Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MBtYs37KZT3HBA_1ldpl2YnSyM8.roa
File: MBtYs37KZT3HBA_1ldpl2YnSyM8.roa (raw, json)
Hash identifier: zD+GGAZc7RAA0LWi2gm0bedz3Ez+0xKGmuR30ADwrCQ=
Subject key identifier: 30:1B:58:B3:7E:CA:65:3D:C7:04:0F:F5:95:DA:65:D9:89:D2:C8:CF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3B38E6EFB9797CA3BE7662E943311824
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MBtYs37KZT3HBA_1ldpl2YnSyM8.roa
Signing time: Mon 28 Aug 2023 08:18:19 +0000
ROA not before: Mon 28 Aug 2023 08:18:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:38:e6:ef:b9:79:7c:a3:be:76:62:e9:43:31:18:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 08:18:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=301b58b37eca653dc7040ff595da65d989d2c8cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8f:5d:e4:8b:ec:5a:da:cf:62:0d:48:69:de:
1b:78:31:d8:bb:b1:7b:de:ab:65:ec:ca:15:5e:9a:
db:ef:44:66:3a:36:33:82:26:1b:0d:48:c6:c9:57:
a7:a1:58:d0:e4:01:4d:3e:83:89:9d:8f:2d:ec:1d:
4a:cd:2a:2c:e2:c8:7f:4e:3a:03:91:4b:a2:b0:de:
46:8b:28:a8:3e:ff:a8:05:71:f5:5d:13:2a:c2:3d:
b4:50:f2:fa:1f:63:ed:7b:f9:8c:53:6f:02:0a:25:
7f:cd:95:bf:32:5a:ae:78:e9:b3:9f:54:cb:3c:64:
b2:de:7e:51:fa:0f:87:0d:65:47:78:0e:b1:af:a4:
bf:99:4d:1b:b2:51:74:11:01:9f:5d:4f:40:e5:d8:
08:5c:5e:f9:a1:74:52:c0:68:ff:3b:7a:fa:9d:37:
3d:94:73:78:6a:6e:ec:a0:95:d5:69:00:f8:bb:c3:
29:dd:72:f7:c9:e1:83:e6:e0:1c:f9:4c:d1:73:83:
c1:6a:4e:01:2e:a5:d4:5a:70:f2:6f:49:a7:2c:fd:
b8:56:62:8d:a3:67:2c:26:2f:de:1f:1c:e0:12:1d:
3c:c6:11:85:21:81:39:c9:cc:ac:a4:c4:8a:ed:a5:
19:6f:b5:e0:18:ff:e4:c6:93:b8:59:11:a0:76:d5:
15:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:1B:58:B3:7E:CA:65:3D:C7:04:0F:F5:95:DA:65:D9:89:D2:C8:CF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MBtYs37KZT3HBA_1ldpl2YnSyM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:83:7f:6e:8e:df:ec:3a:bc:06:8b:35:1c:6f:7c:48:ab:39:
d9:f6:fa:ed:43:ed:ba:38:d0:6c:3e:d6:6e:19:f7:ba:d6:3d:
87:27:7b:38:a9:1e:7b:92:7d:c6:c9:6c:34:23:83:12:94:3e:
ee:1d:69:a7:33:79:6f:f2:1b:c9:52:56:8c:a7:93:a6:b5:37:
bd:b9:a8:ed:2f:51:03:35:21:3d:1a:26:f2:92:e9:35:51:df:
78:4f:db:16:9d:52:da:9c:22:66:d1:14:31:31:f6:48:9f:bf:
03:57:ff:2c:e8:c3:2c:fd:00:ea:fd:40:4e:9d:e8:1e:6e:67:
ac:22:8e:6d:b5:86:f1:dd:e6:35:ea:ad:8d:0c:fe:69:16:fb:
15:d2:4a:23:d0:15:4d:d5:4b:6c:28:8e:9a:d7:2e:a8:32:af:
ed:da:69:fc:51:a6:a0:2f:68:fc:2d:05:81:b3:51:78:bc:3e:
74:b3:46:2e:82:bb:8a:70:28:fb:41:07:c8:89:f7:d8:ab:cf:
a3:58:8a:5b:b1:2c:28:ca:23:5a:a6:39:c3:d0:c2:8b:17:e2:
18:35:30:ce:51:b0:04:07:ac:46:1f:6d:cf:b2:85:87:9c:78:
63:1d:88:a9:ba:a3:e2:b8:e1:a9:43:9c:42:67:48:85:78:a9:
c0:9c:5f:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo7OObvuXl8o752YulDMRgkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI4MDgxODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDFiNThiMzdlY2E2NTNkYzcwNDBmZjU5NWRhNjVkOTg5ZDJjOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1I9d5IvsWtrPYg1Iad4beDHYu7F7
3qtl7MoVXprb70RmOjYzgiYbDUjGyVenoVjQ5AFNPoOJnY8t7B1KzSos4sh/TjoD
kUuisN5GiyioPv+oBXH1XRMqwj20UPL6H2Pte/mMU28CCiV/zZW/MlqueOmzn1TL
PGSy3n5R+g+HDWVHeA6xr6S/mU0bslF0EQGfXU9A5dgIXF75oXRSwGj/O3r6nTc9
lHN4am7soJXVaQD4u8Mp3XL3yeGD5uAc+UzRc4PBak4BLqXUWnDyb0mnLP24VmKN
o2csJi/eHxzgEh08xhGFIYE5ycyspMSK7aUZb7XgGP/kxpO4WRGgdtUVBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDAbWLN+ymU9xwQP9ZXaZdmJ0sjPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTUJ0WXMzN0taVDNIQkFfMWxkcGwyWW5TeU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAISDf26O3+w6vAaLNRxv
fEirOdn2+u1D7bo40Gw+1m4Z97rWPYcnezipHnuSfcbJbDQjgxKUPu4daaczeW/y
G8lSVoynk6a1N725qO0vUQM1IT0aJvKS6TVR33hP2xadUtqcImbRFDEx9kifvwNX
/yzowyz9AOr9QE6d6B5uZ6wijm21hvHd5jXqrY0M/mkW+xXSSiPQFU3VS2wojprX
Lqgyr+3aafxRpqAvaPwtBYGzUXi8PnSzRi6Cu4pwKPtBB8iJ99irz6NYiluxLCjK
I1qmOcPQwosX4hg1MM5RsAQHrEYfbc+yhYeceGMdiKm6o+K44alDnEJnSIV4qcCc
X78=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:08:15 2025 by rpki-client