Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mruuZ_cynHnn6nhLsyKlmCdhXZg.roa
File: mruuZ_cynHnn6nhLsyKlmCdhXZg.roa (raw, json)
Hash identifier: vHfmZccijhecKwrN+94I3jxyavBZ02idOtBjJP7ah3Y=
Subject key identifier: 9A:BB:AE:67:F7:32:9C:79:E7:EA:78:4B:B3:22:A5:98:27:61:5D:98
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EE2F4A2033A6E2AD6E14325C058ADEE51
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mruuZ_cynHnn6nhLsyKlmCdhXZg.roa
Signing time: Mon 15 Apr 2024 18:11:06 +0000
ROA not before: Mon 15 Apr 2024 18:11:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e2:f4:a2:03:3a:6e:2a:d6:e1:43:25:c0:58:ad:ee:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 15 18:11:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9abbae67f7329c79e7ea784bb322a59827615d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e7:9d:1e:f5:b1:7b:77:42:00:dd:04:db:b7:
e2:8d:31:93:f6:e6:db:b2:b0:86:2b:6b:fe:b6:4b:
64:61:b9:ca:20:82:fc:87:15:96:d6:36:41:90:fa:
2a:d8:a1:48:dc:ac:6f:88:fc:1e:a9:11:1a:88:71:
74:f9:db:48:b4:8b:0d:36:3f:a1:aa:f6:30:4c:80:
2b:6d:80:1b:d9:24:b0:0d:1a:a9:c7:32:92:b0:86:
2f:dd:84:dc:c0:b1:72:ad:e5:cc:8e:d2:d3:d2:96:
25:15:a5:a8:6a:68:0e:44:23:dc:fa:72:a8:e8:cb:
76:a9:29:31:36:4b:7e:7f:52:ec:54:fc:c1:41:4b:
63:ed:5e:df:f2:45:f8:90:9f:9c:65:6d:85:35:92:
34:6c:fc:8f:fd:bf:55:93:14:98:7e:7d:3d:b1:97:
62:9e:8c:22:b8:9e:52:cf:ee:1b:6c:dc:a3:ef:a2:
62:6b:d3:d4:9c:d3:6b:04:5a:b7:1f:5f:9a:e4:c6:
3f:b2:f1:85:42:78:cd:2b:41:a0:0b:c1:12:9a:c1:
ad:88:02:4b:9a:0a:3e:db:d9:be:7b:ed:e4:ea:a4:
9b:4e:c8:97:bf:4f:88:5b:65:d9:82:61:99:dd:ee:
c9:69:be:4f:a0:41:6d:7e:98:a3:1b:dc:f1:38:af:
d6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:BB:AE:67:F7:32:9C:79:E7:EA:78:4B:B3:22:A5:98:27:61:5D:98
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mruuZ_cynHnn6nhLsyKlmCdhXZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:bd:0d:da:1b:d5:bd:b2:b1:8b:1f:73:8f:f1:8c:81:6f:17:
76:58:1f:99:aa:ad:7d:32:84:3f:10:e0:54:17:f0:15:d9:63:
58:32:3d:10:1e:a3:d8:7b:74:af:83:0e:0c:ce:4e:7f:2c:3c:
a8:fc:14:71:f1:c1:68:dc:c8:33:5f:8a:92:88:d8:a1:b3:6a:
56:f1:a5:2d:3f:e9:b8:b8:59:3b:ba:a9:33:47:64:93:6b:07:
58:7b:c5:e0:b8:dd:b0:a2:9f:4e:a1:1c:29:1f:92:fa:ee:52:
68:df:e9:4a:86:72:46:bd:10:86:78:80:a0:a5:a7:53:91:4a:
61:94:0a:64:af:23:1f:5e:c7:fa:1c:03:88:0f:41:ce:ac:1d:
8b:4a:a6:e0:8a:da:2b:f3:01:2d:c9:72:1a:8c:3e:35:51:a3:
67:6a:37:8e:e0:cd:c6:bd:7a:3f:78:b8:4f:6a:9d:0d:a4:47:
c9:0e:1e:6a:6a:e3:c6:d9:53:52:24:74:d3:c0:23:c0:21:45:
d9:60:4b:65:fc:c6:1c:7d:01:78:45:31:ce:fb:0f:c9:e8:51:
b2:25:e4:69:a0:3d:97:89:d4:87:f9:7b:a8:7d:be:94:b8:c3:
96:c0:eb:c8:61:a6:21:89:a4:20:38:9e:54:70:0a:5a:c0:9a:
23:34:9d:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7i9KIDOm4q1uFDJcBYre5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE1MTgxMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWJiYWU2N2Y3MzI5Yzc5ZTdlYTc4NGJiMzIyYTU5ODI3NjE1ZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+edHvWxe3dCAN0E27fijTGT9ubb
srCGK2v+tktkYbnKIIL8hxWW1jZBkPoq2KFI3KxviPweqREaiHF0+dtItIsNNj+h
qvYwTIArbYAb2SSwDRqpxzKSsIYv3YTcwLFyreXMjtLT0pYlFaWoamgORCPc+nKo
6Mt2qSkxNkt+f1LsVPzBQUtj7V7f8kX4kJ+cZW2FNZI0bPyP/b9VkxSYfn09sZdi
nowiuJ5Sz+4bbNyj76Jia9PUnNNrBFq3H1+a5MY/svGFQnjNK0GgC8ESmsGtiAJL
mgo+29m+e+3k6qSbTsiXv0+IW2XZgmGZ3e7Jab5PoEFtfpijG9zxOK/W2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJq7rmf3Mpx55+p4S7MipZgnYV2YMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbXJ1dVpfY3luSG5uNm5oTHN5S2xtQ2RoWFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKa9Ddob1b2ysYsfc4/x
jIFvF3ZYH5mqrX0yhD8Q4FQX8BXZY1gyPRAeo9h7dK+DDgzOTn8sPKj8FHHxwWjc
yDNfipKI2KGzalbxpS0/6bi4WTu6qTNHZJNrB1h7xeC43bCin06hHCkfkvruUmjf
6UqGcka9EIZ4gKClp1ORSmGUCmSvIx9ex/ocA4gPQc6sHYtKpuCK2ivzAS3JchqM
PjVRo2dqN47gzca9ej94uE9qnQ2kR8kOHmpq48bZU1IkdNPAI8AhRdlgS2X8xhx9
AXhFMc77D8noUbIl5GmgPZeJ1If5e6h9vpS4w5bA68hhpiGJpCA4nlRwClrAmiM0
nYA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:28:02 2025 by rpki-client