Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MKGcqfQgtpDxO-5YpG29-BGWGXM.roa
File: MKGcqfQgtpDxO-5YpG29-BGWGXM.roa (raw, json)
Hash identifier: IF7FjH1tWE1/WY63RTqoqMa43yc+jO0TH+7RNqFRNlM=
Subject key identifier: 30:A1:9C:A9:F4:20:B6:90:F1:3B:EE:58:A4:6D:BD:F8:11:96:19:73
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D8D25694F20D8F64219B334622454CDD7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MKGcqfQgtpDxO-5YpG29-BGWGXM.roa
Signing time: Fri 09 Feb 2024 09:14:15 +0000
ROA not before: Fri 09 Feb 2024 09:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8d:25:69:4f:20:d8:f6:42:19:b3:34:62:24:54:cd:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 9 09:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30a19ca9f420b690f13bee58a46dbdf811961973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f3:ff:3c:96:5f:7a:6c:b2:2d:7a:65:33:4a:
75:76:c6:a9:13:2f:da:93:73:c4:94:1c:af:76:7e:
26:eb:29:65:6c:68:97:af:fc:7b:a5:a1:a8:14:ea:
12:a9:0f:e5:25:93:4d:a3:fe:e2:e6:ca:4f:fb:20:
0e:bc:5f:a1:32:38:a4:2e:cc:92:d6:76:40:5b:84:
df:0b:a9:dd:70:3f:eb:39:4b:90:12:cc:3d:6e:a3:
3b:46:e7:14:29:6e:8b:7b:e4:f1:7c:52:44:dd:65:
d3:dc:2c:ac:74:e2:56:61:5a:9b:a7:e4:80:9d:a3:
be:2c:1c:8a:9d:12:4f:da:2f:8e:98:c0:08:c6:e6:
c5:1e:a2:9c:b9:29:fc:8c:5f:8d:ab:f7:79:f1:27:
57:10:c7:9c:c5:26:fa:0e:64:50:19:b0:7b:48:6e:
5a:4e:16:af:d9:b8:ad:06:f9:a3:82:92:27:29:69:
7d:e0:bb:32:4a:93:84:85:6d:de:2e:71:b7:84:87:
b2:fa:eb:10:1c:a6:f7:5b:a6:7f:95:3b:3d:94:b8:
44:6c:cd:49:51:fb:ee:bb:de:1e:d1:9f:25:14:65:
2f:60:30:bc:e6:30:96:36:d5:0d:dd:65:cc:5c:c1:
e3:20:32:a6:2d:d6:e1:ca:db:84:0d:83:e2:38:ee:
67:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A1:9C:A9:F4:20:B6:90:F1:3B:EE:58:A4:6D:BD:F8:11:96:19:73
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MKGcqfQgtpDxO-5YpG29-BGWGXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:b1:06:bf:f1:10:01:37:d8:cf:f3:55:77:09:f2:3e:01:55:
8f:00:a2:df:97:c9:9e:af:f5:29:4e:df:95:2f:58:af:e4:c6:
e0:4d:7a:fb:c0:c6:3a:8f:5c:17:7e:67:47:0f:a2:ea:4f:69:
0b:7c:52:73:83:01:79:f5:7c:e6:f0:85:ba:bc:dc:4c:87:54:
03:bf:0d:77:6a:a4:42:0d:40:fe:8b:6c:86:90:06:45:55:b2:
9b:db:77:2f:59:80:f2:68:53:dd:3e:73:31:f8:3e:6e:22:00:
45:5c:f9:9c:6a:19:b2:65:cb:d4:04:7f:17:81:02:46:84:79:
c1:81:bd:e7:fc:fb:bc:5e:c0:a0:41:a0:c7:66:03:6e:b8:53:
8e:79:b8:8c:45:a8:8e:5c:08:52:1c:00:32:05:cb:cf:00:45:
92:ab:de:d2:7a:a1:8e:bb:9d:5c:4e:a0:b8:20:15:bf:b9:3f:
d5:8e:16:fa:54:c1:80:48:c6:2e:9b:32:4e:22:9b:ca:93:0f:
17:b9:6b:0e:e7:8d:d0:de:26:a3:5f:4d:1c:ef:9c:da:18:46:
9f:66:1f:f2:0a:03:93:e4:13:6f:98:b8:56:0f:2f:2a:2f:37:
85:8c:b8:43:d3:29:8e:8a:63:a2:b3:59:b4:09:8d:7c:d1:e6:
73:06:00:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2NJWlPINj2QhmzNGIkVM3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA5MDkxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGExOWNhOWY0MjBiNjkwZjEzYmVlNThhNDZkYmRmODExOTYxOTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/P/PJZfemyyLXplM0p1dsapEy/a
k3PElByvdn4m6yllbGiXr/x7paGoFOoSqQ/lJZNNo/7i5spP+yAOvF+hMjikLsyS
1nZAW4TfC6ndcD/rOUuQEsw9bqM7RucUKW6Le+TxfFJE3WXT3CysdOJWYVqbp+SA
naO+LByKnRJP2i+OmMAIxubFHqKcuSn8jF+Nq/d58SdXEMecxSb6DmRQGbB7SG5a
Thav2bitBvmjgpInKWl94LsySpOEhW3eLnG3hIey+usQHKb3W6Z/lTs9lLhEbM1J
Ufvuu94e0Z8lFGUvYDC85jCWNtUN3WXMXMHjIDKmLdbhytuEDYPiOO5nAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDChnKn0ILaQ8TvuWKRtvfgRlhlzMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTUtHY3FmUWd0cER4Ty01WXBHMjktQkdXR1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB2xBr/xEAE32M/zVXcJ
8j4BVY8Aot+XyZ6v9SlO35UvWK/kxuBNevvAxjqPXBd+Z0cPoupPaQt8UnODAXn1
fObwhbq83EyHVAO/DXdqpEINQP6LbIaQBkVVspvbdy9ZgPJoU90+czH4Pm4iAEVc
+ZxqGbJly9QEfxeBAkaEecGBvef8+7xewKBBoMdmA264U455uIxFqI5cCFIcADIF
y88ARZKr3tJ6oY67nVxOoLggFb+5P9WOFvpUwYBIxi6bMk4im8qTDxe5aw7njdDe
JqNfTRzvnNoYRp9mH/IKA5PkE2+YuFYPLyovN4WMuEPTKY6KY6KzWbQJjXzR5nMG
AE0=
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:36:27 2025 by rpki-client