Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mh2dEZWmGcu1Gbih0kX7GYtVK2A.roa
File: mh2dEZWmGcu1Gbih0kX7GYtVK2A.roa (raw, json)
Hash identifier: scs5amDiCo9L3CeLqsxSIw/zH3QJhDCNoD04z2fGDjM=
Subject key identifier: 9A:1D:9D:11:95:A6:19:CB:B5:19:B8:A1:D2:45:FB:19:8B:55:2B:60
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D2FCD2B66D3BDD385BDB6171344E272A7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mh2dEZWmGcu1Gbih0kX7GYtVK2A.roa
Signing time: Mon 22 Jan 2024 06:13:11 +0000
ROA not before: Mon 22 Jan 2024 06:13:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2f:cd:2b:66:d3:bd:d3:85:bd:b6:17:13:44:e2:72:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 22 06:13:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a1d9d1195a619cbb519b8a1d245fb198b552b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8c:85:c8:b0:6e:b5:64:8d:f5:63:83:94:69:
d8:71:49:6c:2e:b5:c8:96:92:87:78:f0:e3:52:27:
ec:a8:dc:eb:3a:59:b1:fc:d5:07:24:8f:b5:16:73:
64:3e:d4:24:6d:de:80:f4:1e:19:c8:89:d0:e2:fe:
61:8d:70:58:51:bb:77:7b:df:c5:02:11:61:2f:36:
51:04:ba:f3:06:b7:36:9f:3d:f7:6d:0e:8c:1b:ce:
ad:ee:cf:e6:63:d2:89:bc:16:6a:a2:b5:f3:13:4c:
de:74:be:27:a7:57:34:56:d7:32:6e:40:7f:7c:bb:
c2:f2:45:34:f4:0b:23:ae:65:8c:58:5f:be:da:cd:
f2:0e:b6:27:e4:9b:2f:e8:8b:c0:ad:3e:f1:2d:e0:
fa:f2:aa:0f:ef:0d:b6:f4:b1:3d:a8:1b:b7:ed:52:
e6:12:a2:d3:3c:02:a7:04:80:c9:9b:89:fc:e4:73:
94:af:c8:71:2a:81:40:e6:25:98:23:81:cc:6a:03:
bb:ce:90:78:f9:d2:6b:fd:d9:b5:1e:e0:85:e1:b2:
cb:6f:e4:b0:89:74:bc:e8:70:58:54:85:ad:fc:0a:
2f:1d:96:11:b0:ee:60:10:74:22:fe:9c:bd:fc:29:
90:cb:cf:6b:df:12:16:a8:e2:34:8d:3e:50:72:5e:
6e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1D:9D:11:95:A6:19:CB:B5:19:B8:A1:D2:45:FB:19:8B:55:2B:60
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mh2dEZWmGcu1Gbih0kX7GYtVK2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:37:6f:e7:96:33:75:cc:4f:94:0c:a9:0f:5d:55:08:be:c0:
68:c8:0f:9c:60:8f:4a:c3:1d:7a:76:ac:0f:fb:5e:21:d4:de:
19:8b:46:13:c2:e4:3d:d8:36:97:ad:28:8d:77:a3:43:96:c5:
f2:d1:db:9e:cc:46:fe:5b:c3:dd:98:5f:41:82:b3:48:a1:4e:
b4:bb:4d:d7:0a:9a:d2:68:dd:8d:19:58:c7:0a:6a:ec:99:5c:
5e:19:6d:5a:eb:f2:f6:02:b2:70:44:2f:40:bd:af:04:d1:b8:
42:cb:a6:41:1b:71:54:95:02:fd:6e:50:62:fd:fe:fd:a4:1e:
1e:dc:64:0b:85:db:1d:2c:59:a3:80:2c:1a:fa:19:a0:6e:0f:
43:44:2a:82:93:65:90:3d:5d:e4:4b:ec:d1:8d:9c:bd:18:5b:
d4:21:1e:9c:32:f0:44:72:53:1d:8a:c3:56:25:37:aa:a4:71:
0a:03:e6:5f:ce:3e:2e:25:f9:7e:fe:d2:41:07:7e:e7:f8:56:
51:dd:9e:30:5b:c7:53:11:cc:bf:a9:31:03:d9:bf:95:1d:73:
79:63:d2:01:9b:db:82:0d:8d:e5:39:71:f8:ee:a3:35:37:66:
82:11:09:9b:14:5e:97:dd:a7:03:26:96:df:e3:c6:84:3a:0e:
ab:fb:0a:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0vzStm073Thb22FxNE4nKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIyMDYxMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFkOWQxMTk1YTYxOWNiYjUxOWI4YTFkMjQ1ZmIxOThiNTUyYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYyFyLButWSN9WODlGnYcUlsLrXI
lpKHePDjUifsqNzrOlmx/NUHJI+1FnNkPtQkbd6A9B4ZyInQ4v5hjXBYUbt3e9/F
AhFhLzZRBLrzBrc2nz33bQ6MG86t7s/mY9KJvBZqorXzE0zedL4np1c0VtcybkB/
fLvC8kU09AsjrmWMWF++2s3yDrYn5Jsv6IvArT7xLeD68qoP7w229LE9qBu37VLm
EqLTPAKnBIDJm4n85HOUr8hxKoFA5iWYI4HMagO7zpB4+dJr/dm1HuCF4bLLb+Sw
iXS86HBYVIWt/AovHZYRsO5gEHQi/py9/CmQy89r3xIWqOI0jT5Qcl5ulQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJodnRGVphnLtRm4odJF+xmLVStgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbWgyZEVaV21HY3UxR2JpaDBrWDdHWXRWSzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGM3b+eWM3XMT5QMqQ9d
VQi+wGjID5xgj0rDHXp2rA/7XiHU3hmLRhPC5D3YNpetKI13o0OWxfLR257MRv5b
w92YX0GCs0ihTrS7TdcKmtJo3Y0ZWMcKauyZXF4ZbVrr8vYCsnBEL0C9rwTRuELL
pkEbcVSVAv1uUGL9/v2kHh7cZAuF2x0sWaOALBr6GaBuD0NEKoKTZZA9XeRL7NGN
nL0YW9QhHpwy8ERyUx2Kw1YlN6qkcQoD5l/OPi4l+X7+0kEHfuf4VlHdnjBbx1MR
zL+pMQPZv5Udc3lj0gGb24INjeU5cfjuozU3ZoIRCZsUXpfdpwMmlt/jxoQ6Dqv7
CpY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:30 2025 by rpki-client