Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fMwKEMR0yikPm6mJwo0cuQgNGKc.roa
File: fMwKEMR0yikPm6mJwo0cuQgNGKc.roa (raw, json)
Hash identifier: zF+HZAJZC8ol9BgROLaoAQfSjURXmsXLSfMjuNbZEfw=
Subject key identifier: 7C:CC:0A:10:C4:74:CA:29:0F:9B:A9:89:C2:8D:1C:B9:08:0D:18:A7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4E76B11001F40CB29063598CABA0788A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fMwKEMR0yikPm6mJwo0cuQgNGKc.roa
Signing time: Sun 17 Mar 2024 22:09:45 +0000
ROA not before: Sun 17 Mar 2024 22:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4e:76:b1:10:01:f4:0c:b2:90:63:59:8c:ab:a0:78:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 17 22:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ccc0a10c474ca290f9ba989c28d1cb9080d18a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:93:6b:cf:c2:f1:5c:78:3f:6c:d9:a4:21:f2:
30:ce:de:09:4f:34:a8:78:a1:91:5e:6b:45:36:50:
24:91:79:b5:60:10:a8:db:14:c8:5b:cd:ac:a3:e3:
f2:4c:31:d0:7d:57:07:a4:f2:83:ab:5b:1b:d0:31:
85:40:3b:cb:19:d4:83:83:1c:3b:25:5f:c4:43:ae:
25:65:d1:99:2f:fe:77:b6:29:fd:5a:57:f4:f1:2a:
e7:66:40:11:e3:57:c2:fe:b6:84:1b:4e:df:f3:34:
be:22:d2:a2:61:62:22:6c:e8:9d:3f:c7:2a:3a:7a:
a7:46:2e:96:d2:de:e6:b5:6f:14:a9:0a:f5:07:5e:
a5:c2:0d:e8:c6:2d:b0:eb:95:65:00:f5:ed:15:f7:
83:00:ee:95:3d:3e:1c:c7:64:0c:35:ff:70:19:95:
b5:0e:15:b0:8c:5c:06:cd:db:89:b9:ab:bc:fd:30:
10:1f:28:16:ad:02:bd:d3:c8:c1:d5:39:32:48:8d:
94:00:94:b7:64:08:12:b7:01:7f:27:b7:bc:9f:bb:
7b:81:2c:80:ae:34:f4:1a:2b:db:6b:0a:c0:a3:5f:
9b:6b:54:c6:2e:98:f0:95:90:a1:b7:cd:33:61:ae:
99:06:4c:28:90:aa:10:dd:2d:9b:16:05:ca:53:d1:
e7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:CC:0A:10:C4:74:CA:29:0F:9B:A9:89:C2:8D:1C:B9:08:0D:18:A7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fMwKEMR0yikPm6mJwo0cuQgNGKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:7b:03:b9:bd:c1:d5:1e:14:f4:1f:27:e0:7e:db:14:5b:b2:
0a:9a:d9:05:2d:f7:f7:dc:d0:83:28:cd:3b:42:c5:96:bb:09:
69:99:4a:00:db:47:e6:12:50:03:f6:82:15:d0:fc:13:6e:1d:
e5:67:b7:3b:9e:71:2b:f9:66:4b:74:5d:68:8d:90:56:9e:f1:
5f:62:77:70:95:dc:3b:79:43:c9:4c:c6:83:4b:89:5c:7c:48:
37:82:e5:12:0f:65:be:28:a2:9c:88:95:2d:ae:bd:74:ac:ab:
0c:d5:c7:88:36:66:e5:13:0d:01:c6:7e:c2:b7:7c:81:f7:c1:
66:00:2e:7b:af:53:cb:26:41:13:59:20:a7:db:2b:f9:5f:8d:
9a:64:ec:fc:a1:a5:72:4d:c8:bd:2a:88:66:9d:81:e3:a6:9d:
2f:1e:b7:45:53:ee:e8:57:24:8a:d0:37:1d:01:6d:d0:5a:d4:
b6:fc:73:a8:cc:f3:90:5f:4d:1d:07:2e:49:ec:27:4f:a5:a1:
4a:51:8a:17:80:7e:db:c6:39:fd:8a:e1:d0:81:0f:87:31:b5:
51:41:af:0f:7a:51:b3:26:59:2e:f7:38:28:25:d0:76:a1:5d:
be:ea:0a:b3:18:08:e7:8b:b6:21:e5:bd:63:0b:70:11:b7:c2:
36:64:2a:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5OdrEQAfQMspBjWYyroHiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE3MjIwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2NjMGExMGM0NzRjYTI5MGY5YmE5ODljMjhkMWNiOTA4MGQxOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpNrz8LxXHg/bNmkIfIwzt4JTzSo
eKGRXmtFNlAkkXm1YBCo2xTIW82so+PyTDHQfVcHpPKDq1sb0DGFQDvLGdSDgxw7
JV/EQ64lZdGZL/53tin9Wlf08SrnZkAR41fC/raEG07f8zS+ItKiYWIibOidP8cq
OnqnRi6W0t7mtW8UqQr1B16lwg3oxi2w65VlAPXtFfeDAO6VPT4cx2QMNf9wGZW1
DhWwjFwGzduJuau8/TAQHygWrQK908jB1TkySI2UAJS3ZAgStwF/J7e8n7t7gSyA
rjT0GivbawrAo1+ba1TGLpjwlZCht80zYa6ZBkwokKoQ3S2bFgXKU9HnLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHzMChDEdMopD5upicKNHLkIDRinMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZk13S0VNUjB5aWtQbTZtSndvMGN1UWdOR0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFx7A7m9wdUeFPQfJ+B+
2xRbsgqa2QUt9/fc0IMozTtCxZa7CWmZSgDbR+YSUAP2ghXQ/BNuHeVntzuecSv5
Zkt0XWiNkFae8V9id3CV3Dt5Q8lMxoNLiVx8SDeC5RIPZb4oopyIlS2uvXSsqwzV
x4g2ZuUTDQHGfsK3fIH3wWYALnuvU8smQRNZIKfbK/lfjZpk7PyhpXJNyL0qiGad
geOmnS8et0VT7uhXJIrQNx0BbdBa1Lb8c6jM85BfTR0HLknsJ0+loUpRiheAftvG
Of2K4dCBD4cxtVFBrw96UbMmWS73OCgl0HahXb7qCrMYCOeLtiHlvWMLcBG3wjZk
Klk=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:15:35 2025 by rpki-client