Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xMLzHDxdIEMpVyMloWK4jRKF3no.roa
File: xMLzHDxdIEMpVyMloWK4jRKF3no.roa (raw, json)
Hash identifier: O4aYVZ1h6M6hGXvqIlr3e4tkGJjePpPHWkbbWHOF0Fg=
Subject key identifier: C4:C2:F3:1C:3C:5D:20:43:29:57:23:25:A1:62:B8:8D:12:85:DE:7A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D9E860D4A0B2D25C02C30D7E34153165A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xMLzHDxdIEMpVyMloWK4jRKF3no.roa
Signing time: Mon 12 Feb 2024 18:13:21 +0000
ROA not before: Mon 12 Feb 2024 18:13:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9e:86:0d:4a:0b:2d:25:c0:2c:30:d7:e3:41:53:16:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 12 18:13:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4c2f31c3c5d204329572325a162b88d1285de7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f1:26:c3:e3:d0:dc:01:b6:8a:eb:cc:75:95:
d9:d3:e4:20:4a:34:86:93:81:fc:a8:fc:d5:3d:5a:
78:c3:20:10:00:49:8b:51:cc:4e:2a:26:1f:85:1d:
da:a5:27:66:a9:39:62:20:c2:f0:97:23:95:cc:b9:
2a:57:ed:12:0b:0f:b2:f8:81:b6:de:74:01:be:41:
bd:1a:31:18:6e:cd:cc:35:60:b2:bb:d8:fa:bf:e0:
c4:30:a6:69:09:38:d3:84:33:05:28:35:70:0b:72:
a5:c6:6b:eb:d1:48:e8:ef:dd:87:65:0a:c7:23:af:
f4:4a:b2:1a:97:29:de:c9:64:eb:d4:f9:fa:95:dc:
01:1b:e8:5c:79:3d:f0:a9:3e:8b:95:08:2e:f4:91:
ea:6e:41:19:33:4b:35:af:c1:f2:b4:65:fc:c2:f9:
bc:10:77:d3:47:7f:13:03:8b:41:75:32:f1:e7:fd:
17:d9:53:d5:16:60:b3:73:66:4e:e4:80:2c:ac:45:
47:24:17:b9:a4:49:fc:b3:bf:fb:4f:c7:5f:fd:a8:
41:eb:e3:eb:6e:bf:db:1e:84:b2:52:71:6b:7e:38:
e6:e6:81:79:39:65:42:a9:2d:e1:76:c9:52:3e:95:
87:e9:22:98:48:08:c1:e0:65:8c:df:3f:1e:1c:29:
8e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C2:F3:1C:3C:5D:20:43:29:57:23:25:A1:62:B8:8D:12:85:DE:7A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/xMLzHDxdIEMpVyMloWK4jRKF3no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:46:c9:85:6b:6d:73:ba:d2:18:d1:2b:61:c6:c8:a6:db:83:
28:5b:55:96:39:23:d7:e1:01:28:89:60:c0:57:ff:72:2b:46:
03:70:47:e2:85:26:30:67:af:62:5d:fa:22:27:f9:70:0b:ec:
8f:82:1a:4a:02:bf:0c:84:fa:6a:7b:b7:9a:6f:b3:a9:d1:8c:
42:ed:a9:f2:58:f1:ba:de:93:08:4f:2f:03:a8:c5:36:58:28:
55:5e:48:e2:3a:dc:21:ec:bc:1a:fd:e1:c0:c1:c8:5e:8b:e9:
66:c2:86:c1:c7:d2:0b:2d:d2:f1:6b:40:d4:b5:59:0f:77:c3:
94:53:e5:fb:d5:43:85:1f:dc:a9:bd:3d:77:5a:dc:c2:5f:57:
23:28:82:95:0c:a0:fc:57:d6:3c:62:c5:9c:c7:9f:e4:fb:43:
8f:24:87:70:b3:8a:30:35:ac:37:71:12:e7:6e:a9:e7:1b:85:
e8:c0:78:2f:98:f4:eb:cf:97:5f:32:89:e0:52:72:e0:04:33:
a7:38:f8:e0:7b:26:f8:b1:73:ed:03:07:79:59:cb:ec:14:9a:
c7:6e:8f:16:af:7d:3c:9a:85:af:c7:0c:98:56:7b:b0:ff:2e:
cb:ca:84:ee:9d:13:8d:7c:c1:5f:7a:b1:f8:33:b7:5d:8b:81:
6e:62:2b:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2ehg1KCy0lwCww1+NBUxZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEyMTgxMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGMyZjMxYzNjNWQyMDQzMjk1NzIzMjVhMTYyYjg4ZDEyODVkZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvEmw+PQ3AG2iuvMdZXZ0+QgSjSG
k4H8qPzVPVp4wyAQAEmLUcxOKiYfhR3apSdmqTliIMLwlyOVzLkqV+0SCw+y+IG2
3nQBvkG9GjEYbs3MNWCyu9j6v+DEMKZpCTjThDMFKDVwC3Klxmvr0Ujo792HZQrH
I6/0SrIalyneyWTr1Pn6ldwBG+hceT3wqT6LlQgu9JHqbkEZM0s1r8HytGX8wvm8
EHfTR38TA4tBdTLx5/0X2VPVFmCzc2ZO5IAsrEVHJBe5pEn8s7/7T8df/ahB6+Pr
br/bHoSyUnFrfjjm5oF5OWVCqS3hdslSPpWH6SKYSAjB4GWM3z8eHCmOnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMTC8xw8XSBDKVcjJaFiuI0Shd56MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveE1MekhEeGRJRU1wVnlNbG9XSzRqUktGM25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIhGyYVrbXO60hjRK2HG
yKbbgyhbVZY5I9fhASiJYMBX/3IrRgNwR+KFJjBnr2Jd+iIn+XAL7I+CGkoCvwyE
+mp7t5pvs6nRjELtqfJY8brekwhPLwOoxTZYKFVeSOI63CHsvBr94cDByF6L6WbC
hsHH0gst0vFrQNS1WQ93w5RT5fvVQ4Uf3Km9PXda3MJfVyMogpUMoPxX1jxixZzH
n+T7Q48kh3CzijA1rDdxEuduqecbhejAeC+Y9OvPl18yieBScuAEM6c4+OB7Jvix
c+0DB3lZy+wUmsdujxavfTyaha/HDJhWe7D/LsvKhO6dE418wV96sfgzt12LgW5i
K1g=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:15 2025 by rpki-client