Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2MKlN_J5A9viOh6OG6rA0kRG3kI.roa
File: 2MKlN_J5A9viOh6OG6rA0kRG3kI.roa (raw, json)
Hash identifier: FxJOE18wq6QYNi3dbXIKYzu2iClDUMQGXnGiY2DmyyY=
Subject key identifier: D8:C2:A5:37:F2:79:03:DB:E2:3A:1E:8E:1B:AA:C0:D2:44:46:DE:42
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186895158FAD9C05496E9DEA8A058163A7D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2MKlN_J5A9viOh6OG6rA0kRG3kI.roa
Signing time: Sat 25 Feb 2023 16:04:15 +0000
ROA not before: Sat 25 Feb 2023 16:04:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:8951:50ce/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:89:51:58:fa:d9:c0:54:96:e9:de:a8:a0:58:16:3a:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 16:04:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8c2a537f27903dbe23a1e8e1baac0d24446de42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:49:40:b7:6e:74:33:d0:54:68:3e:c0:d7:f4:
a9:1e:a7:70:f4:50:2c:6c:b4:69:ca:a0:64:7e:50:
4f:18:f0:e7:03:13:0f:0e:9b:25:99:47:81:44:54:
2c:72:c0:f6:bd:d7:c0:4f:fe:2e:8a:5f:2d:f3:15:
98:08:8b:b3:4b:b4:84:3d:ba:60:1e:2e:73:ad:58:
af:dd:8a:3e:48:7f:80:a6:9f:f9:1e:9f:52:5d:58:
d7:f0:8b:1d:c0:30:40:f3:8c:1a:1b:a4:57:ba:22:
17:15:03:ac:03:4f:40:8b:39:96:8a:61:53:da:76:
ea:a9:a4:d2:9e:e5:3d:c1:c6:95:91:8d:14:9c:db:
bc:cb:8c:af:2c:75:e6:97:4b:28:42:43:1b:3e:77:
7d:ee:b7:81:d7:d0:a4:d3:4a:24:b0:ae:f8:d5:3b:
28:d4:56:fc:ed:a1:01:92:39:81:a3:b3:c4:b9:b6:
92:52:96:3f:ee:d9:58:e0:e9:4a:d3:a2:9d:19:c7:
2d:04:a2:15:54:c5:6a:1b:f0:19:e0:16:7e:2d:41:
df:2f:c6:08:ad:08:23:53:5f:df:ea:ee:1d:3b:f6:
14:9b:6f:f0:26:4a:f5:6c:a3:41:69:94:e8:db:e4:
96:3a:86:80:6a:5c:8c:fa:cc:cc:58:40:2d:d6:c6:
8d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:C2:A5:37:F2:79:03:DB:E2:3A:1E:8E:1B:AA:C0:D2:44:46:DE:42
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2MKlN_J5A9viOh6OG6rA0kRG3kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:ea:90:e6:98:e7:49:11:58:66:d9:3b:4e:fc:28:6d:75:89:
00:b6:3c:6a:e4:7f:e4:03:6d:59:30:6c:fd:73:6b:05:37:bc:
80:96:da:70:cb:c8:70:1a:b0:e0:2e:d5:02:3e:f9:74:cd:95:
44:d8:ce:5f:a8:6f:94:84:b2:7a:da:eb:4a:d6:00:be:2c:ca:
12:73:ee:90:0b:61:11:96:30:15:2a:6c:b0:4c:fe:71:4f:a8:
1f:f6:39:ae:53:c1:16:f1:39:d5:eb:bf:ff:d0:83:73:4c:54:
b4:f0:d4:70:9a:60:d7:b6:56:97:59:f0:a1:77:ab:77:96:38:
6e:87:e9:5f:e1:f4:43:fb:75:0e:09:69:bc:63:2f:02:c1:61:
71:43:c1:a7:d1:a9:6f:1c:28:fd:fd:4a:35:f6:80:b7:28:f5:
87:af:8d:ec:3d:56:a1:5a:01:20:bf:cf:be:37:dd:8a:7b:8e:
91:ed:7c:8f:05:ce:45:79:51:d9:9d:45:a0:d5:12:9e:25:5b:
d0:fb:24:64:53:ef:03:aa:a8:6a:cc:d5:39:9b:d2:d5:c5:9b:
d1:d8:2e:a9:61:ce:4e:f7:4e:ce:f3:97:0d:a1:8f:26:92:5d:
6d:df:0e:df:13:fd:9b:bc:71:e4:02:7e:cc:ea:06:da:47:5a:
d7:40:10:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaJUVj62cBUluneqKBYFjp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MTYwNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGMyYTUzN2YyNzkwM2RiZTIzYTFlOGUxYmFhYzBkMjQ0NDZkZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArklAt250M9BUaD7A1/SpHqdw9FAs
bLRpyqBkflBPGPDnAxMPDpslmUeBRFQscsD2vdfAT/4uil8t8xWYCIuzS7SEPbpg
Hi5zrViv3Yo+SH+App/5Hp9SXVjX8IsdwDBA84waG6RXuiIXFQOsA09AizmWimFT
2nbqqaTSnuU9wcaVkY0UnNu8y4yvLHXml0soQkMbPnd97reB19Ck00oksK741Tso
1Fb87aEBkjmBo7PEubaSUpY/7tlY4OlK06KdGcctBKIVVMVqG/AZ4BZ+LUHfL8YI
rQgjU1/f6u4dO/YUm2/wJkr1bKNBaZTo2+SWOoaAalyM+szMWEAt1saNxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNjCpTfyeQPb4joejhuqwNJERt5CMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMk1LbE5fSjVBOXZpT2g2T0c2ckEwa1JHM2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIbqkOaY50kRWGbZO078
KG11iQC2PGrkf+QDbVkwbP1zawU3vICW2nDLyHAasOAu1QI++XTNlUTYzl+ob5SE
snra60rWAL4syhJz7pALYRGWMBUqbLBM/nFPqB/2Oa5TwRbxOdXrv//Qg3NMVLTw
1HCaYNe2VpdZ8KF3q3eWOG6H6V/h9EP7dQ4JabxjLwLBYXFDwafRqW8cKP39SjX2
gLco9Yevjew9VqFaASC/z7433Yp7jpHtfI8FzkV5UdmdRaDVEp4lW9D7JGRT7wOq
qGrM1Tmb0tXFm9HYLqlhzk73Ts7zlw2hjyaSXW3fDt8T/Zu8ceQCfszqBtpHWtdA
EGo=
-----END CERTIFICATE-----
Generated at Sat May 3 05:05:44 2025 by rpki-client