Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1MIXHHIoz9akgEWMzv4DW024DxQ.roa
File: 1MIXHHIoz9akgEWMzv4DW024DxQ.roa (raw, json)
Hash identifier: l1vHYJLCZqs/NTYgYtUSXM0XR077LM5ojB0a+HPCqpo=
Subject key identifier: D4:C2:17:1C:72:28:CF:D6:A4:80:45:8C:CE:FE:03:5B:4D:B8:0F:14
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184E2D12973E864F6847FDA7E10589B9620
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1MIXHHIoz9akgEWMzv4DW024DxQ.roa
Signing time: Mon 05 Dec 2022 15:04:29 +0000
ROA not before: Mon 05 Dec 2022 15:04:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:184:e2d1:7d3/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:d1:29:73:e8:64:f6:84:7f:da:7e:10:58:9b:96:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 5 15:04:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4c2171c7228cfd6a480458ccefe035b4db80f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c8:21:d3:c8:d1:65:e1:54:27:b5:82:44:ca:
01:5d:8e:e3:66:6b:6c:9d:60:fb:00:87:29:f1:90:
3f:07:78:72:4a:cf:df:b4:0f:ac:fe:a1:ee:0c:26:
38:61:62:60:1f:c2:ff:aa:a3:08:15:f7:48:1d:5d:
6f:a7:5c:b2:8f:42:9c:c2:ba:70:52:8c:3e:57:4b:
06:24:97:d2:e6:6f:bb:56:91:7b:a2:c9:0a:95:85:
ca:38:d5:aa:c2:56:84:94:7f:48:ab:6b:63:61:de:
fe:e1:67:46:44:6e:53:01:6f:4d:e2:0e:b1:78:93:
7e:69:5d:58:26:f5:d6:e5:d8:8b:2a:ad:3c:7d:e0:
ac:12:9e:fe:1c:7e:ab:31:3c:d7:49:01:fd:5d:1b:
20:d3:55:60:39:10:2a:49:84:d0:b4:e6:c9:d8:32:
9f:40:af:2d:3d:3e:97:13:b9:92:a1:a8:6a:f2:1a:
61:73:a6:89:03:3e:82:f5:b0:c5:e7:1f:77:f9:58:
75:f6:1f:29:10:07:ca:8a:1b:af:6d:af:48:62:bb:
3c:a8:30:ae:38:95:73:30:46:32:00:7c:bf:f2:89:
0c:0b:3d:23:62:b0:63:91:71:3e:ca:c7:36:b3:42:
10:6d:8e:02:78:75:24:00:e5:12:78:f2:79:14:7b:
11:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:C2:17:1C:72:28:CF:D6:A4:80:45:8C:CE:FE:03:5B:4D:B8:0F:14
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1MIXHHIoz9akgEWMzv4DW024DxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:df:14:c4:63:df:3b:bb:0a:35:f8:6b:26:f3:ca:ff:67:ba:
89:22:91:dc:d1:8f:52:ef:4b:e2:3d:5e:e4:58:25:37:f3:42:
a2:cb:e7:4d:1b:76:ed:7c:fa:08:ec:8d:05:0b:b5:f5:66:c6:
39:f5:0f:59:a8:1d:ac:8a:5e:39:d2:79:54:c5:02:d7:e6:4b:
ad:3a:1e:7f:55:2d:43:76:94:19:d3:31:71:c4:66:30:ee:83:
79:87:19:84:ef:a5:dd:82:bd:35:1a:72:f4:ab:b5:58:b1:1d:
a9:1d:ad:8c:b6:e6:8a:1e:d5:a2:8e:58:f3:92:f9:6b:41:3f:
78:1b:a6:8d:e6:89:b1:34:d0:aa:5d:77:a5:e3:ac:fb:d9:7c:
56:ef:42:74:c9:ae:0d:7a:dd:f1:b1:26:e3:31:a8:d0:de:08:
b2:c2:0d:8f:1c:79:38:bf:d4:36:93:27:5e:05:8d:3a:e5:e4:
c3:d5:63:c8:34:39:d2:20:1e:11:37:b2:6c:f3:c8:cd:e6:61:
63:b8:f4:8c:ef:22:76:46:49:4e:c8:14:da:57:80:fe:ca:11:
83:e7:e6:53:ad:24:c8:9c:9a:09:df:05:20:17:f8:18:90:64:
0f:08:d9:ff:46:97:b4:72:ca:5f:51:af:95:b9:54:51:e8:34:
21:11:14:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTi0Slz6GT2hH/afhBYm5YgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA1MTUwNDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGMyMTcxYzcyMjhjZmQ2YTQ4MDQ1OGNjZWZlMDM1YjRkYjgwZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycgh08jRZeFUJ7WCRMoBXY7jZmts
nWD7AIcp8ZA/B3hySs/ftA+s/qHuDCY4YWJgH8L/qqMIFfdIHV1vp1yyj0Kcwrpw
Uow+V0sGJJfS5m+7VpF7oskKlYXKONWqwlaElH9Iq2tjYd7+4WdGRG5TAW9N4g6x
eJN+aV1YJvXW5diLKq08feCsEp7+HH6rMTzXSQH9XRsg01VgORAqSYTQtObJ2DKf
QK8tPT6XE7mSoahq8hphc6aJAz6C9bDF5x93+Vh19h8pEAfKihuvba9IYrs8qDCu
OJVzMEYyAHy/8okMCz0jYrBjkXE+ysc2s0IQbY4CeHUkAOUSePJ5FHsRpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNTCFxxyKM/WpIBFjM7+A1tNuA8UMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMU1JWEhISW96OWFrZ0VXTXp2NERXMDI0RHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKTfFMRj3zu7CjX4aybz
yv9nuokikdzRj1LvS+I9XuRYJTfzQqLL500bdu18+gjsjQULtfVmxjn1D1moHayK
XjnSeVTFAtfmS606Hn9VLUN2lBnTMXHEZjDug3mHGYTvpd2CvTUacvSrtVixHakd
rYy25ooe1aKOWPOS+WtBP3gbpo3mibE00Kpdd6XjrPvZfFbvQnTJrg163fGxJuMx
qNDeCLLCDY8ceTi/1DaTJ14FjTrl5MPVY8g0OdIgHhE3smzzyM3mYWO49IzvInZG
SU7IFNpXgP7KEYPn5lOtJMicmgnfBSAX+BiQZA8I2f9Gl7Ryyl9Rr5W5VFHoNCER
FJY=
-----END CERTIFICATE-----
Generated at Thu May 1 01:55:21 2025 by rpki-client