Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mLrhr9PrZi6LFjgvpIGIBtud4mY.roa
File: mLrhr9PrZi6LFjgvpIGIBtud4mY.roa (raw, json)
Hash identifier: XeCZ7Ihy0kMApg8C/amr1S/+1PchND7nhZvdbpAcXD0=
Subject key identifier: 98:BA:E1:AF:D3:EB:66:2E:8B:16:38:2F:A4:81:88:06:DB:9D:E2:66
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CDC55520789C6D8553244F7BD8AFB9224
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mLrhr9PrZi6LFjgvpIGIBtud4mY.roa
Signing time: Sat 06 Jan 2024 01:13:48 +0000
ROA not before: Sat 06 Jan 2024 01:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:dc:55:52:07:89:c6:d8:55:32:44:f7:bd:8a:fb:92:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 6 01:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98bae1afd3eb662e8b16382fa4818806db9de266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e6:93:d1:0a:03:2b:17:cd:0d:7d:d8:92:5f:
a4:97:6f:9e:69:f0:95:79:52:94:d2:7c:3b:7e:03:
d1:89:bf:0d:da:55:95:a9:06:e6:58:3e:da:5d:43:
51:42:fa:e8:3c:b1:78:69:06:99:bf:14:4c:15:34:
4c:ba:6b:05:50:ad:d1:38:e1:d0:3e:77:25:a5:5b:
c7:17:83:37:b0:c8:71:37:7d:49:db:83:6c:5a:a0:
36:e0:15:26:97:1f:07:58:b7:97:20:89:b9:6c:96:
63:93:5a:92:d4:9f:c6:36:b7:4a:12:b8:b5:c4:3e:
59:1f:6a:49:50:4a:96:e5:2b:7c:a9:0c:b7:91:5d:
32:a3:ba:96:03:d5:4e:eb:d1:39:f6:67:6d:27:15:
f8:a2:ed:6d:f0:d3:da:0d:a8:46:af:94:69:1c:a8:
c3:b0:56:52:6d:2e:73:58:f7:98:2d:3c:84:90:33:
c0:d3:36:3c:66:d3:03:07:ee:11:94:5e:1d:9b:d3:
e9:da:3b:2b:21:fa:e9:10:64:8d:31:bb:23:45:d4:
33:58:91:f1:47:ca:cf:30:f6:4c:1c:6b:63:f4:50:
0b:6e:4e:a3:aa:10:e2:d3:57:98:d7:cd:ea:13:a9:
63:60:29:c4:8a:a8:0d:1c:b8:49:6f:98:3e:e4:b3:
47:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:BA:E1:AF:D3:EB:66:2E:8B:16:38:2F:A4:81:88:06:DB:9D:E2:66
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mLrhr9PrZi6LFjgvpIGIBtud4mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:66:64:e2:8f:30:a7:1b:8f:73:15:39:b7:b6:02:45:ad:7a:
80:d6:76:04:59:99:20:ae:44:95:a6:07:cd:2d:1b:76:9d:b5:
d8:e5:a3:d8:0a:59:6d:f4:0f:41:9c:ef:f5:a7:32:62:89:8d:
51:ad:bb:29:96:6d:97:6b:02:d8:54:8a:68:2c:fb:c4:cf:43:
f6:da:ad:09:b8:02:3d:b5:50:be:41:2e:fa:7c:4d:09:86:86:
38:a2:7a:7d:c1:79:b6:25:f5:b1:51:00:c7:15:cc:57:42:98:
38:d1:fe:ba:54:3b:af:4f:33:f6:e4:36:a5:69:b1:40:bf:25:
70:02:3b:4a:93:d0:d6:da:b1:d8:54:ea:9a:3b:e0:97:a8:eb:
bb:d3:02:ca:69:e2:2c:55:cc:3f:bb:45:f2:14:7c:a7:3c:b4:
e5:c1:26:d9:93:5d:90:64:bb:69:c4:e0:63:85:8b:51:a7:c3:
31:af:2a:f5:cc:60:a3:cf:36:39:5b:fa:73:15:30:17:5d:f3:
4a:fb:10:de:9a:5d:a4:b8:b3:74:9b:af:9f:6c:8e:79:01:0c:
09:1a:01:5f:5b:e3:cb:3c:e8:b5:a3:48:27:cd:ca:26:cc:28:
f1:55:c0:48:7b:1d:e2:bb:85:ed:09:76:c2:4b:f0:b8:9b:61:
d2:f9:f4:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzcVVIHicbYVTJE972K+5IkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA2MDExMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGJhZTFhZmQzZWI2NjJlOGIxNjM4MmZhNDgxODgwNmRiOWRlMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOaT0QoDKxfNDX3Ykl+kl2+eafCV
eVKU0nw7fgPRib8N2lWVqQbmWD7aXUNRQvroPLF4aQaZvxRMFTRMumsFUK3ROOHQ
PnclpVvHF4M3sMhxN31J24NsWqA24BUmlx8HWLeXIIm5bJZjk1qS1J/GNrdKEri1
xD5ZH2pJUEqW5St8qQy3kV0yo7qWA9VO69E59mdtJxX4ou1t8NPaDahGr5RpHKjD
sFZSbS5zWPeYLTyEkDPA0zY8ZtMDB+4RlF4dm9Pp2jsrIfrpEGSNMbsjRdQzWJHx
R8rPMPZMHGtj9FALbk6jqhDi01eY183qE6ljYCnEiqgNHLhJb5g+5LNHVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJi64a/T62YuixY4L6SBiAbbneJmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbUxyaHI5UHJaaTZMRmpndnBJR0lCdHVkNG1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIVmZOKPMKcbj3MVObe2
AkWteoDWdgRZmSCuRJWmB80tG3adtdjlo9gKWW30D0Gc7/WnMmKJjVGtuymWbZdr
AthUimgs+8TPQ/barQm4Aj21UL5BLvp8TQmGhjiien3BebYl9bFRAMcVzFdCmDjR
/rpUO69PM/bkNqVpsUC/JXACO0qT0NbasdhU6po74Jeo67vTAspp4ixVzD+7RfIU
fKc8tOXBJtmTXZBku2nE4GOFi1GnwzGvKvXMYKPPNjlb+nMVMBdd80r7EN6aXaS4
s3Sbr59sjnkBDAkaAV9b48s86LWjSCfNyibMKPFVwEh7HeK7he0JdsJL8LibYdL5
9KQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:07 2025 by rpki-client