Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CMSooIPwaRMK0l9AegXYtGljbts.roa
File: CMSooIPwaRMK0l9AegXYtGljbts.roa (raw, json)
Hash identifier: lhSaEZmpVGz+TU4oNRG/nWD0/xxR2fDdkPfqwGm5CP4=
Subject key identifier: 08:C4:A8:A0:83:F0:69:13:0A:D2:5F:40:7A:05:D8:B4:69:63:6E:DB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DDD9E319FFC207B9B6024EDB8D6F6599B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CMSooIPwaRMK0l9AegXYtGljbts.roa
Signing time: Sun 25 Feb 2024 00:15:48 +0000
ROA not before: Sun 25 Feb 2024 00:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:dd:9e:31:9f:fc:20:7b:9b:60:24:ed:b8:d6:f6:59:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 25 00:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08c4a8a083f069130ad25f407a05d8b469636edb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:11:c6:b1:ea:42:7f:3b:0a:42:52:b5:4a:2b:
4c:58:1f:a2:4f:ea:67:15:38:70:bc:f2:41:a9:15:
a0:f8:6c:c1:52:a6:73:20:4e:61:bc:9a:03:c3:a9:
56:91:8d:19:11:32:c6:42:82:06:a7:29:af:3e:f2:
fe:c4:b7:c3:7a:64:d9:b1:cc:db:21:ed:7a:5f:25:
a4:6c:ab:bf:1b:aa:62:67:0f:cd:8d:c8:0b:75:38:
04:b0:d3:7e:73:1a:5e:1e:14:9e:b6:5a:0e:a1:be:
99:fc:7f:1b:70:b4:77:82:3c:7f:dc:2c:79:9f:a2:
fc:72:c4:26:c1:d4:4a:22:aa:39:ab:4d:f5:c6:7b:
8e:2b:81:b7:1b:80:6a:d0:2b:00:76:d1:eb:e8:6f:
7e:10:24:d4:95:90:ce:79:45:56:18:29:b3:80:16:
21:fa:c6:ad:1d:8d:9e:c2:b1:6f:81:9f:33:4c:89:
0b:59:88:4a:fb:5d:3f:4e:10:9a:a6:51:2b:59:c9:
10:87:44:cc:7d:35:3d:8b:e1:f1:90:16:55:0d:78:
98:7f:c3:48:8f:65:7b:dd:ce:66:c9:b4:e9:ce:33:
62:e2:fd:06:6e:99:4f:18:0e:ce:fc:b9:a4:26:44:
23:a1:c4:a6:eb:4a:51:56:7a:6a:4c:11:9c:fd:cc:
d6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C4:A8:A0:83:F0:69:13:0A:D2:5F:40:7A:05:D8:B4:69:63:6E:DB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CMSooIPwaRMK0l9AegXYtGljbts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:fb:cd:5c:2e:33:6a:68:40:bc:07:62:29:eb:d2:65:66:ba:
57:46:92:a0:5e:43:5b:a7:13:69:52:1a:fe:06:a4:6c:86:4a:
a0:eb:84:9a:02:3e:ec:f9:90:5d:01:ab:b8:9c:7e:b3:f6:31:
53:aa:a2:d2:69:e6:cf:d9:2f:9d:37:0c:86:19:e1:40:98:64:
a9:82:f9:e9:6e:8a:44:31:89:59:b2:4a:bf:9f:46:e7:e4:e1:
41:62:fd:0c:e8:b9:47:ab:1c:87:43:df:f4:1f:33:b4:b6:c6:
55:fe:77:69:2f:4e:c8:14:f7:32:0d:97:32:f9:79:2a:1f:96:
49:f4:94:bf:d7:44:a6:fb:37:21:ed:bb:00:3f:de:62:27:aa:
2d:1a:fc:16:3c:78:be:04:ec:19:a6:6e:a3:fd:1d:24:65:39:
f8:8f:5c:ea:f4:21:b4:a8:ce:be:31:e2:e1:ba:bc:90:36:45:
fd:44:83:65:58:b1:fd:13:17:9a:bb:06:8c:ca:64:0c:fd:6c:
9d:1a:4d:4d:f8:8b:15:6e:02:16:84:21:ed:9b:10:66:8e:92:
f6:09:b2:46:f4:80:95:81:1a:32:a8:c8:ad:28:46:6c:0e:af:
49:44:67:e0:62:48:bf:7a:f9:55:e9:08:5c:a1:de:26:69:77:
69:a8:c2:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3dnjGf/CB7m2Ak7bjW9lmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI1MDAxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGM0YThhMDgzZjA2OTEzMGFkMjVmNDA3YTA1ZDhiNDY5NjM2ZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBHGsepCfzsKQlK1SitMWB+iT+pn
FThwvPJBqRWg+GzBUqZzIE5hvJoDw6lWkY0ZETLGQoIGpymvPvL+xLfDemTZsczb
Ie16XyWkbKu/G6piZw/NjcgLdTgEsNN+cxpeHhSetloOob6Z/H8bcLR3gjx/3Cx5
n6L8csQmwdRKIqo5q031xnuOK4G3G4Bq0CsAdtHr6G9+ECTUlZDOeUVWGCmzgBYh
+satHY2ewrFvgZ8zTIkLWYhK+10/ThCaplErWckQh0TMfTU9i+HxkBZVDXiYf8NI
j2V73c5mybTpzjNi4v0GbplPGA7O/LmkJkQjocSm60pRVnpqTBGc/czW3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAjEqKCD8GkTCtJfQHoF2LRpY27bMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ01Tb29JUHdhUk1LMGw5QWVnWFl0R2xqYnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIz7zVwuM2poQLwHYinr
0mVmuldGkqBeQ1unE2lSGv4GpGyGSqDrhJoCPuz5kF0Bq7icfrP2MVOqotJp5s/Z
L503DIYZ4UCYZKmC+eluikQxiVmySr+fRufk4UFi/QzouUerHIdD3/QfM7S2xlX+
d2kvTsgU9zINlzL5eSoflkn0lL/XRKb7NyHtuwA/3mInqi0a/BY8eL4E7BmmbqP9
HSRlOfiPXOr0IbSozr4x4uG6vJA2Rf1Eg2VYsf0TF5q7BozKZAz9bJ0aTU34ixVu
AhaEIe2bEGaOkvYJskb0gJWBGjKoyK0oRmwOr0lEZ+BiSL96+VXpCFyh3iZpd2mo
wr8=
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:54:12 2025 by rpki-client