Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mUSMSGx6gkZSviagFfrfUnGs1W0.roa
File: mUSMSGx6gkZSviagFfrfUnGs1W0.roa (raw, json)
Hash identifier: MTckqfVj8A11vLgUcFgp5DECR8Rn2KfP6hHgezyYYCI=
Subject key identifier: 99:44:8C:48:6C:7A:82:46:52:BE:26:A0:15:FA:DF:52:71:AC:D5:6D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E45E16C00E525AF967D2CDD0A379C6DF9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mUSMSGx6gkZSviagFfrfUnGs1W0.roa
Signing time: Sat 16 Mar 2024 06:09:44 +0000
ROA not before: Sat 16 Mar 2024 06:09:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:45:e1:6c:00:e5:25:af:96:7d:2c:dd:0a:37:9c:6d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 16 06:09:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99448c486c7a824652be26a015fadf5271acd56d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:42:c0:1c:a0:bc:bb:e8:e6:00:ac:5d:d1:d7:
cd:06:3d:4f:86:0b:47:e7:64:16:8a:ea:d5:6b:61:
a7:02:4e:7d:1a:10:62:7b:57:bb:b9:1b:43:7d:55:
ad:bc:49:61:60:4d:1f:43:ae:8a:3e:7e:69:e0:45:
86:bb:7e:3f:e7:0d:ad:db:93:02:b6:2f:e2:47:f0:
ce:68:92:5b:b1:9b:0a:7a:d4:3b:27:5b:9f:2b:c4:
eb:4b:90:97:26:54:db:50:ba:01:f8:ca:d7:55:ba:
4c:b5:a6:d1:d7:33:f7:32:80:a7:6c:0c:c9:9b:d0:
dc:bd:89:24:79:42:7a:4e:1b:ab:56:25:1e:08:f0:
e1:e1:bf:45:0d:bb:3d:7d:5b:1d:d7:48:58:91:0d:
36:38:a7:88:30:c3:9b:4f:c9:9b:27:9c:a3:d8:3b:
73:4a:a6:d8:e3:65:a6:5a:b1:a9:cd:c3:a0:ce:8c:
9b:9b:4e:7a:9e:5a:e7:38:c0:f3:a0:ee:ce:33:f9:
e0:28:b9:34:8a:b0:cf:ef:65:90:2b:dc:3c:d4:ee:
72:6b:b7:aa:e1:c7:81:06:30:e4:f8:4c:2b:a2:ef:
c2:67:ef:6a:80:6b:b3:20:eb:ea:18:74:c1:14:84:
11:21:2d:30:ae:19:87:b0:2d:9c:2b:35:87:fe:c2:
16:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:44:8C:48:6C:7A:82:46:52:BE:26:A0:15:FA:DF:52:71:AC:D5:6D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mUSMSGx6gkZSviagFfrfUnGs1W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:a9:81:a8:bc:0e:b5:01:97:04:9b:14:63:0c:f6:7c:2b:b8:
da:3d:ab:85:b7:ff:12:15:68:fe:ee:90:a8:84:3d:ca:52:2d:
bf:80:48:9e:22:08:97:2c:ff:0d:81:0b:d8:ce:f0:a8:a6:c0:
70:72:5c:02:76:3d:b2:19:a0:86:b9:17:ec:9f:21:98:96:89:
eb:de:d8:38:32:17:94:b8:8a:32:1c:47:6a:20:08:b0:3c:98:
2e:e7:c4:11:c9:bc:57:b1:51:58:a7:4c:07:c2:5c:30:c8:c1:
be:e7:8a:b7:df:0e:3d:c8:b2:89:24:64:75:7d:8a:b0:fe:1c:
a1:46:97:49:3d:6f:da:37:c2:4f:78:30:40:f6:b1:37:e2:1e:
c0:bb:ab:f2:e2:e1:d5:b7:61:c0:06:b1:40:3e:d9:c8:df:89:
7b:70:a3:cb:34:a0:52:4d:19:c4:0c:7e:4c:2e:6c:76:17:23:
b3:9f:9f:8e:71:81:e7:d6:9a:8f:fb:e8:f8:09:7a:98:b0:4b:
39:8c:9e:9a:89:ed:97:06:b1:4d:58:d7:6b:7e:df:a2:a9:a6:
3b:79:60:52:60:01:e2:70:b6:34:a9:51:7f:20:cb:4b:a5:be:
b1:2f:61:25:d7:f4:15:6b:8a:06:bc:d8:86:08:21:a3:11:70:
c1:8c:cb:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5F4WwA5SWvln0s3Qo3nG35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE2MDYwOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTQ0OGM0ODZjN2E4MjQ2NTJiZTI2YTAxNWZhZGY1MjcxYWNkNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkLAHKC8u+jmAKxd0dfNBj1PhgtH
52QWiurVa2GnAk59GhBie1e7uRtDfVWtvElhYE0fQ66KPn5p4EWGu34/5w2t25MC
ti/iR/DOaJJbsZsKetQ7J1ufK8TrS5CXJlTbULoB+MrXVbpMtabR1zP3MoCnbAzJ
m9DcvYkkeUJ6ThurViUeCPDh4b9FDbs9fVsd10hYkQ02OKeIMMObT8mbJ5yj2Dtz
SqbY42WmWrGpzcOgzoybm056nlrnOMDzoO7OM/ngKLk0irDP72WQK9w81O5ya7eq
4ceBBjDk+Ewrou/CZ+9qgGuzIOvqGHTBFIQRIS0wrhmHsC2cKzWH/sIWWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJlEjEhseoJGUr4moBX631JxrNVtMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbVVTTVNHeDZna1pTdmlhZ0ZmcmZVbkdzMVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJSpgai8DrUBlwSbFGMM
9nwruNo9q4W3/xIVaP7ukKiEPcpSLb+ASJ4iCJcs/w2BC9jO8KimwHByXAJ2PbIZ
oIa5F+yfIZiWieve2DgyF5S4ijIcR2ogCLA8mC7nxBHJvFexUVinTAfCXDDIwb7n
irffDj3IsokkZHV9irD+HKFGl0k9b9o3wk94MED2sTfiHsC7q/Li4dW3YcAGsUA+
2cjfiXtwo8s0oFJNGcQMfkwubHYXI7Ofn45xgefWmo/76PgJepiwSzmMnpqJ7ZcG
sU1Y12t+36Kppjt5YFJgAeJwtjSpUX8gy0ulvrEvYSXX9BVriga82IYIIaMRcMGM
yxY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:45 2025 by rpki-client