Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RMdyNGfDNrdEvREVEkFncugF3O8.roa
File: RMdyNGfDNrdEvREVEkFncugF3O8.roa (raw, json)
Hash identifier: 8DLm2IMGnUBxsXrAIXi1j6BLJf+Jfw89OTB+gpraBr8=
Subject key identifier: 44:C7:72:34:67:C3:36:B7:44:BD:11:15:12:41:67:72:E8:05:DC:EF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA560C046FA71A32D3A3D3EE42CF6F6C2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RMdyNGfDNrdEvREVEkFncugF3O8.roa
Signing time: Wed 03 Apr 2024 19:12:45 +0000
ROA not before: Wed 03 Apr 2024 19:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a5:60:c0:46:fa:71:a3:2d:3a:3d:3e:e4:2c:f6:f6:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 3 19:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44c7723467c336b744bd111512416772e805dcef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c5:97:db:f8:0b:3d:33:fe:be:ea:54:58:7a:
f7:ad:0f:95:c0:da:f8:d6:6e:7d:b2:df:89:30:76:
67:67:84:cf:15:86:1e:fa:67:cd:da:ef:e0:6e:f3:
aa:aa:00:37:5a:97:64:e0:af:6b:2d:92:66:41:4e:
59:8c:bd:0b:62:af:36:aa:ae:33:e3:e1:ba:aa:dc:
7c:de:c0:3c:9b:bd:ee:1b:9d:cb:3a:8f:43:a9:63:
19:56:a0:05:c9:b6:07:f2:23:05:b7:5a:cc:bb:21:
e9:5f:3f:55:1b:07:43:07:19:5c:ea:44:b4:87:8b:
3e:35:5f:c9:2f:64:24:8f:13:cd:e4:c4:7f:e1:eb:
a2:d9:8b:1e:19:79:e4:09:ec:a1:da:a3:a1:26:e0:
f8:96:93:3c:e0:11:c1:1f:be:c7:f3:ab:30:79:b8:
a4:cb:8d:cf:e0:10:d0:31:af:2b:67:ba:33:d1:47:
4a:5c:dc:4f:aa:61:25:5f:8c:7a:0f:80:20:64:bc:
f2:d7:7c:df:68:c7:66:a7:4a:cd:b3:22:02:c1:70:
7c:98:2f:67:d4:f8:c7:dd:0e:76:63:e5:4c:c5:39:
f3:6a:8b:b9:8d:54:3a:a0:30:cb:96:f1:74:79:e4:
37:3c:e4:2b:7c:38:7b:a9:ac:db:83:5d:c4:58:5c:
d5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C7:72:34:67:C3:36:B7:44:BD:11:15:12:41:67:72:E8:05:DC:EF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RMdyNGfDNrdEvREVEkFncugF3O8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:52:2e:2a:3d:54:8b:da:32:3b:20:05:15:45:fb:43:a1:11:
2b:f7:cd:57:24:ac:fb:92:8b:be:2b:3b:2d:41:4a:80:06:42:
80:c0:47:43:06:56:b6:91:ff:d7:94:ef:be:48:58:29:8e:46:
fb:6c:33:81:4a:9b:c9:b1:33:44:9d:e1:56:85:9e:a7:f2:37:
05:da:04:5f:18:62:27:40:7f:eb:f6:cb:45:df:82:24:4c:2f:
b6:b3:1a:a7:89:1c:a9:21:ff:7e:4e:c2:da:dc:f9:96:33:6b:
f0:b7:e0:17:97:7a:4a:77:4d:c2:69:44:04:80:53:d1:d0:45:
f0:79:d4:19:2d:94:8f:dc:d5:53:39:03:92:2d:5a:c1:78:2f:
0a:d4:ac:38:62:81:91:07:10:73:3a:47:4c:53:b6:2d:2c:7a:
12:bb:e2:55:d0:42:e8:c9:02:64:69:54:db:17:77:1a:ba:93:
2d:8f:0b:a7:50:a8:11:a1:0f:22:e3:ee:c8:f6:c1:b1:ba:28:
67:63:0e:3b:e7:eb:4a:da:39:3a:7a:71:5d:9f:ad:9f:32:08:
26:fa:6e:fc:f5:8d:31:b4:cc:11:8e:a3:12:19:40:d6:f5:f0:
b4:8f:b4:c9:84:db:5d:ba:40:a9:56:4e:a6:68:eb:c4:09:54:
53:bc:92:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6lYMBG+nGjLTo9PuQs9vbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAzMTkxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGM3NzIzNDY3YzMzNmI3NDRiZDExMTUxMjQxNjc3MmU4MDVkY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMWX2/gLPTP+vupUWHr3rQ+VwNr4
1m59st+JMHZnZ4TPFYYe+mfN2u/gbvOqqgA3Wpdk4K9rLZJmQU5ZjL0LYq82qq4z
4+G6qtx83sA8m73uG53LOo9DqWMZVqAFybYH8iMFt1rMuyHpXz9VGwdDBxlc6kS0
h4s+NV/JL2QkjxPN5MR/4eui2YseGXnkCeyh2qOhJuD4lpM84BHBH77H86swebik
y43P4BDQMa8rZ7oz0UdKXNxPqmElX4x6D4AgZLzy13zfaMdmp0rNsyICwXB8mC9n
1PjH3Q52Y+VMxTnzaou5jVQ6oDDLlvF0eeQ3POQrfDh7qazbg13EWFzVzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFETHcjRnwza3RL0RFRJBZ3LoBdzvMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUk1keU5HZkROcmRFdlJFVkVrRm5jdWdGM084LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADZSLio9VIvaMjsgBRVF
+0OhESv3zVckrPuSi74rOy1BSoAGQoDAR0MGVraR/9eU775IWCmORvtsM4FKm8mx
M0Sd4VaFnqfyNwXaBF8YYidAf+v2y0XfgiRML7azGqeJHKkh/35Owtrc+ZYza/C3
4BeXekp3TcJpRASAU9HQRfB51BktlI/c1VM5A5ItWsF4LwrUrDhigZEHEHM6R0xT
ti0sehK74lXQQujJAmRpVNsXdxq6ky2PC6dQqBGhDyLj7sj2wbG6KGdjDjvn60ra
OTp6cV2frZ8yCCb6bvz1jTG0zBGOoxIZQNb18LSPtMmE2126QKlWTqZo68QJVFO8
koI=
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:47:36 2025 by rpki-client