Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/MMO6i56FnKlBeNe8RYwe-vuCHeM.roa
File: MMO6i56FnKlBeNe8RYwe-vuCHeM.roa (raw, json)
Hash identifier: XyZqfa6KADta8iFPM8DpzkBehJvXgj4MFmpIWbYCY+8=
Subject key identifier: 30:C3:BA:8B:9E:85:9C:A9:41:78:D7:BC:45:8C:1E:FA:FB:82:1D:E3
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F6DCB145F6A0A261A11FFE77F357CC0FB
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/MMO6i56FnKlBeNe8RYwe-vuCHeM.roa
Signing time: Sun 12 May 2024 17:12:56 +0000
ROA not before: Sun 12 May 2024 17:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6d:cb:14:5f:6a:0a:26:1a:11:ff:e7:7f:35:7c:c0:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 12 17:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30c3ba8b9e859ca94178d7bc458c1efafb821de3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8c:ac:11:d1:fe:6c:d7:c1:86:02:de:c0:b9:
4c:32:90:1b:c4:b3:d0:9a:75:8a:5c:0b:10:f0:6c:
33:41:14:46:95:e1:ef:5c:1f:a0:00:b4:3a:15:e3:
cd:95:c4:61:72:44:65:aa:00:82:46:02:6a:b2:99:
53:a8:35:00:6b:a9:c5:36:86:63:74:dd:11:e6:5f:
28:e3:78:bb:b5:e2:a3:5c:d2:bb:44:69:bc:3d:bb:
64:8c:cf:d3:40:62:d9:1b:92:26:ac:fd:3a:5a:2a:
10:50:ff:47:bd:82:e9:d2:ab:08:4d:db:ee:82:4d:
22:61:59:21:42:f7:3f:ef:04:74:c0:5c:90:f3:21:
6d:6c:67:b9:25:a6:1b:6f:9d:a2:dd:a0:65:3d:b7:
33:18:cc:1b:b6:34:be:4b:4a:62:d7:19:14:09:21:
7f:38:0e:2e:6d:f6:29:1c:f7:49:16:90:7d:f9:87:
22:9b:f8:89:ae:78:3f:0c:06:9f:7c:2c:69:69:3c:
2c:cb:98:54:95:72:52:18:45:5c:e1:f5:d7:d8:18:
ee:e3:58:8c:3a:bb:7a:88:7e:fe:4e:61:2a:d2:53:
a5:25:e4:c2:6c:8e:11:a5:0c:f9:78:bb:b6:2e:ca:
17:d7:79:ab:45:b5:81:83:31:fe:46:aa:9f:54:f5:
8d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C3:BA:8B:9E:85:9C:A9:41:78:D7:BC:45:8C:1E:FA:FB:82:1D:E3
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/MMO6i56FnKlBeNe8RYwe-vuCHeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:66:7c:e3:83:8c:15:67:51:42:3f:bf:b4:6b:f0:38:e7:5a:
84:b7:59:7b:27:e4:05:56:cd:92:41:d7:89:94:40:79:c1:e4:
71:9a:4c:18:6b:78:3e:f1:5f:b8:87:7c:2d:72:7b:a7:47:17:
dc:90:b7:ed:75:8f:5d:b0:0d:54:35:6f:14:86:9e:fa:f6:9c:
a1:4b:e5:38:49:1e:93:c5:48:47:31:d6:ac:5f:6f:da:3e:45:
e8:2d:d2:68:66:88:6e:5a:9c:45:63:d5:63:39:40:93:b8:bd:
1f:a0:15:a2:92:c7:a5:ac:22:1f:02:b0:99:75:e6:ea:0c:d6:
7a:1d:44:ee:90:7b:e5:2f:d9:15:0e:3b:e6:40:47:44:dc:95:
4b:a1:25:64:d6:a0:b0:f0:02:85:f0:1d:52:d8:65:dd:a4:e9:
8e:c2:5e:d1:01:ed:cb:63:cd:36:84:41:af:27:4b:03:22:2c:
09:af:f1:b8:f8:b8:75:3d:b6:b5:3b:fb:67:e1:01:39:d8:8b:
f0:44:28:83:ff:42:b6:3e:60:0d:e2:6b:c9:c3:2c:c8:64:b5:
9e:cf:6a:63:e4:a2:58:6a:3f:13:73:32:c4:3f:41:35:ec:cf:
74:aa:0e:e5:99:1c:a8:ac:42:8c:24:40:c4:ac:ef:6b:52:cf:
e9:b4:f5:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9tyxRfagomGhH/5381fMD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEyMTcxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGMzYmE4YjllODU5Y2E5NDE3OGQ3YmM0NThjMWVmYWZiODIxZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYysEdH+bNfBhgLewLlMMpAbxLPQ
mnWKXAsQ8GwzQRRGleHvXB+gALQ6FePNlcRhckRlqgCCRgJqsplTqDUAa6nFNoZj
dN0R5l8o43i7teKjXNK7RGm8PbtkjM/TQGLZG5ImrP06WioQUP9HvYLp0qsITdvu
gk0iYVkhQvc/7wR0wFyQ8yFtbGe5JaYbb52i3aBlPbczGMwbtjS+S0pi1xkUCSF/
OA4ubfYpHPdJFpB9+Ycim/iJrng/DAaffCxpaTwsy5hUlXJSGEVc4fXX2Bju41iM
Ort6iH7+TmEq0lOlJeTCbI4RpQz5eLu2LsoX13mrRbWBgzH+RqqfVPWN9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDDDuouehZypQXjXvEWMHvr7gh3jMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvTU1PNmk1NkZuS2xCZU5lOFJZd2UtdnVDSGVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGBmfOODjBVnUUI/v7Rr
8DjnWoS3WXsn5AVWzZJB14mUQHnB5HGaTBhreD7xX7iHfC1ye6dHF9yQt+11j12w
DVQ1bxSGnvr2nKFL5ThJHpPFSEcx1qxfb9o+Regt0mhmiG5anEVj1WM5QJO4vR+g
FaKSx6WsIh8CsJl15uoM1nodRO6Qe+Uv2RUOO+ZAR0TclUuhJWTWoLDwAoXwHVLY
Zd2k6Y7CXtEB7ctjzTaEQa8nSwMiLAmv8bj4uHU9trU7+2fhATnYi/BEKIP/QrY+
YA3ia8nDLMhktZ7PamPkolhqPxNzMsQ/QTXsz3SqDuWZHKisQowkQMSs72tSz+m0
9YA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:51:32 2025 by rpki-client