Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/A1MBTyZ7hGB_akTXM0HBz5l_MEo.roa
File: A1MBTyZ7hGB_akTXM0HBz5l_MEo.roa (raw, json)
Hash identifier: 4tr9D18H+HhSFsFCdL7BPL7QEFWg8YPU5JKphGi4SHI=
Subject key identifier: 03:53:01:4F:26:7B:84:60:7F:6A:44:D7:33:41:C1:CF:99:7F:30:4A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A0AAD9C5A563C6109C8DE85C9A6482B55
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/A1MBTyZ7hGB_akTXM0HBz5l_MEo.roa
Signing time: Fri 18 Aug 2023 22:04:24 +0000
ROA not before: Fri 18 Aug 2023 22:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:18a:aad:7e7d/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0a:ad:9c:5a:56:3c:61:09:c8:de:85:c9:a6:48:2b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 18 22:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0353014f267b84607f6a44d73341c1cf997f304a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7c:61:a7:f5:e0:62:c3:8b:eb:4f:ef:a7:70:
57:04:b9:6b:19:16:4b:e4:af:1c:26:2b:c3:41:7a:
b3:13:04:5d:32:66:9b:83:ef:e5:87:e8:a8:e2:e9:
d0:fb:5b:fc:c3:bb:b4:41:f6:4e:2e:7d:c2:50:1f:
25:63:e3:f8:28:2d:66:ed:d3:8d:28:7d:f0:22:37:
67:71:ef:7d:b0:c6:eb:b2:2f:09:c7:05:49:e1:b7:
c9:f8:58:c0:7b:7c:37:83:26:15:6f:cf:90:a5:91:
3e:2d:13:80:94:21:09:3c:10:02:3e:9a:82:fc:9a:
f7:3b:63:1f:e1:63:6d:33:ef:65:d2:00:bf:ec:eb:
ab:5b:be:5f:af:d3:fc:90:21:a1:63:1e:98:3d:0c:
73:21:dd:78:a8:dd:2e:6a:0e:8f:1c:a5:dd:e9:a6:
cb:07:da:0c:83:a9:de:62:70:c7:36:a4:f2:1a:e9:
11:4d:33:a3:03:49:60:73:66:4e:d5:42:62:0b:71:
72:8f:b4:22:35:6a:ab:0d:7f:ab:33:f2:a6:36:46:
be:de:24:a5:5f:6a:fd:fa:1f:96:34:62:7b:3e:0c:
98:a7:be:d5:44:58:30:be:4f:a9:61:ab:ae:d5:be:
f8:1f:74:8c:5c:b7:aa:25:66:21:03:75:d3:ce:b1:
e2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:53:01:4F:26:7B:84:60:7F:6A:44:D7:33:41:C1:CF:99:7F:30:4A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/A1MBTyZ7hGB_akTXM0HBz5l_MEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:3d:51:9b:1a:dd:0a:13:1f:5b:ff:58:bd:ac:92:3f:31:4c:
16:3a:b3:3a:a7:c6:cd:79:2a:e5:c9:fc:eb:62:c0:ed:1d:f8:
55:7e:c3:a0:73:ea:58:ca:11:b8:cb:64:06:49:34:8e:f7:0f:
e1:9d:1d:08:07:aa:5c:f9:79:a8:42:08:5d:55:1e:96:35:33:
37:0b:ca:db:bd:dc:e8:6e:8b:5b:0a:10:e5:dc:f0:96:68:4c:
6d:81:6a:d5:bf:29:f6:67:f0:c3:a4:db:a3:f5:ea:62:ea:92:
97:1c:69:68:97:b5:fa:e4:4b:29:22:59:2a:3c:cf:21:17:c3:
98:dc:d4:8e:c9:da:61:09:03:7f:6d:05:97:a4:9a:8c:d4:a5:
e7:88:7d:24:87:bc:53:c3:e8:c9:4d:cd:86:53:b4:ef:c1:56:
98:62:5e:72:48:9b:f7:69:59:8b:4f:4c:c7:11:c3:93:ca:4f:
9e:48:b1:db:d0:1d:29:9d:61:d0:15:59:8d:5c:20:53:1a:3b:
f0:22:f4:9e:5f:95:93:5d:07:67:33:30:52:35:e0:78:b5:55:
77:17:dd:52:7f:98:a2:18:a2:72:24:fd:99:3d:07:42:77:80:
fe:6a:af:02:27:65:f9:f8:0a:1c:3c:7e:0d:2b:84:39:9f:f9:
65:f1:54:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoKrZxaVjxhCcjehcmmSCtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE4MjIwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzUzMDE0ZjI2N2I4NDYwN2Y2YTQ0ZDczMzQxYzFjZjk5N2YzMDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHxhp/XgYsOL60/vp3BXBLlrGRZL
5K8cJivDQXqzEwRdMmabg+/lh+io4unQ+1v8w7u0QfZOLn3CUB8lY+P4KC1m7dON
KH3wIjdnce99sMbrsi8JxwVJ4bfJ+FjAe3w3gyYVb8+QpZE+LROAlCEJPBACPpqC
/Jr3O2Mf4WNtM+9l0gC/7OurW75fr9P8kCGhYx6YPQxzId14qN0uag6PHKXd6abL
B9oMg6neYnDHNqTyGukRTTOjA0lgc2ZO1UJiC3Fyj7QiNWqrDX+rM/KmNka+3iSl
X2r9+h+WNGJ7PgyYp77VRFgwvk+pYauu1b74H3SMXLeqJWYhA3XTzrHihQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFANTAU8me4Rgf2pE1zNBwc+ZfzBKMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQTFNQlR5WjdoR0JfYWtUWE0wSEJ6NWxfTUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAII9UZsa3QoTH1v/WL2s
kj8xTBY6szqnxs15KuXJ/OtiwO0d+FV+w6Bz6ljKEbjLZAZJNI73D+GdHQgHqlz5
eahCCF1VHpY1MzcLytu93Ohui1sKEOXc8JZoTG2BatW/KfZn8MOk26P16mLqkpcc
aWiXtfrkSykiWSo8zyEXw5jc1I7J2mEJA39tBZekmozUpeeIfSSHvFPD6MlNzYZT
tO/BVphiXnJIm/dpWYtPTMcRw5PKT55IsdvQHSmdYdAVWY1cIFMaO/Ai9J5flZNd
B2czMFI14Hi1VXcX3VJ/mKIYonIk/Zk9B0J3gP5qrwInZfn4Chw8fg0rhDmf+WXx
VJc=
-----END CERTIFICATE-----
Generated at Fri May 2 16:14:40 2025 by rpki-client