Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nMpY3_2QAOAmSQB9ePjHhpHbQZA.roa
File: nMpY3_2QAOAmSQB9ePjHhpHbQZA.roa (raw, json)
Hash identifier: 5mgpXgp0G/jta0LPmWDFXn9QyiX1aT8RGGLrvqeuo+I=
Subject key identifier: 9C:CA:58:DF:FD:90:00:E0:26:49:00:7D:78:F8:C7:86:91:DB:41:90
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EC0D167ABB50043C6F047EE3BA34EDE28
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nMpY3_2QAOAmSQB9ePjHhpHbQZA.roa
Signing time: Tue 09 Apr 2024 03:05:32 +0000
ROA not before: Tue 09 Apr 2024 03:05:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:c0d1:1137/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c0:d1:67:ab:b5:00:43:c6:f0:47:ee:3b:a3:4e:de:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 9 03:05:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cca58dffd9000e02649007d78f8c78691db4190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:92:6a:dd:55:95:86:ce:76:07:53:97:f6:f6:
7b:30:63:2e:e2:c6:6a:af:c7:b9:b9:f2:17:5d:c7:
95:f6:2b:58:3f:d3:3e:1c:0b:95:ab:62:85:c5:69:
35:78:eb:55:3b:2e:3d:82:42:30:8a:f1:e1:fa:91:
9b:bc:0a:1e:01:c8:d7:55:f8:30:3b:6c:78:e2:6b:
74:a0:34:65:ec:0f:4e:37:86:e4:d0:d7:56:3b:3a:
72:e3:9f:dc:8b:18:e3:de:20:ca:e8:3f:f4:e4:5a:
8e:6e:17:bd:ec:bb:50:5f:5a:b4:96:98:3a:01:75:
fc:11:9a:04:b1:cc:e2:00:c4:71:c7:9b:b8:2a:98:
40:98:e5:d5:71:95:9f:42:95:8c:45:f1:95:8e:00:
b0:5b:ea:bf:f0:2a:23:02:c6:34:6c:e5:1b:73:6d:
07:cd:ac:d0:49:1f:77:af:2c:fb:47:73:b0:2f:d5:
e9:0c:b4:45:b1:62:cd:2c:bf:a9:45:e8:5d:f4:ac:
a6:53:98:3a:4b:9a:22:41:3c:0b:b9:07:30:5a:a7:
b1:8d:8b:b1:fd:99:ba:f9:33:dd:58:d8:0a:0f:68:
ca:f9:db:0c:53:c2:a3:1f:1e:8b:bc:c2:a1:db:64:
12:a7:0e:9f:29:09:44:68:b2:27:80:fa:ce:ee:fb:
29:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CA:58:DF:FD:90:00:E0:26:49:00:7D:78:F8:C7:86:91:DB:41:90
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/nMpY3_2QAOAmSQB9ePjHhpHbQZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
30:12:c0:2b:a4:db:14:4f:2b:9b:3d:11:4f:2d:7c:60:19:47:
f2:eb:bd:25:6a:d2:30:86:11:d5:33:2b:6f:3d:7f:ed:1c:73:
ab:19:58:8d:37:5e:ad:40:a3:f1:46:f5:61:ae:ce:e7:a2:5a:
ca:b4:88:ad:41:e0:4a:04:f9:47:d7:c1:eb:ff:eb:c7:4a:5a:
66:ac:00:6e:34:e9:48:4e:44:47:40:da:dd:13:a6:de:9b:ba:
aa:c1:87:cf:ab:2d:a2:8b:04:46:f5:28:71:ac:c7:bc:71:3e:
91:0a:47:cf:05:1f:74:4a:be:6d:4b:83:27:07:1f:a1:d0:3e:
17:79:25:aa:ad:4f:ae:f8:67:60:0d:d3:e1:8f:0d:e0:6a:d9:
11:a6:7b:d8:fe:34:0a:7a:87:0b:cf:cf:39:9c:b6:81:13:94:
4e:2c:d9:11:d5:83:09:8e:b5:31:a2:97:ae:5d:f0:18:2b:4e:
46:ac:d2:ec:46:35:2e:f2:12:6b:25:2b:63:5a:81:ea:ba:9f:
c5:5e:b1:bb:00:4a:cc:be:8c:30:d1:5f:fc:cb:bd:92:bd:01:
0b:95:77:7a:e8:89:57:74:36:57:30:b1:38:7b:51:e9:56:85:
f2:8f:3a:d7:69:24:9d:85:a6:06:06:4e:81:94:ba:68:4a:3c:
b7:7c:62:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7A0WertQBDxvBH7jujTt4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA5MDMwNTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2NhNThkZmZkOTAwMGUwMjY0OTAwN2Q3OGY4Yzc4NjkxZGI0MTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5Jq3VWVhs52B1OX9vZ7MGMu4sZq
r8e5ufIXXceV9itYP9M+HAuVq2KFxWk1eOtVOy49gkIwivHh+pGbvAoeAcjXVfgw
O2x44mt0oDRl7A9ON4bk0NdWOzpy45/cixjj3iDK6D/05FqObhe97LtQX1q0lpg6
AXX8EZoEscziAMRxx5u4KphAmOXVcZWfQpWMRfGVjgCwW+q/8CojAsY0bOUbc20H
zazQSR93ryz7R3OwL9XpDLRFsWLNLL+pRehd9KymU5g6S5oiQTwLuQcwWqexjYux
/Zm6+TPdWNgKD2jK+dsMU8KjHx6LvMKh22QSpw6fKQlEaLIngPrO7vsp/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJzKWN/9kADgJkkAfXj4x4aR20GQMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbk1wWTNfMlFBT0FtU1FCOWVQakhocEhiUVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADASwCuk2xRPK5s9EU8t
fGAZR/LrvSVq0jCGEdUzK289f+0cc6sZWI03Xq1Ao/FG9WGuzueiWsq0iK1B4EoE
+UfXwev/68dKWmasAG406UhOREdA2t0Tpt6buqrBh8+rLaKLBEb1KHGsx7xxPpEK
R88FH3RKvm1LgycHH6HQPhd5JaqtT674Z2AN0+GPDeBq2RGme9j+NAp6hwvPzzmc
toETlE4s2RHVgwmOtTGil65d8BgrTkas0uxGNS7yEmslK2Nageq6n8VesbsASsy+
jDDRX/zLvZK9AQuVd3roiVd0NlcwsTh7UelWhfKPOtdpJJ2FpgYGToGUumhKPLd8
YhQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:35 2025 by rpki-client