Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mxOBCDEWwSmBLeCATsdhRObGNlw.roa
File: mxOBCDEWwSmBLeCATsdhRObGNlw.roa (raw, json)
Hash identifier: Z/HrGvPp7hfmPoWxPdyjKweT/sHbraZiSEdxwF/uw+A=
Subject key identifier: 9B:13:81:08:31:16:C1:29:81:2D:E0:80:4E:C7:61:44:E6:C6:36:5C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D539AF1B0431AFB18DA2E7AACE5EE5F08
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mxOBCDEWwSmBLeCATsdhRObGNlw.roa
Signing time: Mon 29 Jan 2024 05:04:39 +0000
ROA not before: Mon 29 Jan 2024 05:04:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:539a:6d03/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:53:9a:f1:b0:43:1a:fb:18:da:2e:7a:ac:e5:ee:5f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 29 05:04:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b1381083116c129812de0804ec76144e6c6365c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:35:ce:a8:9e:dd:8c:c8:64:c6:c0:1d:30:64:
1a:10:be:06:34:75:96:95:48:f4:3e:f7:64:67:40:
5b:b7:a8:54:dc:4f:9d:62:2c:1e:fa:68:c5:e4:bc:
18:88:66:3e:9f:27:cb:3a:c6:dc:ab:ea:8b:1f:92:
f8:4c:4e:4f:df:74:2e:e9:1a:10:45:a6:e8:8d:88:
6f:3f:49:54:77:6a:b1:f0:7e:30:a9:1d:3a:f1:9c:
a3:72:64:3c:4d:e1:c6:f2:13:89:25:d8:92:ef:15:
9b:22:8b:cf:05:db:12:35:b4:ed:37:50:4a:6c:a6:
6b:04:b5:4a:d0:5e:36:91:0f:ab:8a:e8:5e:f8:3c:
f8:dd:f5:8f:10:18:97:85:8e:2a:4f:ae:1e:ad:43:
b8:58:e5:c0:51:4f:7b:e5:c2:36:db:0d:69:25:2e:
a1:ca:70:45:d5:b1:d5:92:9c:b7:cb:44:d9:7c:c1:
d4:51:6a:5a:2f:7c:ee:8f:de:14:8e:37:cf:a5:ea:
2e:ce:31:33:c9:bd:df:94:42:f3:9c:b4:46:b9:27:
47:b3:ce:1d:04:81:2b:61:e0:ba:78:bd:20:29:24:
a3:dc:36:8d:b5:df:fe:23:4f:bf:3c:52:5d:b2:23:
cf:56:cc:f8:5c:3c:8c:ca:b3:b5:1f:ef:fa:11:75:
49:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:13:81:08:31:16:C1:29:81:2D:E0:80:4E:C7:61:44:E6:C6:36:5C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mxOBCDEWwSmBLeCATsdhRObGNlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:18:d4:3a:56:a1:4c:25:d8:9a:fb:dd:ba:8a:ab:b8:4d:31:
49:c5:7c:32:73:26:96:f0:b2:be:e8:8f:f9:1c:4d:7c:51:f4:
18:d4:bc:2f:1b:3f:d0:41:8d:9b:5e:12:c6:ce:98:f7:2c:bb:
b9:e6:e8:00:ff:ab:e3:5c:ce:22:2e:e8:68:69:18:9d:14:1c:
ff:09:59:f2:55:02:8c:09:49:04:a1:bb:0c:ce:ec:b4:61:fe:
c1:22:9d:0c:85:ed:9a:11:50:be:ef:bb:ad:c7:ac:51:7e:2f:
8f:7a:57:f5:d7:d6:e0:fc:73:e9:91:ce:c2:d9:4d:8e:55:ec:
1a:7b:57:6e:7a:ef:95:9c:5d:1c:67:29:10:4d:13:2e:4f:b9:
50:49:0a:21:9c:c9:0a:e1:00:9f:bd:bb:7c:a2:c6:18:7c:a9:
58:34:ec:09:68:21:cb:bd:02:36:58:d8:ba:dd:28:9a:3c:b2:
68:37:ed:00:e2:f9:7d:1b:3d:a9:6b:0b:bc:b7:9e:9c:c4:e5:
3c:cb:4c:27:7c:1a:2e:8d:98:7d:6d:51:ee:d0:e8:62:6f:76:
ff:7c:81:c4:f0:71:51:01:09:19:85:85:69:36:9d:83:2a:02:
cb:3d:de:34:1d:34:8e:3a:8a:c2:72:a7:be:09:c8:8e:b3:50:
4a:7a:fc:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1TmvGwQxr7GNoueqzl7l8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI5MDUwNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjEzODEwODMxMTZjMTI5ODEyZGUwODA0ZWM3NjE0NGU2YzYzNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjXOqJ7djMhkxsAdMGQaEL4GNHWW
lUj0PvdkZ0Bbt6hU3E+dYiwe+mjF5LwYiGY+nyfLOsbcq+qLH5L4TE5P33Qu6RoQ
RabojYhvP0lUd2qx8H4wqR068ZyjcmQ8TeHG8hOJJdiS7xWbIovPBdsSNbTtN1BK
bKZrBLVK0F42kQ+riuhe+Dz43fWPEBiXhY4qT64erUO4WOXAUU975cI22w1pJS6h
ynBF1bHVkpy3y0TZfMHUUWpaL3zuj94UjjfPpeouzjEzyb3flELznLRGuSdHs84d
BIErYeC6eL0gKSSj3DaNtd/+I0+/PFJdsiPPVsz4XDyMyrO1H+/6EXVJ2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJsTgQgxFsEpgS3ggE7HYUTmxjZcMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbXhPQkNERVd3U21CTGVDQVRzZGhST2JHTmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC0Y1DpWoUwl2Jr73bqK
q7hNMUnFfDJzJpbwsr7oj/kcTXxR9BjUvC8bP9BBjZteEsbOmPcsu7nm6AD/q+Nc
ziIu6GhpGJ0UHP8JWfJVAowJSQShuwzO7LRh/sEinQyF7ZoRUL7vu63HrFF+L496
V/XX1uD8c+mRzsLZTY5V7Bp7V25675WcXRxnKRBNEy5PuVBJCiGcyQrhAJ+9u3yi
xhh8qVg07AloIcu9AjZY2LrdKJo8smg37QDi+X0bPalrC7y3npzE5TzLTCd8Gi6N
mH1tUe7Q6GJvdv98gcTwcVEBCRmFhWk2nYMqAss93jQdNI46isJyp74JyI6zUEp6
/D0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:16:07 2025 by rpki-client