d:ec:eb:c2:e6:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 24 19:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31ade55d5cce6fa96263b0617ba698b7197fa57e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f1:db:ab:ec:d0:c4:08:40:a0:76:5d:c9:d8:
30:dc:42:20:bf:08:8a:02:6a:72:71:22:fe:ac:38:
8e:c8:27:10:04:2b:85:c2:2d:70:fc:d2:c7:f4:c7:
f8:1c:7a:a9:ac:1f:4c:d6:ce:88:b9:81:cd:5d:25:
12:a9:a4:1b:97:4c:ad:dd:4e:bb:2f:5e:f4:e0:e7:
f7:e3:b0:5d:d0:93:be:95:13:1c:da:6b:5a:ee:fe:
87:00:0a:64:8f:31:c0:68:e0:73:43:39:7f:2b:0a:
cb:2c:e0:76:24:53:f3:81:4c:ab:48:d1:91:31:25:
3b:de:82:48:41:de:3c:03:7c:d4:94:85:37:a3:5a:
7e:e9:d0:00:d7:41:0c:2f:ad:67:6a:84:95:d3:e3:
11:81:84:26:ba:21:e4:16:6c:73:17:9b:57:a6:d6:
ff:34:12:00:33:71:75:5d:e7:e6:d0:27:3e:e8:52:
a2:44:14:3e:97:ee:3f:1c:e6:ad:c1:56:e7:95:14:
fc:eb:5e:5c:de:f8:60:5a:9a:05:ab:44:66:a2:03:
e5:aa:00:6d:c5:26:73:c9:46:54:69:7b:7d:5a:41:
25:87:8b:de:b8:43:58:2e:14:3a:93:30:6c:aa:47:
5f:df:42:19:26:e9:14:4c:14:ce:f8:d8:81:f4:2f:
f1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:AD:E5:5D:5C:CE:6F:A9:62:63:B0:61:7B:A6:98:B7:19:7F:A5:7E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Ma3lXVzOb6liY7Bhe6aYtxl_pX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:ba:c0:de:a2:85:5a:3b:c2:b3:02:9d:86:54:75:6a:21:2d:
7b:da:fe:61:b9:c6:01:69:48:f9:dd:56:8c:a2:c4:84:6d:e8:
ec:7b:18:d7:f1:09:62:f7:6b:17:20:d9:43:77:3a:4e:39:2b:
8a:8d:b6:0f:7e:03:b9:be:4b:52:45:0b:b0:8c:78:11:ac:9c:
08:ee:ef:66:09:34:d6:ef:91:2c:2c:17:ae:f0:f6:81:da:0d:
ee:70:04:cc:5f:e3:1d:d7:ed:88:40:cf:37:f7:36:31:d7:a5:
bc:b8:2a:8e:d8:f7:7a:e9:fa:12:0a:5d:15:fd:fd:dc:9f:eb:
8e:11:24:ae:e5:a8:62:c0:ae:d1:4f:cf:7d:97:e9:45:61:11:
cd:08:61:94:c0:f5:5d:49:44:f2:de:bc:2a:79:a1:fa:96:75:
50:47:e4:c3:17:e1:a6:1b:c4:0f:73:29:1a:fe:75:6d:54:0c:
3b:d8:47:ea:4f:3a:b8:0d:fa:a9:8e:a9:96:e2:10:0c:4e:a7:
a1:00:46:f6:01:a8:53:d3:c9:f4:65:d3:a2:2c:7a:f1:ba:e2:
a4:02:2b:ce:cf:0b:fa:78:bf:4a:5f:5e:95:1c:b6:81:8e:d8:
6b:eb:39:42:74:1c:ff:4b:46:a6:2d:df:c3:4a:da:96:b3:08:
ec:26:a4:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY085OoZN8LQaOSPfezrwubJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI0MTkxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWFkZTU1ZDVjY2U2ZmE5NjI2M2IwNjE3YmE2OThiNzE5N2ZhNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPHbq+zQxAhAoHZdydgw3EIgvwiK
AmpycSL+rDiOyCcQBCuFwi1w/NLH9Mf4HHqprB9M1s6IuYHNXSUSqaQbl0yt3U67
L1704Of347Bd0JO+lRMc2mta7v6HAApkjzHAaOBzQzl/KwrLLOB2JFPzgUyrSNGR
MSU73oJIQd48A3zUlIU3o1p+6dAA10EML61naoSV0+MRgYQmuiHkFmxzF5tXptb/
NBIAM3F1Xefm0Cc+6FKiRBQ+l+4/HOatwVbnlRT8615c3vhgWpoFq0RmogPlqgBt
xSZzyUZUaXt9WkElh4veuENYLhQ6kzBsqkdf30IZJukUTBTO+NiB9C/x7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDGt5V1czm+pYmOwYXummLcZf6V+MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTWEzbFhWek9iNmxpWTdCaGU2YVl0eGxfcFg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGC6wN6ihVo7wrMCnYZU
dWohLXva/mG5xgFpSPndVoyixIRt6Ox7GNfxCWL3axcg2UN3Ok45K4qNtg9+A7m+
S1JFC7CMeBGsnAju72YJNNbvkSwsF67w9oHaDe5wBMxf4x3X7YhAzzf3NjHXpby4
Ko7Y93rp+hIKXRX9/dyf644RJK7lqGLArtFPz32X6UVhEc0IYZTA9V1JRPLevCp5
ofqWdVBH5MMX4aYbxA9zKRr+dW1UDDvYR+pPOrgN+qmOqZbiEAxOp6EARvYBqFPT
yfRl06IsevG64qQCK87PC/p4v0pfXpUctoGO2GvrOUJ0HP9LRqYt38NK2pazCOwm
pMo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:01:08 2025 by rpki-client