Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/molO_e5RGC-Q2o5fYZ0vmrFROPQ.roa
File: molO_e5RGC-Q2o5fYZ0vmrFROPQ.roa (raw, json)
Hash identifier: Z1fNsMA0S1O1S5NIZUJp2lHbPUkTAssdFEZEwpnCev4=
Subject key identifier: 9A:89:4E:FD:EE:51:18:2F:90:DA:8E:5F:61:9D:2F:9A:B1:51:38:F4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DDB3E4810EF0C9584CEC134909EB7300A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/molO_e5RGC-Q2o5fYZ0vmrFROPQ.roa
Signing time: Sat 24 Feb 2024 13:11:48 +0000
ROA not before: Sat 24 Feb 2024 13:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:db:3e:48:10:ef:0c:95:84:ce:c1:34:90:9e:b7:30:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 24 13:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a894efdee51182f90da8e5f619d2f9ab15138f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3b:3f:83:75:37:b3:a5:bf:59:92:b9:d8:42:
cc:f5:15:ea:fb:8e:5d:e7:cd:af:99:b3:39:74:4a:
ca:bc:60:3e:8f:2d:97:78:17:8b:9e:6c:ed:ff:36:
c9:80:b7:27:80:1c:52:e1:a4:37:74:f1:5b:1b:d3:
48:ff:4d:2a:1e:7c:c5:aa:79:49:5b:de:e4:7e:dc:
eb:9a:bc:9d:c0:a5:62:86:36:e5:a1:50:00:09:8f:
f3:c4:54:70:e8:18:c2:bf:54:d9:a0:e5:e3:28:dd:
7a:fd:6e:71:f4:a6:cc:71:69:dc:7c:4e:66:f5:7c:
4a:7d:57:be:f9:aa:9c:ad:47:0c:55:8c:45:b5:2f:
c3:cc:26:9f:a6:88:38:26:ff:f6:ac:5d:5f:6d:eb:
f4:da:15:d9:2b:52:60:14:77:f4:ac:7f:fe:1c:e1:
4d:fa:b8:1b:af:8e:21:44:e6:ed:12:34:c4:4a:ed:
d1:fa:31:eb:00:6f:9d:42:2d:49:94:0d:09:bf:11:
26:60:7d:b7:39:52:c2:6a:b8:84:b7:d4:09:2f:6c:
7d:cd:c2:2c:e2:10:96:b9:5d:81:87:9d:3a:bd:db:
c1:e5:13:43:fe:68:bc:da:12:ed:82:18:ae:03:5f:
09:23:92:2b:55:21:f2:d6:26:31:34:37:76:4c:32:
69:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:89:4E:FD:EE:51:18:2F:90:DA:8E:5F:61:9D:2F:9A:B1:51:38:F4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/molO_e5RGC-Q2o5fYZ0vmrFROPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:05:cc:03:3b:6c:93:38:a3:4d:51:2e:27:26:fc:a8:30:a5:
d4:02:83:2d:b6:e8:73:3d:8d:49:d8:99:25:03:91:4e:4f:f7:
19:39:45:3b:c9:bd:de:26:2e:e9:cf:e2:f1:f2:62:18:88:da:
36:65:52:88:e0:0c:e0:52:13:40:4f:50:44:ef:52:08:a0:f7:
27:3a:ae:a0:15:68:df:94:33:39:75:3a:16:18:42:85:99:9b:
73:05:a1:52:08:13:4f:5d:5d:a2:08:09:12:66:07:95:eb:d6:
dc:9a:fc:60:21:e6:7c:bd:c4:fe:06:70:80:f8:e9:b5:78:57:
96:68:d5:38:46:fd:74:e1:07:e3:55:b3:3f:17:fa:ec:d0:84:
a9:9a:f2:ee:bb:83:ff:39:7e:e0:df:a0:dc:74:66:de:c5:54:
24:0b:12:6b:87:e9:ec:17:95:2d:aa:28:9a:e6:0e:3b:a5:e7:
93:78:55:42:54:7d:d9:1b:c0:35:ce:6a:ed:84:0b:72:89:1c:
77:25:59:9a:72:13:38:f2:bd:6c:73:19:ed:8c:87:3e:bc:1a:
a9:a4:e5:27:22:d1:a8:77:05:61:66:29:09:29:cc:c6:52:5b:
9c:67:4d:46:06:84:dd:6f:da:57:22:5d:02:7a:bf:31:c7:a9:
9d:3e:41:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3bPkgQ7wyVhM7BNJCetzAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI0MTMxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTg5NGVmZGVlNTExODJmOTBkYThlNWY2MTlkMmY5YWIxNTEzOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDs/g3U3s6W/WZK52ELM9RXq+45d
582vmbM5dErKvGA+jy2XeBeLnmzt/zbJgLcngBxS4aQ3dPFbG9NI/00qHnzFqnlJ
W97kftzrmrydwKVihjbloVAACY/zxFRw6BjCv1TZoOXjKN16/W5x9KbMcWncfE5m
9XxKfVe++aqcrUcMVYxFtS/DzCafpog4Jv/2rF1fbev02hXZK1JgFHf0rH/+HOFN
+rgbr44hRObtEjTESu3R+jHrAG+dQi1JlA0JvxEmYH23OVLCariEt9QJL2x9zcIs
4hCWuV2Bh506vdvB5RND/mi82hLtghiuA18JI5IrVSHy1iYxNDd2TDJpwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJqJTv3uURgvkNqOX2GdL5qxUTj0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbW9sT19lNVJHQy1RMm81ZllaMHZtckZST1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKIFzAM7bJM4o01RLicm
/KgwpdQCgy226HM9jUnYmSUDkU5P9xk5RTvJvd4mLunP4vHyYhiI2jZlUojgDOBS
E0BPUETvUgig9yc6rqAVaN+UMzl1OhYYQoWZm3MFoVIIE09dXaIICRJmB5Xr1tya
/GAh5ny9xP4GcID46bV4V5Zo1ThG/XThB+NVsz8X+uzQhKma8u67g/85fuDfoNx0
Zt7FVCQLEmuH6ewXlS2qKJrmDjul55N4VUJUfdkbwDXOau2EC3KJHHclWZpyEzjy
vWxzGe2Mhz68Gqmk5Sci0ah3BWFmKQkpzMZSW5xnTUYGhN1v2lciXQJ6vzHHqZ0+
QUY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:08 2025 by rpki-client