Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MfmqOWZUfcKBrb5lqO5cjOfnuy4.roa
File: MfmqOWZUfcKBrb5lqO5cjOfnuy4.roa (raw, json)
Hash identifier: FTkoNM9YvnRsNOKRyOuGy8/B/qPZsyVDLNuUgGzFtTM=
Subject key identifier: 31:F9:AA:39:66:54:7D:C2:81:AD:BE:65:A8:EE:5C:8C:E7:E7:BB:2E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D875C15503B8E125F7A01A9E498DC160A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MfmqOWZUfcKBrb5lqO5cjOfnuy4.roa
Signing time: Thu 08 Feb 2024 06:16:15 +0000
ROA not before: Thu 08 Feb 2024 06:16:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:87:5c:15:50:3b:8e:12:5f:7a:01:a9:e4:98:dc:16:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 8 06:16:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31f9aa3966547dc281adbe65a8ee5c8ce7e7bb2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:65:bb:93:8e:b7:3c:4b:d1:25:ea:79:96:a7:
f9:24:88:a4:41:a5:eb:97:c7:7d:7b:34:5c:8c:9a:
0e:f8:83:6d:cf:90:72:5e:c3:69:65:f1:c6:72:bb:
54:60:d2:21:3b:3c:01:8d:15:2b:7c:92:72:5e:31:
e8:22:29:66:51:3c:44:bf:66:78:1a:53:04:93:b8:
a9:0d:12:a9:67:99:31:f6:56:36:2a:7c:44:2a:fe:
85:ba:da:6c:ae:e0:87:f1:f0:d6:e7:71:df:0d:f2:
53:13:6d:39:4a:31:46:c9:ec:e4:65:42:6b:10:f9:
c0:98:b4:ac:5e:c8:21:94:13:e5:30:38:4e:94:01:
1b:9f:c2:37:f9:b0:e4:5c:31:fd:26:e8:62:1a:dc:
20:b0:70:a6:4e:a8:75:95:09:10:1d:2a:44:ae:4a:
bd:ef:47:8d:f9:77:1c:8e:37:c5:f5:e9:11:2f:68:
7e:e3:51:c1:21:08:e9:5f:56:64:6d:43:da:d3:7e:
d6:8d:98:3b:e8:70:71:4b:4c:ed:37:ed:aa:f6:57:
ba:55:00:87:28:72:7d:24:28:06:93:04:59:3a:5e:
56:13:99:51:ca:ae:9c:9b:2c:37:80:79:77:65:10:
2a:0e:b3:7e:2b:35:97:53:0a:34:e6:4b:81:2b:7f:
aa:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F9:AA:39:66:54:7D:C2:81:AD:BE:65:A8:EE:5C:8C:E7:E7:BB:2E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MfmqOWZUfcKBrb5lqO5cjOfnuy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:1a:d1:bb:80:54:47:0e:bc:46:85:7c:08:57:a8:ab:f0:fe:
3b:d2:c2:4d:56:54:79:1e:74:d5:9a:bc:d2:5c:3d:99:a6:f5:
a7:0b:c6:16:ca:b4:9a:1c:ae:1a:a2:1a:6a:33:4e:4e:2b:00:
4a:2d:81:d6:14:f2:3b:30:bc:b9:5d:24:40:f9:f3:f8:59:f1:
a3:6e:43:5e:19:72:36:67:89:d6:8f:cc:29:35:fa:fc:78:53:
7a:77:aa:e7:16:39:60:6c:05:ed:d7:b9:15:19:4e:85:1f:46:
ed:4e:8e:02:7d:ba:89:51:96:cc:20:d1:e3:7d:3d:de:bf:b4:
d3:e6:96:5c:af:15:09:53:7d:5a:77:59:6d:ea:2f:5c:33:c3:
0a:68:98:6a:1e:1a:34:2a:5c:90:e7:8d:ae:4b:69:1b:36:63:
26:36:63:fd:de:53:11:4a:79:37:6b:c8:18:bc:be:dc:67:3d:
ce:e4:b2:fc:6f:8e:8c:d7:e6:c3:84:83:35:27:10:7f:04:40:
f6:25:e0:b5:75:70:b3:20:0c:c4:39:14:d9:0e:78:df:6e:49:
e8:19:31:59:c9:5b:e8:4a:cc:1f:92:27:ed:0a:d5:71:52:d8:
ce:7d:d6:c8:c1:d4:3f:31:cd:2b:8b:bc:67:30:22:2a:f2:23:
d2:4d:1c:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2HXBVQO44SX3oBqeSY3BYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA4MDYxNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWY5YWEzOTY2NTQ3ZGMyODFhZGJlNjVhOGVlNWM4Y2U3ZTdiYjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmW7k463PEvRJep5lqf5JIikQaXr
l8d9ezRcjJoO+INtz5ByXsNpZfHGcrtUYNIhOzwBjRUrfJJyXjHoIilmUTxEv2Z4
GlMEk7ipDRKpZ5kx9lY2KnxEKv6FutpsruCH8fDW53HfDfJTE205SjFGyezkZUJr
EPnAmLSsXsghlBPlMDhOlAEbn8I3+bDkXDH9JuhiGtwgsHCmTqh1lQkQHSpErkq9
70eN+XccjjfF9ekRL2h+41HBIQjpX1ZkbUPa037WjZg76HBxS0ztN+2q9le6VQCH
KHJ9JCgGkwRZOl5WE5lRyq6cmyw3gHl3ZRAqDrN+KzWXUwo05kuBK3+qVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDH5qjlmVH3Cga2+ZajuXIzn57suMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTWZtcU9XWlVmY0tCcmI1bHFPNWNqT2ZudXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABwa0buAVEcOvEaFfAhX
qKvw/jvSwk1WVHkedNWavNJcPZmm9acLxhbKtJocrhqiGmozTk4rAEotgdYU8jsw
vLldJED58/hZ8aNuQ14ZcjZnidaPzCk1+vx4U3p3qucWOWBsBe3XuRUZToUfRu1O
jgJ9uolRlswg0eN9Pd6/tNPmllyvFQlTfVp3WW3qL1wzwwpomGoeGjQqXJDnja5L
aRs2YyY2Y/3eUxFKeTdryBi8vtxnPc7ksvxvjozX5sOEgzUnEH8EQPYl4LV1cLMg
DMQ5FNkOeN9uSegZMVnJW+hKzB+SJ+0K1XFS2M591sjB1D8xzSuLvGcwIiryI9JN
HNQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:20:58 2025 by rpki-client