Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MdrHzl141WON661rMixZOzrdhVg.roa
File: MdrHzl141WON661rMixZOzrdhVg.roa (raw, json)
Hash identifier: 8BY9TpdFkO36M0G3lEaOHjZZwMJXvT9OFboRHYf5oYo=
Subject key identifier: 31:DA:C7:CE:5D:78:D5:63:8D:EB:AD:6B:32:2C:59:3B:3A:DD:85:58
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E43870272EA682F5A676A8EB86C6EBBD5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MdrHzl141WON661rMixZOzrdhVg.roa
Signing time: Fri 15 Mar 2024 19:11:45 +0000
ROA not before: Fri 15 Mar 2024 19:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:43:87:02:72:ea:68:2f:5a:67:6a:8e:b8:6c:6e:bb:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 15 19:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31dac7ce5d78d5638debad6b322c593b3add8558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d5:38:24:fc:5e:72:71:33:4b:55:16:81:34:
e1:f8:77:1e:37:ae:7c:f2:f9:ea:7e:9a:a4:7b:62:
e9:eb:63:53:c4:c7:f8:b2:b4:a1:6d:9b:06:6c:b1:
0e:68:18:e2:3f:d6:9a:36:91:37:5e:8d:91:5b:60:
43:85:17:b2:71:a9:c6:c2:da:16:fe:58:05:1e:a6:
37:b4:e4:92:d0:b7:a6:68:57:23:85:e1:10:1d:ac:
1f:3d:6e:a7:23:69:e7:60:8f:87:da:ab:4f:91:fe:
16:17:af:5f:88:9b:2d:9f:1a:19:bf:6e:35:94:2f:
e6:85:a2:ab:58:5a:bc:05:09:73:e3:e4:35:41:cc:
29:00:8e:22:ae:35:d5:e5:65:01:d8:70:7c:38:2b:
d6:58:2b:e5:cf:e5:42:79:fb:fa:41:a6:87:00:09:
fa:db:01:d5:75:dd:74:5a:44:67:e4:71:6f:81:8f:
76:f3:73:6c:25:2d:56:b4:5a:4e:59:6a:33:ff:df:
39:b7:4b:bd:ad:a7:6d:03:c1:f3:eb:29:50:78:93:
94:b0:38:82:2e:06:da:2c:aa:00:a7:a7:c7:18:c0:
6b:05:fd:1a:59:3a:74:2a:ac:fc:c4:58:55:bb:9c:
ae:6d:60:64:0f:ad:09:ec:fe:d1:1a:bc:f5:53:65:
9d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:DA:C7:CE:5D:78:D5:63:8D:EB:AD:6B:32:2C:59:3B:3A:DD:85:58
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MdrHzl141WON661rMixZOzrdhVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:db:f8:ca:cc:d2:aa:8a:c4:cd:c3:ad:5d:77:bb:bd:78:12:
99:22:69:b7:4e:65:2f:61:60:10:a1:61:bc:43:74:bc:a1:bf:
be:a3:25:eb:7d:9b:1d:2a:c0:4c:91:bb:73:f9:4d:b4:ed:9d:
0f:c5:2e:20:8f:6c:00:92:2d:ab:6d:ac:05:c2:ee:39:9f:bb:
72:f9:ad:36:d8:b5:bc:f5:9d:e2:22:02:72:ef:49:89:8c:b6:
74:4e:38:bd:b1:df:a7:d2:0c:91:c8:9e:f6:a9:bc:be:f9:41:
86:8d:ee:d1:9d:a2:eb:e2:da:1f:25:68:36:ad:6d:d7:69:dc:
a8:8a:86:3b:a8:55:14:d5:dd:68:13:e8:c9:0f:6c:fb:14:eb:
b2:5b:81:2f:45:ed:2c:b4:23:3e:b1:21:4b:df:b8:e9:75:27:
49:d1:5b:10:21:ac:b0:30:42:36:36:f4:34:d6:a1:06:3d:6e:
e0:ea:9a:62:d0:a0:cc:f6:8f:a2:ed:53:f5:85:b4:f6:2b:c8:
bd:00:4a:af:1a:19:37:c2:af:33:cc:2e:46:9d:96:f3:64:a4:
d0:89:8b:90:10:94:45:37:7c:d9:5c:09:1f:db:0f:e9:a1:21:
80:eb:45:ad:d9:91:14:57:99:d7:fc:98:0f:62:d8:8b:cc:1c:
8b:87:ee:b9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5DhwJy6mgvWmdqjrhsbrvVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE1MTkxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWRhYzdjZTVkNzhkNTYzOGRlYmFkNmIzMjJjNTkzYjNhZGQ4NTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNU4JPxecnEzS1UWgTTh+HceN658
8vnqfpqke2Lp62NTxMf4srShbZsGbLEOaBjiP9aaNpE3Xo2RW2BDhReycanGwtoW
/lgFHqY3tOSS0LemaFcjheEQHawfPW6nI2nnYI+H2qtPkf4WF69fiJstnxoZv241
lC/mhaKrWFq8BQlz4+Q1QcwpAI4irjXV5WUB2HB8OCvWWCvlz+VCefv6QaaHAAn6
2wHVdd10WkRn5HFvgY9283NsJS1WtFpOWWoz/985t0u9radtA8Hz6ylQeJOUsDiC
LgbaLKoAp6fHGMBrBf0aWTp0Kqz8xFhVu5yubWBkD60J7P7RGrz1U2WdvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDHax85deNVjjeutazIsWTs63YVYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTWRySHpsMTQxV09ONjYxck1peFpPenJkaFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACrb+MrM0qqKxM3DrV13
u714EpkiabdOZS9hYBChYbxDdLyhv76jJet9mx0qwEyRu3P5TbTtnQ/FLiCPbACS
LattrAXC7jmfu3L5rTbYtbz1neIiAnLvSYmMtnROOL2x36fSDJHInvapvL75QYaN
7tGdouvi2h8laDatbddp3KiKhjuoVRTV3WgT6MkPbPsU67JbgS9F7Sy0Iz6xIUvf
uOl1J0nRWxAhrLAwQjY29DTWoQY9buDqmmLQoMz2j6LtU/WFtPYryL0ASq8aGTfC
rzPMLkadlvNkpNCJi5AQlEU3fNlcCR/bD+mhIYDrRa3ZkRRXmdf8mA9i2IvMHIuH
7rk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org