Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/m3_A9quB7hgmSK7HnYwKZttyijo.roa
File: m3_A9quB7hgmSK7HnYwKZttyijo.roa (raw, json)
Hash identifier: kaGBleACRIbwhTJ3npWWxUOS27PK292keLuLuyjDlsA=
Subject key identifier: 9B:7F:C0:F6:AB:81:EE:18:26:48:AE:C7:9D:8C:0A:66:DB:72:8A:3A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D954AFAF1247D472C8B9F9FB9EBB62526
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/m3_A9quB7hgmSK7HnYwKZttyijo.roa
Signing time: Sat 10 Feb 2024 23:12:15 +0000
ROA not before: Sat 10 Feb 2024 23:12:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:95:4a:fa:f1:24:7d:47:2c:8b:9f:9f:b9:eb:b6:25:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 10 23:12:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b7fc0f6ab81ee182648aec79d8c0a66db728a3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:57:83:89:71:82:8f:91:eb:51:3b:66:21:ec:
b5:bc:fe:c6:35:65:72:8a:55:80:e6:da:66:d6:9c:
10:eb:89:60:8c:24:66:4f:1c:78:ef:c7:f3:b7:2b:
7a:7d:61:eb:31:a2:b7:0f:7c:fc:28:9c:8f:8e:af:
c9:00:ed:89:a0:ae:d4:ae:6c:bc:3d:4e:30:84:c1:
66:ab:da:6c:bc:d6:ac:22:41:ba:76:20:f1:4a:79:
12:0f:8f:77:11:2a:10:9b:73:2c:30:86:a1:27:68:
f4:4d:a7:42:bc:92:e5:24:1d:32:b5:b1:2e:5f:b3:
3d:bd:ae:68:69:69:1d:62:ff:54:f6:de:fc:24:99:
1d:c1:ac:f9:a3:18:2c:16:b7:71:fc:98:d4:5d:db:
96:2e:b2:3d:11:16:8e:e1:ee:36:36:2f:ca:1e:f3:
ad:43:a3:44:b2:4a:ec:72:5a:5c:06:5a:a1:c9:ba:
2e:00:6d:33:cc:5b:9b:c4:44:9b:70:3b:b5:52:b8:
31:e2:2e:89:55:47:54:97:94:f9:38:28:b5:dd:d7:
fd:f7:87:d6:f5:ec:5f:ba:c5:34:9e:fa:cd:1a:0c:
44:ee:7b:8b:b3:f3:1b:ca:a3:29:cd:b1:8f:cd:4c:
c8:9a:62:43:25:a5:67:a1:8a:4f:1d:6f:b2:e4:52:
3e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:7F:C0:F6:AB:81:EE:18:26:48:AE:C7:9D:8C:0A:66:DB:72:8A:3A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/m3_A9quB7hgmSK7HnYwKZttyijo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
54:1f:31:08:89:de:58:17:d9:0b:05:63:a5:41:02:23:5a:52:
6c:4b:69:dd:59:4a:c1:ba:8c:92:81:11:58:30:98:3d:53:66:
11:10:41:fa:7a:9e:ab:2d:ba:8b:e7:54:c0:3f:e9:25:25:63:
9a:f5:7b:4c:a4:88:db:2b:12:db:0f:bf:15:c5:a7:4b:ba:e5:
3b:1e:fc:84:f7:10:ff:62:5e:ea:5e:d8:89:fe:48:25:4b:6f:
33:e4:33:59:4b:8d:4f:5b:14:9b:50:bd:91:8f:16:eb:c7:ad:
f2:81:bb:8a:77:b5:d5:a7:30:77:25:c9:41:c0:06:ab:66:76:
a7:13:33:e1:71:2a:7c:d3:73:c4:b1:ba:29:e5:1a:1f:df:32:
75:ef:b4:b6:a5:7f:a5:04:96:88:86:8f:f9:87:3d:4b:8b:74:
f5:e5:10:f5:97:c0:62:c1:ce:1f:f3:5e:87:1c:38:ca:f7:d5:
12:1a:0e:26:f9:16:f2:f6:46:fe:aa:30:d7:8e:49:a4:41:df:
1e:bb:28:90:d4:d3:26:6b:6e:b5:2a:4e:ff:49:da:90:87:be:
e2:a3:e3:f0:bc:9c:56:92:5a:49:f9:ce:d4:cf:a8:99:95:91:
ba:43:38:52:6e:0a:67:65:2c:78:d5:b3:6a:e2:64:f8:fd:92:
7b:d2:0f:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2VSvrxJH1HLIufn7nrtiUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEwMjMxMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjdmYzBmNmFiODFlZTE4MjY0OGFlYzc5ZDhjMGE2NmRiNzI4YTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VeDiXGCj5HrUTtmIey1vP7GNWVy
ilWA5tpm1pwQ64lgjCRmTxx478fztyt6fWHrMaK3D3z8KJyPjq/JAO2JoK7Urmy8
PU4whMFmq9psvNasIkG6diDxSnkSD493ESoQm3MsMIahJ2j0TadCvJLlJB0ytbEu
X7M9va5oaWkdYv9U9t78JJkdwaz5oxgsFrdx/JjUXduWLrI9ERaO4e42Ni/KHvOt
Q6NEskrsclpcBlqhybouAG0zzFubxESbcDu1Urgx4i6JVUdUl5T5OCi13df994fW
9exfusU0nvrNGgxE7nuLs/MbyqMpzbGPzUzImmJDJaVnoYpPHW+y5FI+tQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJt/wParge4YJkiux52MCmbbcoo6MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbTNfQTlxdUI3aGdtU0s3SG5Zd0tadHR5aWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFQfMQiJ3lgX2QsFY6VB
AiNaUmxLad1ZSsG6jJKBEVgwmD1TZhEQQfp6nqstuovnVMA/6SUlY5r1e0ykiNsr
EtsPvxXFp0u65Tse/IT3EP9iXupe2In+SCVLbzPkM1lLjU9bFJtQvZGPFuvHrfKB
u4p3tdWnMHclyUHABqtmdqcTM+FxKnzTc8SxuinlGh/fMnXvtLalf6UEloiGj/mH
PUuLdPXlEPWXwGLBzh/zXoccOMr31RIaDib5FvL2Rv6qMNeOSaRB3x67KJDU0yZr
brUqTv9J2pCHvuKj4/C8nFaSWkn5ztTPqJmVkbpDOFJuCmdlLHjVs2riZPj9knvS
D2k=
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:40:38 2025 by rpki-client