Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MZLbhu5xFTK_uxDM6RXtojw_wRc.roa
File: MZLbhu5xFTK_uxDM6RXtojw_wRc.roa (raw, json)
Hash identifier: GLgPwT662y2L8MgxMftPAdaROK2gENWu4pY6bVcXpzc=
Subject key identifier: 31:92:DB:86:EE:71:15:32:BF:BB:10:CC:E9:15:ED:A2:3C:3F:C1:17
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D3114042543C3B12E4EEC73A30753DBD4
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MZLbhu5xFTK_uxDM6RXtojw_wRc.roa
Signing time: Mon 22 Jan 2024 12:10:11 +0000
ROA not before: Mon 22 Jan 2024 12:10:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:14:04:25:43:c3:b1:2e:4e:ec:73:a3:07:53:db:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 22 12:10:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3192db86ee711532bfbb10cce915eda23c3fc117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:40:3c:fd:1e:1a:47:d1:fd:19:a7:f1:c7:1d:
58:de:9f:b7:8e:6c:ac:a3:3f:f4:78:ea:3b:3b:24:
34:d5:45:99:65:e5:e3:0a:63:c5:47:da:c5:9f:87:
40:e4:53:cd:ee:bd:0c:8f:0b:be:00:71:3d:8b:cc:
7b:03:be:bd:36:ac:02:94:da:21:d0:52:5e:4a:f1:
83:3f:9e:79:3b:c4:9f:a3:ed:42:96:34:47:43:f2:
33:f0:34:36:c7:c6:9e:ae:2c:3e:f1:6b:24:f3:37:
3e:84:a7:a4:7d:bf:86:14:11:be:74:1d:c3:a9:51:
0d:8d:03:7b:93:4f:75:31:b2:21:9a:e0:4a:59:b5:
38:54:10:15:8b:98:3d:f4:37:7b:bb:ac:38:cf:f7:
73:61:e3:9c:5b:aa:29:b5:36:a4:ad:58:c8:aa:9d:
9e:03:a9:9e:5f:78:84:1f:86:f1:95:00:85:1d:31:
e1:e9:14:3f:a1:65:6d:4b:c8:a3:59:b8:22:44:eb:
1a:f3:36:55:86:ad:45:83:60:bd:de:fa:b9:a6:09:
a3:a1:17:a2:9a:c9:e5:a0:09:88:5d:df:3a:cf:ef:
35:52:ca:7a:fd:51:b5:c8:8b:17:c9:fc:3e:1b:6f:
69:cd:31:e9:4d:24:92:ed:3e:26:57:76:5f:ae:54:
b6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:92:DB:86:EE:71:15:32:BF:BB:10:CC:E9:15:ED:A2:3C:3F:C1:17
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MZLbhu5xFTK_uxDM6RXtojw_wRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:82:6b:1f:ea:34:4b:e8:d2:aa:36:67:cc:fd:cc:18:80:ad:
3b:d5:05:8b:2f:cd:90:39:41:38:9f:6a:3e:ec:ec:63:8a:da:
fe:b6:a1:44:3b:a6:f2:dc:a6:16:a6:ea:94:54:a3:f6:4b:af:
27:c4:05:61:09:2b:87:e4:dc:6d:c8:5a:38:f7:ae:3e:83:dd:
da:d5:99:9e:d4:94:77:22:c7:7d:5f:e9:2c:63:7c:24:d1:00:
74:c4:c0:fb:49:10:8c:4f:41:6d:04:ac:23:47:1d:0d:68:8a:
a3:92:17:ea:fb:ae:91:fb:da:d2:fd:13:1b:98:84:74:ab:ee:
0a:28:1f:45:52:93:5e:6e:c0:ff:d1:29:86:d0:83:69:39:21:
f4:32:90:c2:10:c0:a9:95:fa:6d:9b:e5:56:e7:69:18:cc:11:
4b:9c:a6:06:b7:82:7c:bb:66:8c:02:9a:44:39:ba:01:d4:96:
1f:ea:72:b3:1d:05:6a:2a:6d:b7:70:e5:79:f0:27:0c:50:a6:
cb:b3:3d:24:5f:c2:f7:52:40:5b:75:a4:bb:4c:ad:7e:70:22:
ac:df:f9:43:fa:0f:38:b0:96:24:28:1d:82:aa:9b:16:d9:d4:
68:57:06:1e:18:55:1b:2b:e9:17:65:c1:ec:bf:21:c2:d9:68:
d2:33:b9:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0xFAQlQ8OxLk7sc6MHU9vUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIyMTIxMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTkyZGI4NmVlNzExNTMyYmZiYjEwY2NlOTE1ZWRhMjNjM2ZjMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEA8/R4aR9H9Gafxxx1Y3p+3jmys
oz/0eOo7OyQ01UWZZeXjCmPFR9rFn4dA5FPN7r0Mjwu+AHE9i8x7A769NqwClNoh
0FJeSvGDP555O8Sfo+1CljRHQ/Iz8DQ2x8aeriw+8Wsk8zc+hKekfb+GFBG+dB3D
qVENjQN7k091MbIhmuBKWbU4VBAVi5g99Dd7u6w4z/dzYeOcW6optTakrVjIqp2e
A6meX3iEH4bxlQCFHTHh6RQ/oWVtS8ijWbgiROsa8zZVhq1Fg2C93vq5pgmjoRei
msnloAmIXd86z+81Usp6/VG1yIsXyfw+G29pzTHpTSSS7T4mV3ZfrlS2lwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDGS24bucRUyv7sQzOkV7aI8P8EXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTVpMYmh1NXhGVEtfdXhETTZSWHRvandfd1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF+Cax/qNEvo0qo2Z8z9
zBiArTvVBYsvzZA5QTifaj7s7GOK2v62oUQ7pvLcpham6pRUo/ZLryfEBWEJK4fk
3G3IWjj3rj6D3drVmZ7UlHcix31f6SxjfCTRAHTEwPtJEIxPQW0ErCNHHQ1oiqOS
F+r7rpH72tL9ExuYhHSr7gooH0VSk15uwP/RKYbQg2k5IfQykMIQwKmV+m2b5Vbn
aRjMEUucpga3gny7ZowCmkQ5ugHUlh/qcrMdBWoqbbdw5XnwJwxQpsuzPSRfwvdS
QFt1pLtMrX5wIqzf+UP6DziwliQoHYKqmxbZ1GhXBh4YVRsr6Rdlwey/IcLZaNIz
uec=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:01:38 2025 by rpki-client