Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mK41HOhNUfrGZqReGmB8_WIF03M.roa
File: mK41HOhNUfrGZqReGmB8_WIF03M.roa (raw, json)
Hash identifier: r8d9yEUe2boE12rrohB0o2iweWEeeWXMkOVM3X/UvNM=
Subject key identifier: 98:AE:35:1C:E8:4D:51:FA:C6:66:A4:5E:1A:60:7C:FD:62:05:D3:73
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DC9700BECFAA9F1A8834DEBB99964CA1C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mK41HOhNUfrGZqReGmB8_WIF03M.roa
Signing time: Wed 21 Feb 2024 02:12:59 +0000
ROA not before: Wed 21 Feb 2024 02:12:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c9:70:0b:ec:fa:a9:f1:a8:83:4d:eb:b9:99:64:ca:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 21 02:12:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98ae351ce84d51fac666a45e1a607cfd6205d373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:85:33:c9:7a:58:0f:24:9c:7c:32:5b:53:43:
15:e7:a2:ea:2f:e5:51:c1:37:fd:b2:64:56:aa:cd:
42:e5:b0:55:48:76:c5:85:21:31:14:c1:2c:3d:90:
00:a2:7a:97:89:a7:63:47:a0:46:91:45:03:d8:63:
5e:93:e9:a9:a9:d0:79:5e:ff:29:eb:cd:c8:fb:cd:
f6:75:fe:fe:2c:5c:4f:4c:0a:38:c2:2d:0e:d5:a7:
e6:e8:7e:fe:08:0c:00:a9:93:04:bb:68:cd:5f:d6:
aa:e4:7c:71:3e:44:83:7b:1b:7c:10:54:0d:89:4e:
ab:98:a6:e8:54:19:4b:aa:49:7c:03:94:1b:f9:3e:
eb:70:b4:d2:06:2b:8e:6d:7f:82:83:5a:0a:f9:fb:
20:71:51:95:67:7e:0d:d9:33:4a:c9:14:a0:47:76:
36:98:06:90:37:ee:51:b0:eb:f3:98:ea:bb:e0:f6:
35:7b:fe:f7:42:ec:af:e5:13:59:ac:0c:2b:60:5d:
aa:e1:7e:aa:71:b2:5f:85:12:d3:ee:82:db:9c:41:
fc:bc:1c:11:c2:e6:00:86:28:d8:8d:ce:fc:92:7f:
2c:d6:51:67:37:8b:0e:0e:83:7b:1d:23:e1:07:50:
e8:cb:dc:ba:1c:cd:ac:40:4e:62:73:8e:b0:54:a7:
08:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AE:35:1C:E8:4D:51:FA:C6:66:A4:5E:1A:60:7C:FD:62:05:D3:73
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mK41HOhNUfrGZqReGmB8_WIF03M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:ed:1c:a4:a1:47:2c:4f:0b:26:99:43:d1:3d:c2:e3:e8:d4:
be:e4:5a:ec:72:18:2b:ac:34:76:d0:1d:d1:97:7a:b2:1f:9b:
15:38:c0:1d:3a:0e:78:10:3c:f7:79:cd:b7:74:05:6a:44:d7:
74:00:8f:a2:ca:35:87:37:07:51:0a:8f:70:fe:f7:a9:a6:88:
d9:d0:40:44:61:50:62:fa:6d:25:48:ca:d4:04:3d:9f:e0:58:
6b:1d:12:5f:43:56:10:ad:69:b2:17:61:10:2f:4e:d1:74:76:
36:d8:cf:9d:76:58:74:32:be:78:31:d6:52:97:43:fe:b7:50:
9a:e1:1d:b1:5f:b2:79:18:af:84:1e:39:39:76:5c:96:66:08:
0e:42:c7:ba:e3:68:b0:80:77:c8:5f:4b:ef:49:b4:b4:1e:c9:
43:04:ac:92:73:0a:a9:05:01:01:83:67:7d:a6:4d:f6:c9:db:
d0:9b:c0:df:34:58:e8:42:8c:45:4f:5d:3c:a1:da:f8:23:6d:
32:83:20:57:87:ba:57:7b:d3:45:7f:3a:99:d1:b0:43:3a:42:
a2:31:8b:48:31:d6:9d:3b:e2:f4:97:26:60:3b:8f:f9:3c:25:
c5:a3:5e:db:54:81:db:25:a4:e5:df:90:13:72:5f:d7:7a:c0:
bd:53:de:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3JcAvs+qnxqINN67mZZMocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIxMDIxMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFlMzUxY2U4NGQ1MWZhYzY2NmE0NWUxYTYwN2NmZDYyMDVkMzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYUzyXpYDyScfDJbU0MV56LqL+VR
wTf9smRWqs1C5bBVSHbFhSExFMEsPZAAonqXiadjR6BGkUUD2GNek+mpqdB5Xv8p
683I+832df7+LFxPTAo4wi0O1afm6H7+CAwAqZMEu2jNX9aq5HxxPkSDext8EFQN
iU6rmKboVBlLqkl8A5Qb+T7rcLTSBiuObX+Cg1oK+fsgcVGVZ34N2TNKyRSgR3Y2
mAaQN+5RsOvzmOq74PY1e/73Quyv5RNZrAwrYF2q4X6qcbJfhRLT7oLbnEH8vBwR
wuYAhijYjc78kn8s1lFnN4sODoN7HSPhB1Doy9y6HM2sQE5ic46wVKcIiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJiuNRzoTVH6xmakXhpgfP1iBdNzMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbUs0MUhPaE5VZnJHWnFSZUdtQjhfV0lGMDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA/tHKShRyxPCyaZQ9E9
wuPo1L7kWuxyGCusNHbQHdGXerIfmxU4wB06DngQPPd5zbd0BWpE13QAj6LKNYc3
B1EKj3D+96mmiNnQQERhUGL6bSVIytQEPZ/gWGsdEl9DVhCtabIXYRAvTtF0djbY
z512WHQyvngx1lKXQ/63UJrhHbFfsnkYr4QeOTl2XJZmCA5Cx7rjaLCAd8hfS+9J
tLQeyUMErJJzCqkFAQGDZ32mTfbJ29CbwN80WOhCjEVPXTyh2vgjbTKDIFeHuld7
00V/OpnRsEM6QqIxi0gx1p074vSXJmA7j/k8JcWjXttUgdslpOXfkBNyX9d6wL1T
3tk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:33 2025 by rpki-client