Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0MdUvPtLxd9rvnps8VwBcbg47oY.roa
File: 0MdUvPtLxd9rvnps8VwBcbg47oY.roa (raw, json)
Hash identifier: EPPHhoOZh7A9aACZlsLF5uZJc/z289xUlwTPy5KYY3g=
Subject key identifier: D0:C7:54:BC:FB:4B:C5:DF:6B:BE:7A:6C:F1:5C:01:71:B8:38:EE:86
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018318EA2BE1473A323FB5EEE802D69CDA1C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0MdUvPtLxd9rvnps8VwBcbg47oY.roa
Signing time: Wed 07 Sep 2022 17:05:43 +0000
ROA not before: Wed 07 Sep 2022 17:05:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
2001:67c:64:ffff:0:183:18e9:be3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:18:ea:2b:e1:47:3a:32:3f:b5:ee:e8:02:d6:9c:da:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 7 17:05:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0c754bcfb4bc5df6bbe7a6cf15c0171b838ee86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:aa:7a:77:3c:7b:72:7c:fe:84:eb:dd:47:ef:
69:ae:e4:77:ad:35:18:cc:ce:b0:3b:f2:7d:28:08:
31:94:d9:c4:3f:cd:a3:f9:94:fe:20:e9:fb:6e:aa:
2a:dd:5f:db:97:e0:11:38:aa:5a:49:8b:62:2b:53:
d9:ca:0f:7f:6d:ad:35:91:19:0d:7d:7e:df:07:d1:
58:09:59:42:d1:0c:72:ce:d1:8d:c8:86:ae:00:68:
ef:ab:40:6e:9c:de:65:36:da:c3:3a:1b:ff:aa:c9:
19:aa:ef:e8:4a:ab:72:cf:83:ab:c7:99:8b:b2:04:
8c:61:04:b9:e0:eb:9f:b1:bd:78:38:d5:94:a4:e9:
f2:29:01:a6:5d:d5:88:8b:02:c2:05:5a:5c:5e:6e:
42:0a:6c:8a:0a:f4:7e:dc:6d:41:29:7d:31:7c:d3:
54:0c:1e:a3:fd:9f:be:d9:e4:c3:6f:f8:d2:2b:e1:
9e:23:dc:24:5a:16:48:c7:e3:77:a6:94:5d:be:04:
a6:4f:56:42:a2:e8:41:30:37:8b:e6:bc:51:2e:5c:
c8:4d:be:79:ff:f4:f6:9a:48:c2:59:33:82:f3:4e:
24:f5:80:4e:d1:4b:09:c4:19:fc:9b:e6:2e:c0:d5:
ed:d5:46:be:e3:83:ce:94:ba:2a:9a:a3:78:dc:27:
a2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C7:54:BC:FB:4B:C5:DF:6B:BE:7A:6C:F1:5C:01:71:B8:38:EE:86
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0MdUvPtLxd9rvnps8VwBcbg47oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:d6:54:99:9b:a3:0d:f9:0f:ac:66:41:e5:81:c9:8c:8a:3f:
b6:5b:ce:63:94:09:1b:dc:40:02:d3:5b:39:6c:24:eb:50:16:
50:43:14:95:5b:5a:d4:d7:8a:16:5e:e3:65:56:7c:84:31:3d:
60:2f:f6:68:61:3a:2e:d3:36:17:46:a3:7c:0d:ba:b9:9c:d8:
12:42:f6:cd:ca:71:4e:33:5a:d8:b3:4f:93:7b:8f:e4:79:af:
5d:f1:04:cf:66:64:d0:51:49:d4:a3:6b:d6:3b:6d:fe:85:4f:
cf:d7:1f:1c:b9:ae:ed:c5:95:eb:4d:37:7c:30:48:63:57:e1:
2b:b2:65:08:0c:dc:33:60:12:61:9c:ee:c6:11:5f:aa:d0:8d:
00:56:aa:fe:01:52:5f:b5:19:2e:a3:2f:0c:38:aa:2b:e0:ee:
d3:d7:59:e2:84:a1:4f:24:82:88:61:85:0d:b5:c6:1e:dd:27:
0b:d5:a1:d2:2b:e2:6b:f9:5c:f3:03:46:18:1a:e7:84:c1:b1:
e9:28:71:23:f6:db:21:a9:9b:8a:06:f0:b5:e0:a6:f3:d2:ec:
2c:b3:2d:70:ed:41:13:28:ea:77:3a:e8:80:1f:9d:b9:2f:f6:
48:fa:ae:7e:4c:f0:c3:1a:b7:2f:ad:0e:35:e4:13:d0:13:de:
c7:7f:b1:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMY6ivhRzoyP7Xu6ALWnNocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTA3MTcwNTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGM3NTRiY2ZiNGJjNWRmNmJiZTdhNmNmMTVjMDE3MWI4MzhlZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqp6dzx7cnz+hOvdR+9pruR3rTUY
zM6wO/J9KAgxlNnEP82j+ZT+IOn7bqoq3V/bl+AROKpaSYtiK1PZyg9/ba01kRkN
fX7fB9FYCVlC0QxyztGNyIauAGjvq0BunN5lNtrDOhv/qskZqu/oSqtyz4Orx5mL
sgSMYQS54Oufsb14ONWUpOnyKQGmXdWIiwLCBVpcXm5CCmyKCvR+3G1BKX0xfNNU
DB6j/Z++2eTDb/jSK+GeI9wkWhZIx+N3ppRdvgSmT1ZCouhBMDeL5rxRLlzITb55
//T2mkjCWTOC804k9YBO0UsJxBn8m+YuwNXt1Ua+44POlLoqmqN43CeihwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNDHVLz7S8Xfa756bPFcAXG4OO6GMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvME1kVXZQdEx4ZDlydm5wczhWd0JjYmc0N29ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGHWVJmbow35D6xmQeWB
yYyKP7ZbzmOUCRvcQALTWzlsJOtQFlBDFJVbWtTXihZe42VWfIQxPWAv9mhhOi7T
NhdGo3wNurmc2BJC9s3KcU4zWtizT5N7j+R5r13xBM9mZNBRSdSja9Y7bf6FT8/X
Hxy5ru3FletNN3wwSGNX4SuyZQgM3DNgEmGc7sYRX6rQjQBWqv4BUl+1GS6jLww4
qivg7tPXWeKEoU8kgohhhQ21xh7dJwvVodIr4mv5XPMDRhga54TBsekocSP22yGp
m4oG8LXgpvPS7CyzLXDtQRMo6nc66IAfnbkv9kj6rn5M8MMaty+tDjXkE9AT3sd/
sds=
-----END CERTIFICATE-----
Generated at Sun May 4 09:58:41 2025 by rpki-client