Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PM0cUsjnYwjIgHBl4lPvnSrr9l8.roa
File: PM0cUsjnYwjIgHBl4lPvnSrr9l8.roa (raw, json)
Hash identifier: UX5QHVnN8PjAVH5rhhfK5CQ0AP/fRzDN0lMSJmfL9fo=
Subject key identifier: 3C:CD:1C:52:C8:E7:63:08:C8:80:70:65:E2:53:EF:9D:2A:EB:F6:5F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CFFFA443CA80CCC9F15B29D5D597B849A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PM0cUsjnYwjIgHBl4lPvnSrr9l8.roa
Signing time: Fri 12 Jan 2024 23:20:40 +0000
ROA not before: Fri 12 Jan 2024 23:20:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ff:fa:44:3c:a8:0c:cc:9f:15:b2:9d:5d:59:7b:84:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 12 23:20:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ccd1c52c8e76308c8807065e253ef9d2aebf65f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:18:4c:54:14:b1:ff:bd:bd:ee:61:d0:90:83:
62:57:65:0f:1b:a1:21:28:7f:3c:56:ca:a6:fe:07:
43:62:7b:c5:cc:c7:d9:f1:3f:cb:65:cc:69:e2:2c:
43:c9:f5:5b:5f:42:9c:35:b8:83:f1:4a:49:19:c6:
57:d4:b2:7c:9b:f7:14:5e:bd:75:2d:74:3c:08:bd:
80:50:de:51:e0:6c:67:1d:f4:78:91:1a:9e:be:f5:
7d:38:62:a2:c0:e3:54:41:cb:dc:73:b6:4d:7b:48:
26:e1:17:bb:e4:c8:c5:35:f8:6d:33:76:2c:36:66:
12:a2:d1:a3:10:05:a6:f2:5a:58:aa:de:3f:ea:5f:
30:2f:26:2c:68:42:5c:ed:e0:b5:c8:2a:f5:e0:ef:
bd:e3:f4:21:de:00:75:6b:5d:3d:9a:ff:7b:68:a0:
ab:ec:09:64:cb:44:3b:55:af:4b:3c:6f:e3:55:e4:
89:90:51:54:db:98:a2:36:a1:af:18:ea:03:17:79:
20:20:08:32:fe:a7:22:81:a3:ed:8f:88:07:c7:b1:
34:97:1f:00:2d:92:85:9a:e6:b0:6c:38:3b:54:53:
13:aa:07:46:db:dd:95:37:27:37:f9:85:00:47:ae:
98:e1:95:6f:bd:25:71:80:17:16:aa:88:af:85:11:
c9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CD:1C:52:C8:E7:63:08:C8:80:70:65:E2:53:EF:9D:2A:EB:F6:5F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PM0cUsjnYwjIgHBl4lPvnSrr9l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:4b:47:21:81:49:49:fe:3a:85:c0:28:86:e5:10:05:3c:2e:
f3:f5:c0:eb:34:fd:3b:1c:18:d6:c2:df:d2:c4:11:0f:87:e6:
97:db:8b:fa:e5:d8:c0:83:df:0e:86:78:4f:41:86:d4:59:a3:
36:05:7f:0d:8e:8b:85:f5:c4:f4:89:0b:d9:14:d7:7e:8c:55:
5f:06:a0:fa:8c:13:28:50:6c:94:65:56:01:70:7d:0b:36:eb:
83:e8:bf:08:03:b2:a0:b5:f2:77:b0:2c:ef:49:2a:c7:70:d7:
4b:9d:95:5c:f0:52:6f:a8:31:b8:81:10:61:e0:ae:87:ee:6b:
90:54:e1:6c:d0:a2:bd:08:0e:e6:e6:ad:6c:2d:55:26:f4:56:
cb:2d:53:f6:89:d9:f5:c2:c2:85:ef:ae:6b:bd:cb:f6:22:cd:
90:94:af:3f:30:f0:62:71:59:7c:8f:af:67:0b:d0:18:0b:21:
f4:ca:03:69:65:4c:6c:31:13:81:05:6a:82:a2:ed:f3:49:e2:
c7:0e:93:99:da:15:63:ca:a2:5d:e1:5f:87:43:dc:34:1e:ad:
b7:6b:df:ab:f5:09:bc:ee:a7:ab:8c:21:6e:24:4f:9a:04:ea:
e4:8d:fc:56:32:69:49:db:5e:77:d8:3a:92:74:67:11:66:76:
ba:f3:2d:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz/+kQ8qAzMnxWynV1Ze4SaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEyMjMyMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2NkMWM1MmM4ZTc2MzA4Yzg4MDcwNjVlMjUzZWY5ZDJhZWJmNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxhMVBSx/7297mHQkINiV2UPG6Eh
KH88Vsqm/gdDYnvFzMfZ8T/LZcxp4ixDyfVbX0KcNbiD8UpJGcZX1LJ8m/cUXr11
LXQ8CL2AUN5R4GxnHfR4kRqevvV9OGKiwONUQcvcc7ZNe0gm4Re75MjFNfhtM3Ys
NmYSotGjEAWm8lpYqt4/6l8wLyYsaEJc7eC1yCr14O+94/Qh3gB1a109mv97aKCr
7Alky0Q7Va9LPG/jVeSJkFFU25iiNqGvGOoDF3kgIAgy/qcigaPtj4gHx7E0lx8A
LZKFmuawbDg7VFMTqgdG292VNyc3+YUAR66Y4ZVvvSVxgBcWqoivhRHJTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDzNHFLI52MIyIBwZeJT750q6/ZfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUE0wY1Vzam5Zd2pJZ0hCbDRsUHZuU3JyOWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE5LRyGBSUn+OoXAKIbl
EAU8LvP1wOs0/TscGNbC39LEEQ+H5pfbi/rl2MCD3w6GeE9BhtRZozYFfw2Oi4X1
xPSJC9kU136MVV8GoPqMEyhQbJRlVgFwfQs264PovwgDsqC18newLO9JKsdw10ud
lVzwUm+oMbiBEGHgrofua5BU4WzQor0IDubmrWwtVSb0VsstU/aJ2fXCwoXvrmu9
y/YizZCUrz8w8GJxWXyPr2cL0BgLIfTKA2llTGwxE4EFaoKi7fNJ4scOk5naFWPK
ol3hX4dD3DQerbdr36v1Cbzup6uMIW4kT5oE6uSN/FYyaUnbXnfYOpJ0ZxFmdrrz
LU4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:47 2025 by rpki-client