Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ef03b3-7472-46de-9586-fd7b9739ca26/1/MtWTrnrND6EP3cM9Z5OSCIGl4vA.roa
File: MtWTrnrND6EP3cM9Z5OSCIGl4vA.roa (raw, json)
Hash identifier: pbxVZVZ80DN49b7VnIcQNiVRM2BUbkPepC2i0a2pNpo=
Subject key identifier: 32:D5:93:AE:7A:CD:0F:A1:0F:DD:C3:3D:67:93:92:08:81:A5:E2:F0
Certificate issuer: /CN=3e08834b3b2973909c0aaf5bb5d354b1c0e5ca3e
Certificate serial: 019422FBF038110DFF63256408FF249E7C2F
Authority key identifier: 3E:08:83:4B:3B:29:73:90:9C:0A:AF:5B:B5:D3:54:B1:C0:E5:CA:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PgiDSzspc5CcCq9btdNUscDlyj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/ef03b3-7472-46de-9586-fd7b9739ca26/1/MtWTrnrND6EP3cM9Z5OSCIGl4vA.roa
Signing time: Wed 01 Jan 2025 17:48:43 +0000
ROA not before: Wed 01 Jan 2025 17:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34600
IP address blocks: 193.29.254.0/24 maxlen: 24
193.30.1.0/24 maxlen: 24
193.30.2.0/24 maxlen: 24
193.30.5.0/24 maxlen: 24
2a0f:7c40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:f0:38:11:0d:ff:63:25:64:08:ff:24:9e:7c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e08834b3b2973909c0aaf5bb5d354b1c0e5ca3e
Validity
Not Before: Jan 1 17:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32d593ae7acd0fa10fddc33d6793920881a5e2f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f6:4f:ae:c0:e5:c8:98:23:d9:1b:88:fa:80:
b3:2f:55:b1:5c:f7:5b:bc:76:8e:7f:2d:48:44:63:
fe:1c:a0:25:39:43:2d:d7:62:d0:84:c9:ed:f1:2d:
66:50:41:0d:4a:1b:4a:f0:5b:9d:9f:89:52:28:d7:
27:9c:e2:90:32:5c:81:cf:d4:40:a3:8e:1f:5e:52:
03:93:87:f5:d2:c9:1a:bf:6f:53:6b:43:2e:2c:cb:
f6:d8:97:4f:cd:8c:c0:18:76:76:87:49:13:18:7e:
9c:7e:32:3d:d6:83:63:e3:18:af:30:a2:9f:e1:20:
37:f2:38:9a:7b:c5:50:d3:d0:a1:23:d7:f7:42:d8:
0c:25:72:4f:68:21:e4:dd:aa:93:5b:f0:33:0d:11:
40:9b:87:5a:74:ba:e1:3d:fb:4e:37:41:5e:3b:38:
90:81:05:ac:2b:9b:2f:99:69:91:37:f2:cf:35:ec:
a6:fe:6e:9f:2c:18:c8:0f:e9:61:ae:22:6e:5f:c2:
62:5e:aa:b1:42:8b:42:4e:db:cf:a4:8c:fc:c1:92:
a5:dd:90:f9:78:b9:a1:2e:5a:91:2e:81:4b:5d:bb:
f8:2d:1f:f6:c8:94:7f:5c:52:98:38:39:05:2f:19:
8e:c8:93:43:13:bd:79:7c:a2:92:01:c8:50:5a:11:
ef:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D5:93:AE:7A:CD:0F:A1:0F:DD:C3:3D:67:93:92:08:81:A5:E2:F0
X509v3 Authority Key Identifier:
keyid:3E:08:83:4B:3B:29:73:90:9C:0A:AF:5B:B5:D3:54:B1:C0:E5:CA:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PgiDSzspc5CcCq9btdNUscDlyj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ef03b3-7472-46de-9586-fd7b9739ca26/1/MtWTrnrND6EP3cM9Z5OSCIGl4vA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ef03b3-7472-46de-9586-fd7b9739ca26/1/PgiDSzspc5CcCq9btdNUscDlyj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.254.0/24
193.30.1.0-193.30.2.255
193.30.5.0/24
IPv6:
2a0f:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
84:2b:70:49:34:1f:35:82:0f:cd:e9:37:ee:1f:75:5f:6c:72:
7f:6f:09:89:ea:3e:4b:e0:ef:aa:31:f2:ce:b6:00:01:bf:5a:
fe:b8:94:07:17:a9:8b:f0:1f:44:12:df:a2:03:dd:c3:32:5a:
1e:2e:01:f0:cc:78:2b:78:8e:8b:e0:a4:2a:28:cc:49:d1:d0:
88:61:77:ec:ab:e3:f4:b5:5d:01:5f:96:df:80:f6:01:20:80:
e8:d0:06:2e:72:b8:9f:70:52:22:71:24:5b:78:5b:1a:a5:18:
ae:f1:03:8d:84:38:e5:24:12:60:4e:62:dc:38:1e:84:bb:1c:
89:0e:69:1b:b0:39:67:3e:b7:f4:ed:5f:bb:c2:c8:40:4b:9f:
24:06:5e:3c:05:cd:e4:ca:f5:43:f9:60:1d:f7:bd:d2:b3:19:
23:c1:9d:2f:4d:c4:06:39:b0:3f:17:41:23:0c:af:e8:a6:96:
99:40:c6:38:71:b0:b4:75:fe:04:5b:85:8d:d9:03:bb:d4:ec:
ac:bf:fd:c4:f6:f9:4b:6f:2e:9a:09:84:0d:02:42:74:70:ab:
34:9a:2e:f8:ca:6a:03:a9:92:44:85:f1:f7:af:f9:75:51:4b:
c0:ed:e8:bb:09:2d:22:28:df:4d:c1:40:8f:69:81:3b:e9:c5:
cf:86:33:66
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQi+/A4EQ3/YyVkCP8knnwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMDg4MzRiM2IyOTczOTA5YzBhYWY1YmI1ZDM1NGIxYzBl
NWNhM2UwHhcNMjUwMTAxMTc0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQ1OTNhZTdhY2QwZmExMGZkZGMzM2Q2NzkzOTIwODgxYTVlMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfZPrsDlyJgj2RuI+oCzL1WxXPdb
vHaOfy1IRGP+HKAlOUMt12LQhMnt8S1mUEENShtK8Fudn4lSKNcnnOKQMlyBz9RA
o44fXlIDk4f10skav29Ta0MuLMv22JdPzYzAGHZ2h0kTGH6cfjI91oNj4xivMKKf
4SA38jiae8VQ09ChI9f3QtgMJXJPaCHk3aqTW/AzDRFAm4dadLrhPftON0FeOziQ
gQWsK5svmWmRN/LPNeym/m6fLBjID+lhriJuX8JiXqqxQotCTtvPpIz8wZKl3ZD5
eLmhLlqRLoFLXbv4LR/2yJR/XFKYODkFLxmOyJNDE715fKKSAchQWhHvtwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDLVk656zQ+hD93DPWeTkgiBpeLwMB8GA1UdIwQY
MBaAFD4Ig0s7KXOQnAqvW7XTVLHA5co+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdpRFN6c3BjNUNjQ3E5YnRkTlVzY0RseWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lZjAzYjMtNzQ3Mi00NmRlLTk1ODYt
ZmQ3Yjk3MzljYTI2LzEvTXRXVHJuck5ENkVQM2NNOVo1T1NDSUdsNHZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lZjAzYjMtNzQ3Mi00NmRlLTk1ODYtZmQ3Yjk3MzljYTI2
LzEvUGdpRFN6c3BjNUNjQ3E5YnRkTlVzY0RseWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAwR3+MAwD
BADBHgEDBADBHgIDBADBHgUwDQQCAAIwBwMFAyoPfEAwDQYJKoZIhvcNAQELBQAD
ggEBAIQrcEk0HzWCD83pN+4fdV9scn9vCYnqPkvg76ox8s62AAG/Wv64lAcXqYvw
H0QS36ID3cMyWh4uAfDMeCt4jovgpCoozEnR0Ihhd+yr4/S1XQFflt+A9gEggOjQ
Bi5yuJ9wUiJxJFt4WxqlGK7xA42EOOUkEmBOYtw4HoS7HIkOaRuwOWc+t/TtX7vC
yEBLnyQGXjwFzeTK9UP5YB33vdKzGSPBnS9NxAY5sD8XQSMMr+imlplAxjhxsLR1
/gRbhY3ZA7vU7Ky//cT2+UtvLpoJhA0CQnRwqzSaLvjKagOpkkSF8fev+XVRS8Dt
6LsJLSIo303BQI9pgTvpxc+GM2Y=
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:42:24 2025 by rpki-client