Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/86mcKCIW_AtplbugMAxyhX1X4AM.roa
File: 86mcKCIW_AtplbugMAxyhX1X4AM.roa (raw, json)
Hash identifier: QNvLMjHWX2+QHd150OAi2+45Q+ANEgXA5aUUF+KPLYs=
Subject key identifier: F3:A9:9C:28:22:16:FC:0B:69:95:BB:A0:30:0C:72:85:7D:57:E0:03
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189BF5D1D86D3C91625E2177C2D3EE2461E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/86mcKCIW_AtplbugMAxyhX1X4AM.roa
Signing time: Fri 04 Aug 2023 07:04:57 +0000
ROA not before: Fri 04 Aug 2023 07:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:189:bf5c:88bd/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bf:5d:1d:86:d3:c9:16:25:e2:17:7c:2d:3e:e2:46:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 4 07:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3a99c282216fc0b6995bba0300c72857d57e003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0f:6a:ad:2b:79:ea:4f:dc:ee:f4:ac:b2:ee:
3f:ef:3c:7f:69:f6:47:10:c5:f0:8f:9e:58:02:3b:
e7:53:7f:55:d9:3b:cd:2a:c2:85:c7:db:1a:f2:2b:
48:61:0f:2f:93:37:42:8d:ed:a3:93:d3:69:49:bd:
17:70:48:2d:a0:82:dc:0c:bd:4d:76:93:35:6e:ed:
ff:c0:70:41:76:a1:d0:da:1b:7d:d4:2f:e1:d9:3d:
52:62:17:2f:29:c5:8d:f4:ee:7f:ce:52:70:b7:fd:
da:3a:af:e0:80:81:21:fa:e1:66:ea:a8:67:90:a2:
06:28:0f:37:3c:c2:9f:e7:28:9f:00:dd:ab:1f:90:
a7:6b:bf:16:4d:11:03:ea:99:71:93:4a:92:9f:82:
3f:d3:e2:a3:97:41:c4:69:e6:75:51:b6:00:87:09:
d2:b9:1d:51:dc:49:9f:96:3f:5a:ac:14:a6:40:33:
90:ac:d7:83:6f:6b:8e:51:6f:24:f9:f6:32:1b:bd:
dc:e1:e3:99:82:50:86:6f:b9:27:8d:e6:65:8a:8c:
c9:ac:3b:8c:6c:71:9d:9e:1b:00:24:8b:f2:2b:54:
54:1c:c8:5c:84:7c:d6:09:ee:d4:34:9a:01:80:71:
64:0e:42:c7:91:3d:6e:aa:1d:50:f6:2c:84:36:53:
60:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A9:9C:28:22:16:FC:0B:69:95:BB:A0:30:0C:72:85:7D:57:E0:03
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/86mcKCIW_AtplbugMAxyhX1X4AM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:06:93:ea:f0:3c:44:ef:4c:5c:55:93:b4:d2:be:2d:ef:09:
74:64:1f:b6:bf:26:0a:91:46:4f:db:e7:51:81:44:f0:56:8c:
d6:be:52:a3:55:02:08:e2:e1:79:01:b0:93:70:57:36:df:73:
f5:d7:4f:ea:25:a4:3e:26:9e:aa:58:15:de:6c:3b:12:0d:b7:
5c:52:bc:84:c9:e0:01:b3:30:6a:68:a9:29:e3:d5:52:5a:ea:
43:3a:60:fa:7b:37:e9:39:1c:b1:86:63:82:4f:ea:5c:38:ec:
71:97:fb:ee:17:50:5b:9f:08:9a:10:80:6b:90:02:ec:d0:0f:
6b:3a:89:ed:43:9b:99:ae:73:b8:ea:89:0c:3b:1a:7d:31:8b:
93:7b:94:bd:3c:d1:e3:f4:51:54:3c:cb:df:fa:8a:5b:10:ba:
e3:9b:52:eb:4b:8b:7d:b5:07:e4:d9:66:fc:22:ea:cf:6d:88:
78:73:13:1d:d2:84:90:21:af:9f:5a:5f:4a:4e:ba:14:1b:d7:
68:35:4b:8f:aa:de:e6:18:38:71:0f:aa:4b:44:ea:5d:dd:a9:
b9:7b:8a:20:81:e4:73:7f:ff:51:76:2a:c3:e6:fa:45:87:4f:
38:4a:d6:7b:cb:96:a9:68:be:9e:2f:95:90:8d:2f:3c:3e:20:
fb:a4:89:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm/XR2G08kWJeIXfC0+4kYeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA0MDcwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2E5OWMyODIyMTZmYzBiNjk5NWJiYTAzMDBjNzI4NTdkNTdlMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlg9qrSt56k/c7vSssu4/7zx/afZH
EMXwj55YAjvnU39V2TvNKsKFx9sa8itIYQ8vkzdCje2jk9NpSb0XcEgtoILcDL1N
dpM1bu3/wHBBdqHQ2ht91C/h2T1SYhcvKcWN9O5/zlJwt/3aOq/ggIEh+uFm6qhn
kKIGKA83PMKf5yifAN2rH5Cna78WTRED6plxk0qSn4I/0+Kjl0HEaeZ1UbYAhwnS
uR1R3Emflj9arBSmQDOQrNeDb2uOUW8k+fYyG73c4eOZglCGb7knjeZliozJrDuM
bHGdnhsAJIvyK1RUHMhchHzWCe7UNJoBgHFkDkLHkT1uqh1Q9iyENlNg4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPOpnCgiFvwLaZW7oDAMcoV9V+ADMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvODZtY0tDSVdfQXRwbGJ1Z01BeHloWDFYNEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKcGk+rwPETvTFxVk7TS
vi3vCXRkH7a/JgqRRk/b51GBRPBWjNa+UqNVAgji4XkBsJNwVzbfc/XXT+olpD4m
nqpYFd5sOxINt1xSvITJ4AGzMGpoqSnj1VJa6kM6YPp7N+k5HLGGY4JP6lw47HGX
++4XUFufCJoQgGuQAuzQD2s6ie1Dm5muc7jqiQw7Gn0xi5N7lL080eP0UVQ8y9/6
ilsQuuObUutLi321B+TZZvwi6s9tiHhzEx3ShJAhr59aX0pOuhQb12g1S4+q3uYY
OHEPqktE6l3dqbl7iiCB5HN//1F2KsPm+kWHTzhK1nvLlqlovp4vlZCNLzw+IPuk
iZA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:35:53 2025 by rpki-client