Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mek2w42Jo2iyRF5tA6CZRoI6UCA.roa
File: mek2w42Jo2iyRF5tA6CZRoI6UCA.roa (raw, json)
Hash identifier: 7GOFpD5i3uu6Id6IphAhthmHr2PVwnfDpROeO8LTjAw=
Subject key identifier: 99:E9:36:C3:8D:89:A3:68:B2:44:5E:6D:03:A0:99:46:82:3A:50:20
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D1F3F3181ED4352E3C54DABBF024A80F9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mek2w42Jo2iyRF5tA6CZRoI6UCA.roa
Signing time: Fri 19 Jan 2024 01:04:11 +0000
ROA not before: Fri 19 Jan 2024 01:04:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:1f3f:270f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1f:3f:31:81:ed:43:52:e3:c5:4d:ab:bf:02:4a:80:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 19 01:04:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99e936c38d89a368b2445e6d03a09946823a5020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8e:4b:66:de:db:9d:3b:31:6a:07:46:b2:fc:
59:92:41:15:20:e5:2e:ec:3a:e4:fd:83:d9:68:f3:
22:4c:6b:f6:31:2e:36:32:ab:19:b5:ab:8d:cc:4e:
f9:05:51:83:26:7f:9e:e9:45:7f:b4:7b:96:9e:83:
0d:a3:42:72:f6:8b:82:af:12:b6:d5:c0:af:40:f7:
48:a3:b1:be:4c:3b:41:3a:d0:52:8b:ce:5c:b6:e4:
0e:1a:99:19:b9:3c:d6:39:17:78:65:dc:1b:05:dc:
56:0e:0b:14:a7:bb:8e:47:e8:e3:4f:f9:de:15:4c:
8b:01:a7:83:5b:99:79:0f:b4:a3:cc:0e:82:40:94:
d0:a5:fa:c3:d3:b6:34:9e:77:26:04:cc:4d:9d:b4:
7b:54:53:a7:46:9d:d2:70:ae:02:d0:4c:06:2b:97:
d0:3f:60:15:a7:bd:22:a6:88:7b:58:7d:9a:75:be:
71:fc:7c:68:de:e2:dd:f9:ab:c4:1f:53:01:2e:5e:
ed:08:40:2a:af:9c:1c:f0:6a:3d:92:5c:3b:40:85:
51:4e:ae:97:d2:3c:93:c6:c2:d9:73:07:71:a4:43:
6f:7a:33:77:e1:e3:d1:f1:07:a8:96:8e:71:0c:2d:
26:5a:b0:ab:01:3f:49:81:41:8a:1f:70:92:58:d9:
70:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E9:36:C3:8D:89:A3:68:B2:44:5E:6D:03:A0:99:46:82:3A:50:20
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mek2w42Jo2iyRF5tA6CZRoI6UCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:5e:76:46:eb:b9:d2:da:35:5f:6a:77:ff:1a:d4:24:3b:7a:
36:87:dc:0f:93:67:c9:db:b3:13:85:b1:5f:b5:93:fe:b9:01:
99:3d:4c:6b:6a:cb:4e:4c:f5:82:c2:0f:93:45:5b:d2:cd:52:
3b:d5:75:23:46:a8:79:af:a1:64:81:f5:1e:29:13:1a:cb:ab:
c9:04:10:0b:35:5f:b9:b3:85:4b:54:1f:f5:39:ab:f6:0a:93:
c4:c9:08:ed:c0:4c:40:a0:71:9b:0c:61:33:26:f2:37:ee:21:
10:de:b5:8c:e6:02:01:58:28:a8:0f:51:ff:10:cd:8e:fe:dc:
3c:d1:a6:db:3c:14:e4:0d:5c:03:13:0a:da:83:1c:3f:e3:bf:
9c:f3:19:2d:1a:c5:d0:1f:47:8d:a2:ed:b8:09:8d:8f:22:3d:
44:89:0d:6c:b2:c9:1c:85:5b:a9:de:d4:37:8e:69:55:70:29:
89:2b:84:3e:63:a0:19:38:14:2c:7b:bd:de:39:af:35:8c:c9:
60:f1:44:3f:f0:10:e9:97:06:29:65:66:0c:ac:15:6c:26:d5:
0d:94:d1:4a:31:7f:8c:79:b6:19:d8:11:45:be:98:76:bc:a5:
98:e4:f7:7f:8a:91:2e:1e:86:10:21:2e:87:bc:f5:2f:17:14:
3d:b9:97:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0fPzGB7UNS48VNq78CSoD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE5MDEwNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWU5MzZjMzhkODlhMzY4YjI0NDVlNmQwM2EwOTk0NjgyM2E1MDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI5LZt7bnTsxagdGsvxZkkEVIOUu
7Drk/YPZaPMiTGv2MS42MqsZtauNzE75BVGDJn+e6UV/tHuWnoMNo0Jy9ouCrxK2
1cCvQPdIo7G+TDtBOtBSi85ctuQOGpkZuTzWORd4ZdwbBdxWDgsUp7uOR+jjT/ne
FUyLAaeDW5l5D7SjzA6CQJTQpfrD07Y0nncmBMxNnbR7VFOnRp3ScK4C0EwGK5fQ
P2AVp70ipoh7WH2adb5x/Hxo3uLd+avEH1MBLl7tCEAqr5wc8Go9klw7QIVRTq6X
0jyTxsLZcwdxpENvejN34ePR8Qeolo5xDC0mWrCrAT9JgUGKH3CSWNlwpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJnpNsONiaNoskRebQOgmUaCOlAgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbWVrMnc0MkpvMml5UkY1dEE2Q1pSb0k2VUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFdedkbrudLaNV9qd/8a
1CQ7ejaH3A+TZ8nbsxOFsV+1k/65AZk9TGtqy05M9YLCD5NFW9LNUjvVdSNGqHmv
oWSB9R4pExrLq8kEEAs1X7mzhUtUH/U5q/YKk8TJCO3ATECgcZsMYTMm8jfuIRDe
tYzmAgFYKKgPUf8QzY7+3DzRpts8FOQNXAMTCtqDHD/jv5zzGS0axdAfR42i7bgJ
jY8iPUSJDWyyyRyFW6ne1DeOaVVwKYkrhD5joBk4FCx7vd45rzWMyWDxRD/wEOmX
BillZgysFWwm1Q2U0Uoxf4x5thnYEUW+mHa8pZjk93+KkS4ehhAhLoe89S8XFD25
l1A=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:10:59 2025 by rpki-client