Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MBpGCWgAasmN0k4TpMGY5cp29H4.roa
File: MBpGCWgAasmN0k4TpMGY5cp29H4.roa (raw, json)
Hash identifier: QQTAp5aKPozivrl6b/tSYjvDp1wbhu5t2KLcY00XHEU=
Subject key identifier: 30:1A:46:09:68:00:6A:C9:8D:D2:4E:13:A4:C1:98:E5:CA:76:F4:7E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01825EA84A99BB61694E28B437E383E89F66
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MBpGCWgAasmN0k4TpMGY5cp29H4.roa
Signing time: Tue 02 Aug 2022 13:04:23 +0000
ROA not before: Tue 02 Aug 2022 13:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:5ea8:386/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5e:a8:4a:99:bb:61:69:4e:28:b4:37:e3:83:e8:9f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 2 13:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=301a460968006ac98dd24e13a4c198e5ca76f47e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:87:8b:ee:72:e3:7e:d1:d6:b0:f7:ca:03:d1:
79:68:3e:72:da:5b:0d:55:6c:3c:a9:38:7d:43:ed:
a0:79:45:86:49:24:16:fe:b9:d1:c9:12:f7:e2:b3:
ea:60:93:3e:b4:73:22:7c:fe:0d:6d:fe:d6:cb:e7:
e9:87:32:ea:06:17:6c:75:93:a8:e1:9d:aa:6c:b4:
52:69:4c:22:bb:1e:bf:e2:41:01:d1:78:f4:1a:d7:
ab:04:d6:1d:c5:87:01:85:95:26:d9:6a:cc:1f:24:
72:6b:aa:2d:ea:0a:a9:94:af:c2:d5:7d:94:07:dd:
0c:be:4d:2d:0c:43:a7:06:ce:27:2c:46:ab:fa:5d:
1e:8c:37:4f:a1:0a:a6:27:59:6a:fd:4a:9a:f3:07:
88:ce:4b:0e:30:b3:ed:6a:77:80:da:9f:b8:f2:05:
59:e1:30:db:a6:72:c6:17:c2:f3:c3:fa:db:69:b5:
37:a7:6f:6e:06:70:b9:e3:7e:b0:d7:3f:96:9e:5b:
5f:7c:56:c8:5d:09:70:0f:24:40:a8:13:ad:6e:49:
23:9c:9c:43:03:60:d9:e5:9d:a0:52:24:fb:47:d7:
0a:5b:35:d0:8f:1a:fa:6a:16:00:82:81:d1:6a:30:
03:a4:a6:5b:63:0c:24:8e:2e:07:b4:d0:f1:24:92:
d3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:1A:46:09:68:00:6A:C9:8D:D2:4E:13:A4:C1:98:E5:CA:76:F4:7E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MBpGCWgAasmN0k4TpMGY5cp29H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:fe:86:1e:74:ed:e4:81:ee:41:56:2b:2c:3a:4a:1b:31:43:
64:df:2f:8c:4b:a9:95:34:a0:7f:cd:44:73:10:ba:b8:d4:74:
c1:63:14:38:b2:01:6b:b8:df:31:c1:32:a0:54:d0:58:94:db:
bc:66:9f:ac:ff:13:ca:8e:b1:cf:47:ff:0b:5c:bf:1e:9d:e5:
12:ad:21:65:e3:94:96:3e:8d:c1:b4:a7:d1:8d:4d:48:56:1e:
21:e5:00:af:51:aa:f1:6e:c1:80:3a:6c:9e:b0:42:07:5c:7a:
af:31:85:c4:ff:a6:b5:4f:b8:18:82:6f:02:44:c1:4d:82:8b:
3b:69:6b:51:25:ed:d7:ec:6a:3e:b6:69:17:b4:d2:d8:14:3e:
c7:9d:3b:7c:e1:87:6d:1b:69:77:93:dc:f9:d6:d8:8b:84:00:
54:d3:a2:a3:0b:a8:62:4e:a2:94:99:1f:a7:50:50:57:b7:d7:
10:39:e4:90:43:bb:b9:af:88:bd:1d:f5:81:e4:4a:d1:2f:88:
d6:79:5c:2a:62:65:89:1e:0c:fe:55:f1:ab:31:f3:51:0d:e3:
77:32:5b:b3:16:44:eb:14:3e:f2:04:6b:c2:c5:a6:79:4a:3e:
05:e2:fd:0a:d7:e1:3a:60:a2:71:e5:cf:95:f7:0a:d9:69:14:
65:85:be:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYJeqEqZu2FpTii0N+OD6J9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODAyMTMwNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDFhNDYwOTY4MDA2YWM5OGRkMjRlMTNhNGMxOThlNWNhNzZmNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIeL7nLjftHWsPfKA9F5aD5y2lsN
VWw8qTh9Q+2geUWGSSQW/rnRyRL34rPqYJM+tHMifP4Nbf7Wy+fphzLqBhdsdZOo
4Z2qbLRSaUwiux6/4kEB0Xj0GterBNYdxYcBhZUm2WrMHyRya6ot6gqplK/C1X2U
B90Mvk0tDEOnBs4nLEar+l0ejDdPoQqmJ1lq/Uqa8weIzksOMLPtaneA2p+48gVZ
4TDbpnLGF8Lzw/rbabU3p29uBnC5436w1z+WnltffFbIXQlwDyRAqBOtbkkjnJxD
A2DZ5Z2gUiT7R9cKWzXQjxr6ahYAgoHRajADpKZbYwwkji4HtNDxJJLTmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDAaRgloAGrJjdJOE6TBmOXKdvR+MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTUJwR0NXZ0Fhc21OMGs0VHBNR1k1Y3AyOUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI3+hh507eSB7kFWKyw6
ShsxQ2TfL4xLqZU0oH/NRHMQurjUdMFjFDiyAWu43zHBMqBU0FiU27xmn6z/E8qO
sc9H/wtcvx6d5RKtIWXjlJY+jcG0p9GNTUhWHiHlAK9RqvFuwYA6bJ6wQgdceq8x
hcT/prVPuBiCbwJEwU2Ciztpa1El7dfsaj62aRe00tgUPsedO3zhh20baXeT3PnW
2IuEAFTToqMLqGJOopSZH6dQUFe31xA55JBDu7mviL0d9YHkStEviNZ5XCpiZYke
DP5V8asx81EN43cyW7MWROsUPvIEa8LFpnlKPgXi/QrX4TpgonHlz5X3CtlpFGWF
vmQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:38:47 2025 by rpki-client