Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MRSSAN5ikCcz_vHbjaJvPP_5p_0.roa
File: MRSSAN5ikCcz_vHbjaJvPP_5p_0.roa (raw, json)
Hash identifier: BryoK+VkLj3YrWZ/hEtlpnKPhHUS9KpDRdx2eMWpUbg=
Subject key identifier: 31:14:92:00:DE:62:90:27:33:FE:F1:DB:8D:A2:6F:3C:FF:F9:A7:FD
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EDFB72B1CE1387FBADD6990AB1EB4A73D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MRSSAN5ikCcz_vHbjaJvPP_5p_0.roa
Signing time: Mon 15 Apr 2024 03:05:06 +0000
ROA not before: Mon 15 Apr 2024 03:05:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:dfb6:5e10/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:df:b7:2b:1c:e1:38:7f:ba:dd:69:90:ab:1e:b4:a7:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 15 03:05:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31149200de62902733fef1db8da26f3cfff9a7fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:76:31:f7:71:85:c5:2e:7c:30:92:42:c4:ea:
af:73:dd:17:3f:aa:a1:7b:b8:8b:a2:8d:f2:ca:17:
fc:0e:92:86:ca:6f:af:e4:81:cd:34:eb:75:01:1d:
20:42:ca:5f:66:5d:53:c6:8b:8c:80:fc:85:23:0f:
46:71:6f:08:ac:58:1d:15:90:e2:27:cf:b9:c2:d0:
be:89:90:1b:38:c6:e7:0c:ac:27:43:83:a0:b3:ad:
c7:b8:32:3c:bb:4d:49:31:66:0b:6f:ee:a7:91:d8:
d9:fe:4a:92:89:39:cc:fb:35:7e:68:ec:e9:c4:6e:
d1:66:bf:f0:af:bd:e0:ff:6e:e0:c5:16:99:18:58:
b8:e8:3c:99:7d:09:cc:2e:df:f6:6e:6c:11:7b:4b:
24:9d:7c:da:62:69:2d:64:a5:a7:ae:bf:08:9a:ed:
3a:8b:78:65:59:1f:8e:a7:8d:33:7c:7d:95:80:84:
ae:f1:1e:90:01:b7:5c:43:8c:53:bf:ab:01:ab:a6:
6b:3f:bb:32:8e:82:33:a6:d7:de:53:4a:2c:8c:b4:
f4:5e:97:80:17:63:71:8a:51:39:06:91:d3:80:fe:
f1:90:ce:56:e9:e2:32:27:e9:2c:60:04:64:27:81:
91:84:5d:bc:0e:35:72:25:15:75:34:89:84:9e:da:
f7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:14:92:00:DE:62:90:27:33:FE:F1:DB:8D:A2:6F:3C:FF:F9:A7:FD
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/MRSSAN5ikCcz_vHbjaJvPP_5p_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:70:6c:45:5c:06:3f:60:c2:e3:72:00:d9:b0:12:fd:86:5f:
3a:9a:7e:f5:47:22:09:ae:14:6f:f3:64:4d:47:8b:6d:41:7d:
ea:5f:ca:f5:89:d1:28:51:73:cb:69:8d:85:71:8f:ea:7c:c2:
14:7f:25:c7:0a:3a:83:93:12:99:d9:ec:c1:e2:ad:28:e8:b0:
05:f5:da:b2:dd:3f:ac:63:2f:15:b5:03:3c:b7:96:b8:9a:30:
ce:fc:a4:58:7c:d9:17:0a:34:63:52:3a:83:8b:13:ac:c3:09:
47:78:a5:34:cb:bc:ab:93:ba:d9:73:8a:91:5a:14:c8:03:be:
5c:30:24:a4:d5:3c:f9:81:9e:23:9a:df:c9:b6:e7:b1:24:c5:
e5:21:53:a6:ec:ce:ef:6b:ab:e5:b1:9e:01:3e:0c:e6:1e:88:
94:ee:b1:74:be:93:b9:45:27:b6:75:fd:83:b9:23:5c:37:b7:
fa:86:af:2d:b2:20:aa:1a:c8:61:86:7e:57:e5:ba:40:86:81:
81:b2:71:a1:6e:41:40:8c:f3:1c:dc:26:21:bf:4f:d3:34:15:
fa:93:89:43:0b:ad:ee:75:5d:f6:61:57:0c:18:c7:54:5b:3b:
46:e4:38:8e:a6:8c:b2:a6:76:eb:82:05:67:f6:68:9b:a9:62:
73:e4:56:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7ftysc4Th/ut1pkKsetKc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE1MDMwNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTE0OTIwMGRlNjI5MDI3MzNmZWYxZGI4ZGEyNmYzY2ZmZjlhN2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXYx93GFxS58MJJCxOqvc90XP6qh
e7iLoo3yyhf8DpKGym+v5IHNNOt1AR0gQspfZl1TxouMgPyFIw9GcW8IrFgdFZDi
J8+5wtC+iZAbOMbnDKwnQ4Ogs63HuDI8u01JMWYLb+6nkdjZ/kqSiTnM+zV+aOzp
xG7RZr/wr73g/27gxRaZGFi46DyZfQnMLt/2bmwRe0sknXzaYmktZKWnrr8Imu06
i3hlWR+Op40zfH2VgISu8R6QAbdcQ4xTv6sBq6ZrP7syjoIzptfeU0osjLT0XpeA
F2NxilE5BpHTgP7xkM5W6eIyJ+ksYARkJ4GRhF28DjVyJRV1NImEntr3RQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDEUkgDeYpAnM/7x242ibzz/+af9MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTVJTU0FONWlrQ2N6X3ZIYmphSnZQUF81cF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABFwbEVcBj9gwuNyANmw
Ev2GXzqafvVHIgmuFG/zZE1Hi21BfepfyvWJ0ShRc8tpjYVxj+p8whR/JccKOoOT
EpnZ7MHirSjosAX12rLdP6xjLxW1Azy3lriaMM78pFh82RcKNGNSOoOLE6zDCUd4
pTTLvKuTutlzipFaFMgDvlwwJKTVPPmBniOa38m257EkxeUhU6bszu9rq+WxngE+
DOYeiJTusXS+k7lFJ7Z1/YO5I1w3t/qGry2yIKoayGGGflflukCGgYGycaFuQUCM
8xzcJiG/T9M0FfqTiUMLre51XfZhVwwYx1RbO0bkOI6mjLKmduuCBWf2aJupYnPk
Vgw=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:29 2025 by rpki-client