Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mUnOJFJsUZbPtjjGS7dFiLpO94k.roa
File: mUnOJFJsUZbPtjjGS7dFiLpO94k.roa (raw, json)
Hash identifier: sI78v+/yaDlrg7AYmuPbLexb8n7qD5dXIoK/WEx+7Ec=
Subject key identifier: 99:49:CE:24:52:6C:51:96:CF:B6:38:C6:4B:B7:45:88:BA:4E:F7:89
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E68A45A1D64235056D1CC71576F425B0B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mUnOJFJsUZbPtjjGS7dFiLpO94k.roa
Signing time: Sat 23 Mar 2024 00:09:45 +0000
ROA not before: Sat 23 Mar 2024 00:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:68:a4:5a:1d:64:23:50:56:d1:cc:71:57:6f:42:5b:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 23 00:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9949ce24526c5196cfb638c64bb74588ba4ef789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:65:93:67:f3:01:36:d9:f0:21:7d:d8:a5:1d:
8e:b6:8d:3a:4c:89:73:42:41:7a:f0:4d:04:1b:ff:
27:b1:3c:f3:3e:3a:60:97:af:49:cc:ff:82:ab:bc:
d4:50:62:11:e1:01:d8:94:fe:ad:45:8f:8c:87:84:
dd:fd:d9:2d:40:01:e8:da:cd:5f:f1:04:9b:b5:a1:
fd:12:31:a0:e9:02:61:44:9f:f3:64:37:d5:40:84:
39:4a:66:07:58:e0:06:bd:0a:20:ec:ae:e9:ab:0d:
73:a4:53:a7:b1:d1:1a:12:64:c3:40:68:d4:f5:b3:
a5:ae:1d:ff:76:6f:15:1a:3e:42:7a:4a:2e:ab:b9:
fb:6c:46:5c:40:98:3e:ad:cc:11:06:6d:8d:bd:57:
c0:51:2c:aa:37:8d:17:b8:16:c1:83:0d:05:49:06:
aa:8b:ca:2c:4b:99:64:fa:87:b1:e2:00:5f:82:e3:
f3:54:c3:a8:0f:fa:83:56:f8:15:44:df:51:46:dd:
03:dc:de:ba:8e:bd:ea:4d:81:3c:fd:15:e7:23:0e:
85:51:85:10:f8:1a:21:69:47:f9:cc:fb:7c:45:8a:
b6:f9:1d:0d:17:f4:e6:f4:f7:00:f8:73:2d:ed:3e:
2d:3f:ff:74:08:32:e0:6a:4f:49:03:b2:1f:05:24:
5c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:49:CE:24:52:6C:51:96:CF:B6:38:C6:4B:B7:45:88:BA:4E:F7:89
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/mUnOJFJsUZbPtjjGS7dFiLpO94k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:f3:e1:f6:0a:9e:cb:f1:25:5e:54:63:4d:bb:9e:78:04:7b:
d9:0b:b1:54:32:bc:b7:cc:75:1b:ae:3a:8d:44:41:ac:07:bb:
82:e3:73:d5:78:a4:44:ed:31:7c:75:0e:32:64:94:ec:cc:30:
53:23:da:9a:b0:9e:fc:fd:03:35:10:fe:60:5f:2e:14:bc:37:
05:25:ca:94:1e:e9:69:97:20:1c:8e:71:c1:20:5d:9b:43:6f:
4d:b2:7e:4d:8f:b9:93:64:37:c0:3d:a2:ee:04:09:a6:a0:97:
ae:2c:4e:59:e3:92:27:72:aa:10:c9:60:26:40:76:ad:16:41:
22:4a:db:74:a5:b9:c9:0a:04:ab:b2:a2:0c:d7:50:2b:ba:10:
5d:80:6e:7a:54:3c:a0:69:8f:a6:27:5b:12:69:45:58:9c:3b:
71:bb:11:2b:e5:5a:7e:50:2f:06:64:82:ef:bb:41:4f:76:f8:
f7:a9:11:46:9e:0a:0a:d1:ab:da:1f:b2:f9:ce:8c:4a:05:8f:
34:6d:b1:cb:00:be:1f:cc:14:f9:5c:67:8b:e9:6e:a3:50:6a:
f4:ce:4d:da:b4:8f:2e:6c:ce:a0:a6:71:fa:08:f7:53:92:a3:
c2:23:d7:23:dd:58:f6:59:ae:d7:27:6d:c3:15:74:9c:bf:d9:
5f:cc:62:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5opFodZCNQVtHMcVdvQlsLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIzMDAwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTQ5Y2UyNDUyNmM1MTk2Y2ZiNjM4YzY0YmI3NDU4OGJhNGVmNzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2WTZ/MBNtnwIX3YpR2Oto06TIlz
QkF68E0EG/8nsTzzPjpgl69JzP+Cq7zUUGIR4QHYlP6tRY+Mh4Td/dktQAHo2s1f
8QSbtaH9EjGg6QJhRJ/zZDfVQIQ5SmYHWOAGvQog7K7pqw1zpFOnsdEaEmTDQGjU
9bOlrh3/dm8VGj5Cekouq7n7bEZcQJg+rcwRBm2NvVfAUSyqN40XuBbBgw0FSQaq
i8osS5lk+oex4gBfguPzVMOoD/qDVvgVRN9RRt0D3N66jr3qTYE8/RXnIw6FUYUQ
+BohaUf5zPt8RYq2+R0NF/Tm9PcA+HMt7T4tP/90CDLgak9JA7IfBSRckQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJlJziRSbFGWz7Y4xku3RYi6TveJMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbVVuT0pGSnNVWmJQdGpqR1M3ZEZpTHBPOTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA3z4fYKnsvxJV5UY027
nngEe9kLsVQyvLfMdRuuOo1EQawHu4Ljc9V4pETtMXx1DjJklOzMMFMj2pqwnvz9
AzUQ/mBfLhS8NwUlypQe6WmXIByOccEgXZtDb02yfk2PuZNkN8A9ou4ECaagl64s
TlnjkidyqhDJYCZAdq0WQSJK23SluckKBKuyogzXUCu6EF2AbnpUPKBpj6YnWxJp
RVicO3G7ESvlWn5QLwZkgu+7QU92+PepEUaeCgrRq9ofsvnOjEoFjzRtscsAvh/M
FPlcZ4vpbqNQavTOTdq0jy5szqCmcfoI91OSo8Ij1yPdWPZZrtcnbcMVdJy/2V/M
YjY=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:57:55 2025 by rpki-client