Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mCAvkBWRz9lSd-nl5mIz-M_3qSc.roa
File: mCAvkBWRz9lSd-nl5mIz-M_3qSc.roa (raw, json)
Hash identifier: xc9nVb2+mDR2pji/YMujgZs99FyR40LiSccXhM8injM=
Subject key identifier: 98:20:2F:90:15:91:CF:D9:52:77:E9:E5:E6:62:33:F8:CF:F7:A9:27
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DFD1F11ACD2D7A66104486937C74245E6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mCAvkBWRz9lSd-nl5mIz-M_3qSc.roa
Signing time: Sat 02 Mar 2024 03:04:48 +0000
ROA not before: Sat 02 Mar 2024 03:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18d:fd1e:baed/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fd:1f:11:ac:d2:d7:a6:61:04:48:69:37:c7:42:45:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 2 03:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98202f901591cfd95277e9e5e66233f8cff7a927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:af:52:b4:8a:d7:a4:e3:99:d2:29:a5:ea:71:
4e:88:f1:4f:59:f6:15:13:01:89:ec:b6:43:f5:eb:
52:df:e9:99:d5:d4:93:b7:81:eb:36:c7:d8:3d:2b:
55:95:f0:be:da:b1:aa:46:29:0e:58:9a:00:11:10:
b3:df:90:26:0c:cf:63:d7:d9:1a:6c:cf:41:46:ea:
e8:7a:22:48:93:f7:18:d4:45:d0:76:b4:d6:a2:fd:
1c:f7:31:05:5c:61:0e:94:65:82:86:12:9e:a2:23:
81:13:a1:e1:90:67:b8:12:73:79:b5:f5:83:a3:63:
00:17:64:78:d2:33:cd:95:36:43:a0:e7:d8:57:a4:
ce:a5:41:c5:6a:83:28:54:90:f6:cb:c2:41:49:23:
f9:32:55:e4:56:f2:17:5c:23:1f:89:aa:72:92:23:
1b:e6:d5:e3:48:0c:7f:69:2a:9b:dc:2e:8e:09:10:
b1:6c:17:6d:1c:4c:7f:f3:b3:83:a3:f8:8b:92:4d:
68:15:da:2e:02:a3:29:70:53:67:3d:a9:08:9e:37:
3d:0a:18:e8:84:4d:99:d3:4d:6d:8d:73:df:4d:1a:
67:17:4a:06:f0:09:8e:2f:6a:51:7d:ca:47:a2:6e:
39:8b:47:32:68:09:b9:78:42:b0:d4:ad:57:3a:14:
fe:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:20:2F:90:15:91:CF:D9:52:77:E9:E5:E6:62:33:F8:CF:F7:A9:27
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mCAvkBWRz9lSd-nl5mIz-M_3qSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:ee:b4:8f:f0:e1:d4:ea:13:54:4e:af:d1:eb:32:8f:0c:bb:
f1:3c:55:b2:0d:2c:ba:ea:d2:0a:58:9b:81:69:b6:2e:4f:10:
c2:75:7e:36:0a:3c:aa:6e:14:2d:48:06:7f:43:4a:e3:68:f8:
e2:1c:fe:2e:dc:6f:df:a5:df:6d:bc:09:71:79:31:59:96:c5:
40:f8:a8:6b:6a:e9:c8:b5:d9:a6:63:06:78:f5:1f:66:cf:bd:
20:10:d5:4a:c9:35:60:f6:98:b4:3a:c1:27:97:8b:e9:b4:4e:
bf:84:f1:96:fc:8c:10:6a:61:ca:e0:b8:88:5d:10:56:4a:44:
6b:a3:f2:85:ef:9a:6d:ab:2c:85:42:8b:0f:3f:49:a3:85:c0:
70:8f:bf:14:0f:b6:9e:3f:7c:4c:5e:8a:c8:ef:62:ce:4d:c8:
d5:9d:22:56:70:a3:42:4a:a5:68:52:12:16:bf:ba:4f:eb:ee:
6f:61:18:37:57:5b:ac:c3:8d:96:c4:92:d4:9d:d2:ca:0d:f7:
7a:bc:f0:32:4d:d4:86:ff:45:d5:b4:7f:bd:9e:71:f9:af:24:
b9:2e:ad:1f:cd:52:d6:9c:6a:52:ce:9d:71:6c:e5:5a:59:ea:
3d:a4:bb:44:0c:70:39:9b:62:b5:d6:85:49:a1:88:54:0e:38:
37:b3:3c:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY39HxGs0temYQRIaTfHQkXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAyMDMwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODIwMmY5MDE1OTFjZmQ5NTI3N2U5ZTVlNjYyMzNmOGNmZjdhOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq69StIrXpOOZ0iml6nFOiPFPWfYV
EwGJ7LZD9etS3+mZ1dSTt4HrNsfYPStVlfC+2rGqRikOWJoAERCz35AmDM9j19ka
bM9BRuroeiJIk/cY1EXQdrTWov0c9zEFXGEOlGWChhKeoiOBE6HhkGe4EnN5tfWD
o2MAF2R40jPNlTZDoOfYV6TOpUHFaoMoVJD2y8JBSSP5MlXkVvIXXCMfiapykiMb
5tXjSAx/aSqb3C6OCRCxbBdtHEx/87ODo/iLkk1oFdouAqMpcFNnPakInjc9Chjo
hE2Z001tjXPfTRpnF0oG8AmOL2pRfcpHom45i0cyaAm5eEKw1K1XOhT+1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJggL5AVkc/ZUnfp5eZiM/jP96knMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbUNBdmtCV1J6OWxTZC1ubDVtSXotTV8zcVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHHutI/w4dTqE1ROr9Hr
Mo8Mu/E8VbINLLrq0gpYm4Fpti5PEMJ1fjYKPKpuFC1IBn9DSuNo+OIc/i7cb9+l
3228CXF5MVmWxUD4qGtq6ci12aZjBnj1H2bPvSAQ1UrJNWD2mLQ6wSeXi+m0Tr+E
8Zb8jBBqYcrguIhdEFZKRGuj8oXvmm2rLIVCiw8/SaOFwHCPvxQPtp4/fExeisjv
Ys5NyNWdIlZwo0JKpWhSEha/uk/r7m9hGDdXW6zDjZbEktSd0soN93q88DJN1Ib/
RdW0f72ecfmvJLkurR/NUtacalLOnXFs5VpZ6j2ku0QMcDmbYrXWhUmhiFQOODez
PLo=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:43:51 2025 by rpki-client