Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ms8scRj1pTqONKzqFsUqbLTFCIo.roa
File: ms8scRj1pTqONKzqFsUqbLTFCIo.roa (raw, json)
Hash identifier: UI6h7MzQNXM4X+JWt7ytr6+c1lpbBikDSFY7hUERM6A=
Subject key identifier: 9A:CF:2C:71:18:F5:A5:3A:8E:34:AC:EA:16:C5:2A:6C:B4:C5:08:8A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E2E13AD044940FF8C380D372BC7F7A64A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ms8scRj1pTqONKzqFsUqbLTFCIo.roa
Signing time: Mon 11 Mar 2024 15:13:45 +0000
ROA not before: Mon 11 Mar 2024 15:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:13:ad:04:49:40:ff:8c:38:0d:37:2b:c7:f7:a6:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 11 15:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9acf2c7118f5a53a8e34acea16c52a6cb4c5088a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2e:ad:c0:71:0a:c6:6d:ca:d6:51:13:ad:c5:
1f:44:26:bb:5f:e4:20:93:6a:e7:dd:9d:1d:5c:d4:
ec:2f:89:e6:5c:4f:96:1c:96:c6:29:d7:87:0d:e2:
10:78:3f:c6:32:24:7b:41:64:81:e9:fe:8c:f8:42:
b7:90:48:dc:8b:d8:ba:bc:93:53:ff:2f:50:0f:58:
40:4b:51:78:82:8e:33:3f:7a:a1:4a:bd:af:5e:02:
ba:7a:f3:78:a8:bd:60:64:3c:5e:5b:64:56:f2:9b:
f7:36:f7:4f:ac:de:5f:ee:f7:22:49:04:a0:ff:20:
23:3d:f6:e3:17:9e:89:06:d2:8e:26:22:44:83:88:
c7:b8:10:19:55:8d:a7:b1:ba:af:38:49:f4:7e:53:
f3:ff:3e:00:38:67:fd:2d:53:e7:49:3b:b1:8c:cf:
8d:d2:a9:b7:1f:72:c4:40:4a:07:c6:6a:eb:9a:d7:
34:36:e2:bc:a6:47:5a:dc:89:d3:fb:2e:20:91:c9:
d5:d7:5c:40:5c:2b:ed:fc:ee:28:90:3e:81:56:30:
10:14:0c:36:f7:a0:95:29:d6:13:b7:5e:49:e2:10:
95:95:5b:ba:3b:aa:83:b4:51:0c:db:dd:01:a3:1c:
3e:9d:ec:fb:35:6a:9d:85:fa:fe:ca:59:94:7f:c1:
a7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CF:2C:71:18:F5:A5:3A:8E:34:AC:EA:16:C5:2A:6C:B4:C5:08:8A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ms8scRj1pTqONKzqFsUqbLTFCIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:7e:0f:11:b0:1e:06:27:62:2d:d3:f8:87:0a:3a:47:49:f8:
1d:08:e5:9e:e2:aa:ee:15:b0:78:6a:d2:6e:fc:ab:b6:51:4b:
7e:a4:d9:08:40:54:1d:04:4e:e9:14:aa:39:2a:40:c6:ca:3c:
f3:4f:67:75:ca:a0:20:6b:08:1c:fa:93:df:2d:79:f4:31:6f:
3b:72:4e:18:d7:43:c5:3f:ce:62:2f:c5:1b:9e:30:ec:17:94:
1e:14:ba:fa:41:fa:ea:f2:ec:7e:61:0a:af:c3:5b:d8:97:35:
f1:cb:ac:48:e1:67:da:60:24:a4:91:71:24:51:f8:86:78:dc:
74:bf:6c:2c:3c:8a:77:60:36:51:56:34:78:34:dd:bd:7c:c4:
24:40:28:13:aa:fd:90:ea:df:c2:ec:aa:21:29:5e:f7:54:3e:
18:ab:85:f8:2c:1b:cf:52:d7:69:d6:21:2d:a2:7a:9a:3b:e6:
99:52:51:98:6a:b3:52:ff:51:cc:be:af:17:28:31:93:9c:0d:
4f:4c:38:c4:15:cf:90:a1:b2:ec:20:c4:d2:6b:eb:aa:04:f3:
4c:b4:19:5b:6e:6f:aa:c6:b9:81:82:8e:11:9d:24:4e:a0:d9:
42:c6:b7:a1:63:a6:67:dd:39:e8:22:f6:d5:80:92:dd:59:ef:
94:29:bc:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4uE60ESUD/jDgNNyvH96ZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzExMTUxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWNmMmM3MTE4ZjVhNTNhOGUzNGFjZWExNmM1MmE2Y2I0YzUwODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2i6twHEKxm3K1lETrcUfRCa7X+Qg
k2rn3Z0dXNTsL4nmXE+WHJbGKdeHDeIQeD/GMiR7QWSB6f6M+EK3kEjci9i6vJNT
/y9QD1hAS1F4go4zP3qhSr2vXgK6evN4qL1gZDxeW2RW8pv3NvdPrN5f7vciSQSg
/yAjPfbjF56JBtKOJiJEg4jHuBAZVY2nsbqvOEn0flPz/z4AOGf9LVPnSTuxjM+N
0qm3H3LEQEoHxmrrmtc0NuK8pkda3InT+y4gkcnV11xAXCvt/O4okD6BVjAQFAw2
96CVKdYTt15J4hCVlVu6O6qDtFEM290Boxw+nez7NWqdhfr+ylmUf8GnOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJrPLHEY9aU6jjSs6hbFKmy0xQiKMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbXM4c2NSajFwVHFPTkt6cUZzVXFiTFRGQ0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGF+DxGwHgYnYi3T+IcK
OkdJ+B0I5Z7iqu4VsHhq0m78q7ZRS36k2QhAVB0ETukUqjkqQMbKPPNPZ3XKoCBr
CBz6k98tefQxbztyThjXQ8U/zmIvxRueMOwXlB4UuvpB+ury7H5hCq/DW9iXNfHL
rEjhZ9pgJKSRcSRR+IZ43HS/bCw8indgNlFWNHg03b18xCRAKBOq/ZDq38LsqiEp
XvdUPhirhfgsG89S12nWIS2iepo75plSUZhqs1L/Ucy+rxcoMZOcDU9MOMQVz5Ch
suwgxNJr66oE80y0GVtub6rGuYGCjhGdJE6g2ULGt6FjpmfdOegi9tWAkt1Z75Qp
vH4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:07 2025 by rpki-client