Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/m4TV16GoQYdrCdJr-a6a0e34Akw.roa
File: m4TV16GoQYdrCdJr-a6a0e34Akw.roa (raw, json)
Hash identifier: 8gHEGIIjogntDx8u9PNbA91nOAsC3uDoLWHeUXcnIik=
Subject key identifier: 9B:84:D5:D7:A1:A8:41:87:6B:09:D2:6B:F9:AE:9A:D1:ED:F8:02:4C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD1668E0659C2D00F9834A3AFBB79525A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/m4TV16GoQYdrCdJr-a6a0e34Akw.roa
Signing time: Wed 03 Jan 2024 22:16:48 +0000
ROA not before: Wed 03 Jan 2024 22:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d1:66:8e:06:59:c2:d0:0f:98:34:a3:af:bb:79:52:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 22:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b84d5d7a1a841876b09d26bf9ae9ad1edf8024c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:39:56:22:ce:96:36:8e:48:b9:dd:27:67:18:
6b:34:6e:ce:44:ec:c1:e0:b9:59:53:21:45:cb:92:
a5:b9:29:73:ac:3f:9d:09:6f:77:f4:5f:c6:78:ca:
39:14:da:50:c6:f5:14:70:00:d5:b3:16:9c:d0:27:
cd:45:f9:5c:f4:70:2e:76:68:df:00:64:c6:ef:82:
e7:72:fb:dc:cb:d7:06:00:25:ba:42:1f:ab:13:27:
9d:21:13:fd:5a:86:96:02:af:c5:a3:fa:57:c6:46:
18:81:43:0c:c6:2e:54:bc:c1:85:de:f7:66:8d:38:
8e:68:98:09:cc:7a:a5:05:ef:c7:a7:c2:67:a2:ec:
cd:f3:4d:71:e5:45:21:88:4f:0c:5a:7f:59:a6:52:
0f:38:b4:d5:60:f2:00:07:78:5f:f0:11:8a:57:1a:
d9:54:4c:3f:28:f9:5e:ed:85:0d:24:f8:92:84:5c:
d0:31:0d:76:90:f2:59:75:7d:63:cf:75:93:89:0f:
21:56:4a:14:42:5f:11:80:d2:60:26:50:c0:94:18:
37:6e:24:33:bc:75:76:6f:72:ef:83:0e:6d:60:78:
69:d6:8e:95:7e:15:d9:c5:73:11:c0:77:a3:59:4c:
e5:0a:08:88:93:e7:0c:0b:d4:6d:44:a4:31:52:64:
85:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:84:D5:D7:A1:A8:41:87:6B:09:D2:6B:F9:AE:9A:D1:ED:F8:02:4C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/m4TV16GoQYdrCdJr-a6a0e34Akw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:84:f6:5c:3d:cc:a6:4e:e5:68:ed:e2:e2:3b:e5:47:d3:55:
ef:be:78:60:07:d7:2e:bf:e7:75:ba:14:89:42:e9:2b:24:3f:
29:06:54:5a:78:72:bc:9b:e9:0b:d8:34:50:7b:11:d3:cf:1e:
8e:0f:ad:4a:e9:11:bc:91:c8:10:db:ff:b8:19:c9:90:22:05:
e4:76:e2:2a:fa:33:17:b7:74:95:d7:58:fa:89:76:38:88:a1:
a7:45:b6:62:90:73:dc:b7:24:40:a2:71:66:35:3e:b6:69:02:
3e:65:df:ca:fa:78:e6:4a:42:33:a3:c4:9e:a6:56:2d:96:32:
ba:4b:e6:02:52:0b:39:09:41:41:bb:26:07:3a:14:7e:93:64:
54:aa:e4:9d:df:6b:f5:f3:3c:f9:a8:0d:d7:1e:72:e9:1a:a8:
ec:a6:21:bb:3f:6d:50:06:0a:bf:ad:bc:04:14:cd:c0:ce:6a:
fb:f1:ad:57:f8:48:1e:45:dd:39:a6:7a:78:66:10:8d:63:4d:
26:ae:95:c9:b0:4e:a5:d6:59:9e:94:8c:83:d7:80:d9:75:3d:
4a:82:05:d7:3f:11:0c:66:a9:89:84:6f:12:c5:78:ee:b2:2f:
42:48:5e:e4:0d:73:cf:4d:21:ba:6b:bb:6c:ee:eb:ad:34:83:
48:7c:48:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzRZo4GWcLQD5g0o6+7eVJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMjIxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjg0ZDVkN2ExYTg0MTg3NmIwOWQyNmJmOWFlOWFkMWVkZjgwMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzlWIs6WNo5Iud0nZxhrNG7OROzB
4LlZUyFFy5KluSlzrD+dCW939F/GeMo5FNpQxvUUcADVsxac0CfNRflc9HAudmjf
AGTG74Lncvvcy9cGACW6Qh+rEyedIRP9WoaWAq/Fo/pXxkYYgUMMxi5UvMGF3vdm
jTiOaJgJzHqlBe/Hp8JnouzN801x5UUhiE8MWn9ZplIPOLTVYPIAB3hf8BGKVxrZ
VEw/KPle7YUNJPiShFzQMQ12kPJZdX1jz3WTiQ8hVkoUQl8RgNJgJlDAlBg3biQz
vHV2b3Lvgw5tYHhp1o6VfhXZxXMRwHejWUzlCgiIk+cMC9RtRKQxUmSF2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJuE1dehqEGHawnSa/mumtHt+AJMMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbTRUVjE2R29RWWRyQ2RKci1hNmEwZTM0QWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACGE9lw9zKZO5Wjt4uI7
5UfTVe++eGAH1y6/53W6FIlC6SskPykGVFp4cryb6QvYNFB7EdPPHo4PrUrpEbyR
yBDb/7gZyZAiBeR24ir6Mxe3dJXXWPqJdjiIoadFtmKQc9y3JECicWY1PrZpAj5l
38r6eOZKQjOjxJ6mVi2WMrpL5gJSCzkJQUG7Jgc6FH6TZFSq5J3fa/XzPPmoDdce
cukaqOymIbs/bVAGCr+tvAQUzcDOavvxrVf4SB5F3TmmenhmEI1jTSaulcmwTqXW
WZ6UjIPXgNl1PUqCBdc/EQxmqYmEbxLFeO6yL0JIXuQNc89NIbpru2zu6600g0h8
SH8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:15 2025 by rpki-client