Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/sMVpxgCPPMcFhGYnHjHZ19Fy-NM.roa
File: sMVpxgCPPMcFhGYnHjHZ19Fy-NM.roa (raw, json)
Hash identifier: hfR4lULUi5xFzWf7cG84LrYG14/NhGkQ9+yP45RIbnk=
Subject key identifier: B0:C5:69:C6:00:8F:3C:C7:05:84:66:27:1E:31:D9:D7:D1:72:F8:D3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EE7098BDBF22D0090B3D6AC65935B850A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/sMVpxgCPPMcFhGYnHjHZ19Fy-NM.roa
Signing time: Tue 16 Apr 2024 13:12:26 +0000
ROA not before: Tue 16 Apr 2024 13:12:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e7:09:8b:db:f2:2d:00:90:b3:d6:ac:65:93:5b:85:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 16 13:12:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0c569c6008f3cc7058466271e31d9d7d172f8d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:fa:35:1d:a2:36:62:ed:3e:d0:44:46:f2:83:
bf:3d:30:1a:f6:0d:ac:d5:dd:16:7e:c9:77:dd:4b:
e8:08:29:b7:3f:d7:d8:b8:39:1d:2d:39:be:60:55:
2d:19:5a:9b:7b:97:ff:d3:81:ca:a1:14:90:8f:7b:
7e:92:5f:94:96:23:a1:58:bb:dc:a7:19:87:13:f3:
80:de:85:4e:4b:49:5f:6b:d1:87:15:6c:49:7a:b8:
31:49:e0:fe:2a:ef:4f:80:1a:5b:be:f0:f2:dd:b8:
97:da:34:0e:b2:9a:74:dd:c2:44:20:48:d2:39:5e:
f1:c6:2e:9d:92:b0:ce:21:7f:e7:83:43:5f:d4:62:
bb:fc:94:df:89:1c:32:02:bf:e9:84:db:55:ad:cd:
40:d5:b8:99:b8:38:31:3e:95:05:ed:09:81:4b:57:
80:68:b2:33:44:38:60:58:f4:bb:20:ff:b6:e6:0a:
f2:0e:d8:4a:3e:c5:c7:21:31:18:45:b0:17:83:86:
1d:38:1c:38:84:1d:80:36:c1:61:2e:c6:03:5c:33:
d8:6e:0e:8f:0a:8e:e6:75:07:46:6e:ba:77:92:e5:
25:c4:57:e8:c4:43:8b:26:56:e0:2e:83:c5:55:fe:
4b:76:32:14:1e:a5:b1:b6:4a:d8:86:0f:68:f4:2e:
84:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C5:69:C6:00:8F:3C:C7:05:84:66:27:1E:31:D9:D7:D1:72:F8:D3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/sMVpxgCPPMcFhGYnHjHZ19Fy-NM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:f8:f2:23:b9:f0:22:cd:38:3c:a9:26:f1:3e:6a:52:c9:cb:
01:31:c4:07:db:9e:f0:a3:a6:c9:94:d0:57:d1:79:14:9b:8f:
6d:90:02:07:24:d2:73:05:68:57:cb:d6:ea:db:68:6c:c4:bf:
d0:3c:c2:5e:5f:cf:db:f4:dd:9e:52:c8:49:15:6c:da:25:52:
61:70:e7:c6:5e:eb:16:f4:4a:4e:c2:b5:c5:b6:c2:0f:70:0b:
51:84:2c:91:73:48:88:cb:b7:68:25:0b:1c:24:08:f4:7c:be:
5d:ec:10:cb:c1:1b:f3:cb:18:a0:79:e9:bb:13:55:0d:95:a5:
13:46:39:60:ab:72:88:49:44:ea:73:28:fd:fd:74:c5:92:b3:
0c:0f:4e:f0:cd:ad:b5:d4:98:f9:f6:f3:7c:72:d7:57:7b:7c:
30:eb:a6:a7:78:91:d1:e9:3f:3f:25:73:09:d1:a9:d0:59:65:
29:b1:f3:9f:ff:95:03:83:20:92:8c:30:47:58:15:4c:d4:fa:
fa:59:4c:89:37:71:44:32:88:94:41:1e:7a:67:08:13:53:a8:
88:57:35:16:8f:a6:06:f2:e3:d1:af:67:f0:d8:20:73:c9:ef:
59:12:b1:7e:42:ad:f4:1b:e2:41:d5:98:28:5f:81:97:8f:6d:
cd:31:5a:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7nCYvb8i0AkLPWrGWTW4UKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE2MTMxMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGM1NjljNjAwOGYzY2M3MDU4NDY2MjcxZTMxZDlkN2QxNzJmOGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPo1HaI2Yu0+0ERG8oO/PTAa9g2s
1d0Wfsl33UvoCCm3P9fYuDkdLTm+YFUtGVqbe5f/04HKoRSQj3t+kl+UliOhWLvc
pxmHE/OA3oVOS0lfa9GHFWxJergxSeD+Ku9PgBpbvvDy3biX2jQOspp03cJEIEjS
OV7xxi6dkrDOIX/ng0Nf1GK7/JTfiRwyAr/phNtVrc1A1biZuDgxPpUF7QmBS1eA
aLIzRDhgWPS7IP+25gryDthKPsXHITEYRbAXg4YdOBw4hB2ANsFhLsYDXDPYbg6P
Co7mdQdGbrp3kuUlxFfoxEOLJlbgLoPFVf5LdjIUHqWxtkrYhg9o9C6EaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLDFacYAjzzHBYRmJx4x2dfRcvjTMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvc01WcHhnQ1BQTWNGaEdZbkhqSFoxOUZ5LU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACH48iO58CLNODypJvE+
alLJywExxAfbnvCjpsmU0FfReRSbj22QAgck0nMFaFfL1urbaGzEv9A8wl5fz9v0
3Z5SyEkVbNolUmFw58Ze6xb0Sk7CtcW2wg9wC1GELJFzSIjLt2glCxwkCPR8vl3s
EMvBG/PLGKB56bsTVQ2VpRNGOWCrcohJROpzKP39dMWSswwPTvDNrbXUmPn283xy
11d7fDDrpqd4kdHpPz8lcwnRqdBZZSmx85//lQODIJKMMEdYFUzU+vpZTIk3cUQy
iJRBHnpnCBNTqIhXNRaPpgby49GvZ/DYIHPJ71kSsX5CrfQb4kHVmChfgZePbc0x
Wi8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:36:01 2025 by rpki-client