Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MFK288DjJ-_Noj9eCzAg1XBq8rs.roa
File: MFK288DjJ-_Noj9eCzAg1XBq8rs.roa (raw, json)
Hash identifier: DxvtY8LzrFkck65JJnoTzLFshG++yOFos2Q5gjhTLYA=
Subject key identifier: 30:52:B6:F3:C0:E3:27:EF:CD:A2:3F:5E:0B:30:20:D5:70:6A:F2:BB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01860BCF2D7D48CD8D78B47355DC5CB1FFAF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MFK288DjJ-_Noj9eCzAg1XBq8rs.roa
Signing time: Wed 01 Feb 2023 07:09:32 +0000
ROA not before: Wed 01 Feb 2023 07:09:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0b:cf:2d:7d:48:cd:8d:78:b4:73:55:dc:5c:b1:ff:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 1 07:09:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3052b6f3c0e327efcda23f5e0b3020d5706af2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:06:3d:6b:0e:ad:6a:9c:ef:58:9b:76:bf:f6:
f4:5c:62:8d:9e:6f:00:86:d5:11:38:01:b7:0e:1b:
75:4b:96:43:b3:58:88:fd:60:b6:92:09:04:be:c5:
f8:bb:a2:5d:0b:d6:9d:c4:90:88:b0:92:93:40:3c:
5b:16:d3:2b:7a:d5:f9:24:b4:d4:6c:c3:d9:f4:cf:
d7:1b:86:41:b8:e1:78:70:55:90:9d:4d:20:73:de:
db:a4:5b:4b:e7:16:2c:e4:27:55:e5:65:08:4d:78:
c9:ca:61:2f:74:96:33:a7:b7:09:f9:02:ef:1d:79:
ab:2e:0a:bb:de:d2:4a:c1:6c:e9:20:5e:ff:42:3b:
26:fe:af:5f:93:8e:58:0e:6a:97:3a:b4:c8:02:c4:
ec:f7:66:e1:a5:16:4f:22:da:5c:46:41:f4:7e:61:
7d:56:8f:af:f5:fd:bd:8b:3a:82:ca:e6:23:1d:93:
2e:4b:ea:bd:19:48:4f:da:3c:43:fa:c0:e5:39:9f:
9e:d8:47:d1:19:c1:14:f6:13:8d:f0:99:ea:13:9f:
5a:31:84:f8:c6:e5:07:5b:c4:e6:be:76:d8:97:12:
eb:b6:03:b4:52:39:2e:6a:1c:0c:84:7b:40:37:b3:
06:a6:59:a8:0e:f5:fd:c9:5a:93:9a:09:39:ef:2a:
47:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:52:B6:F3:C0:E3:27:EF:CD:A2:3F:5E:0B:30:20:D5:70:6A:F2:BB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MFK288DjJ-_Noj9eCzAg1XBq8rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:df:27:a0:17:a2:8f:af:33:87:8a:1a:d5:bb:e2:e5:b9:55:
ed:b0:8a:78:a9:11:b9:51:98:d7:f2:e6:7b:27:2b:b8:59:1d:
e2:d4:71:91:d8:ed:37:77:6a:5d:39:ed:af:ec:8c:49:4a:f4:
e5:49:4e:cd:17:20:82:12:b4:a7:ab:f2:f2:08:85:e0:dd:a3:
41:6c:b9:0c:32:e3:c2:ee:a1:c2:90:5f:ca:61:af:5c:cc:ed:
63:66:3a:1e:de:b5:11:8b:3d:91:5b:4c:49:03:c4:03:e4:fe:
a0:55:70:d5:12:d6:16:f3:35:a6:2d:7e:3f:1c:16:4a:d2:3b:
37:62:23:26:30:b8:46:64:fe:b7:49:f8:89:53:d7:b0:8f:d1:
f4:d6:81:06:f2:14:4e:73:a9:29:c8:e1:83:10:a6:0b:11:61:
37:b8:84:0b:b3:6a:3e:5e:97:ee:cd:7c:59:a6:86:b0:96:4d:
24:09:e4:58:0c:60:a7:dc:56:99:7b:6d:fd:93:7e:20:fc:b6:
f0:54:fa:00:3e:2b:60:e0:38:2c:e2:8c:4f:87:5c:77:c8:91:
e3:16:6e:cd:f9:c6:79:57:23:88:85:76:62:c0:71:1c:8a:b0:
bc:53:96:7e:62:81:94:05:8a:65:a0:a2:77:26:ab:b6:a0:35:
36:d6:04:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYLzy19SM2NeLRzVdxcsf+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjAxMDcwOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDUyYjZmM2MwZTMyN2VmY2RhMjNmNWUwYjMwMjBkNTcwNmFmMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAY9aw6tapzvWJt2v/b0XGKNnm8A
htUROAG3Dht1S5ZDs1iI/WC2kgkEvsX4u6JdC9adxJCIsJKTQDxbFtMretX5JLTU
bMPZ9M/XG4ZBuOF4cFWQnU0gc97bpFtL5xYs5CdV5WUITXjJymEvdJYzp7cJ+QLv
HXmrLgq73tJKwWzpIF7/Qjsm/q9fk45YDmqXOrTIAsTs92bhpRZPItpcRkH0fmF9
Vo+v9f29izqCyuYjHZMuS+q9GUhP2jxD+sDlOZ+e2EfRGcEU9hON8JnqE59aMYT4
xuUHW8TmvnbYlxLrtgO0UjkuahwMhHtAN7MGplmoDvX9yVqTmgk57ypHNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDBStvPA4yfvzaI/XgswINVwavK7MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTUZLMjg4RGpKLV9Ob2o5ZUN6QWcxWEJxOHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHPfJ6AXoo+vM4eKGtW7
4uW5Ve2winipEblRmNfy5nsnK7hZHeLUcZHY7Td3al057a/sjElK9OVJTs0XIIIS
tKer8vIIheDdo0FsuQwy48LuocKQX8phr1zM7WNmOh7etRGLPZFbTEkDxAPk/qBV
cNUS1hbzNaYtfj8cFkrSOzdiIyYwuEZk/rdJ+IlT17CP0fTWgQbyFE5zqSnI4YMQ
pgsRYTe4hAuzaj5el+7NfFmmhrCWTSQJ5FgMYKfcVpl7bf2TfiD8tvBU+gA+K2Dg
OCzijE+HXHfIkeMWbs35xnlXI4iFdmLAcRyKsLxTln5igZQFimWgoncmq7agNTbW
BMY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:36:03 2025 by rpki-client