Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MGWzyo76LjcqlVQ2zYXa52B-RzA.roa
File: MGWzyo76LjcqlVQ2zYXa52B-RzA.roa (raw, json)
Hash identifier: Lk2/nGENao/tG415xcfh7ZOy0F748SVAoMzbnT2l2jI=
Subject key identifier: 30:65:B3:CA:8E:FA:2E:37:2A:95:54:36:CD:85:DA:E7:60:7E:47:30
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01866738BFA1B69A178B8CCB88D6A5A19492
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MGWzyo76LjcqlVQ2zYXa52B-RzA.roa
Signing time: Sun 19 Feb 2023 01:10:17 +0000
ROA not before: Sun 19 Feb 2023 01:10:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:67:38:bf:a1:b6:9a:17:8b:8c:cb:88:d6:a5:a1:94:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 19 01:10:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3065b3ca8efa2e372a955436cd85dae7607e4730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3d:e9:c9:7c:75:81:16:8e:25:80:75:bb:07:
ea:4d:32:70:2a:b1:22:79:5e:9f:83:9e:a5:70:fe:
1e:ae:6e:b0:bd:fd:52:4b:a2:70:67:3d:ab:cb:de:
b8:f0:76:b0:ce:96:26:51:4e:d1:81:8e:75:28:39:
99:a2:32:6d:19:e6:76:d5:24:1d:0f:cf:13:46:3f:
d3:47:b3:b8:b7:29:8f:45:08:56:62:f3:55:d3:a8:
68:1b:ef:7d:93:05:ea:ee:a9:91:90:b6:02:fa:7d:
95:32:2b:b6:63:12:69:78:97:de:df:1c:78:ac:6a:
3d:56:ba:d3:b3:d6:86:86:93:d0:b4:a1:98:a5:3a:
1a:30:dd:6b:32:8c:e2:bc:36:e3:f9:cc:8e:6c:01:
5c:82:99:40:63:17:9e:bf:b1:86:14:af:ff:20:be:
1f:74:e3:f3:dc:be:b4:a5:d2:32:43:6c:6d:61:d0:
a4:f0:e3:ee:b1:9c:df:e8:6b:d7:eb:f3:0c:d3:74:
4c:4a:b9:2b:d2:28:f5:cf:1f:8d:60:c7:d1:24:98:
06:ec:db:d8:a1:3e:96:53:88:ba:95:ed:ca:eb:9f:
9a:ca:19:69:f2:89:fd:ae:ee:19:34:61:1d:a8:f7:
bd:2a:e5:80:b0:7d:f6:23:24:62:1f:4d:f1:00:6d:
11:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:65:B3:CA:8E:FA:2E:37:2A:95:54:36:CD:85:DA:E7:60:7E:47:30
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MGWzyo76LjcqlVQ2zYXa52B-RzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:a2:3a:33:2d:ea:6c:cc:2e:d0:66:82:a3:5f:6a:80:20:6f:
58:ac:d7:25:39:73:32:18:87:2b:ef:9a:3e:78:e7:28:98:7b:
10:37:24:90:9c:c0:df:cb:76:4f:4a:7f:86:74:38:ee:3a:5b:
aa:cc:64:6f:19:6d:2d:d6:41:5a:5a:62:f4:b6:49:c3:89:da:
9c:9c:7b:c8:aa:6e:1d:46:cf:b2:4f:52:68:27:c6:f5:e2:32:
fe:72:af:21:e0:d9:7d:aa:2a:53:74:88:de:b7:68:f6:5b:e1:
1f:26:eb:5a:94:8d:f0:83:fe:d7:de:2b:db:df:db:39:b4:53:
96:f1:00:2b:0c:05:e7:7d:72:7d:9c:98:0e:15:9e:d8:0c:a7:
67:c1:98:7f:a7:42:d9:40:d1:77:88:c4:13:35:c4:77:ab:7a:
17:b0:65:1c:1f:f2:44:00:db:c3:e6:3d:88:61:f5:ab:37:17:
97:57:56:68:26:8c:bf:d2:e8:31:5e:79:84:38:13:91:51:2a:
60:61:e2:f8:88:b6:2c:bb:57:a0:ce:0e:8e:39:ad:a1:75:95:
81:69:75:ad:46:4b:82:20:3c:68:c9:8c:a1:1f:a9:3f:ef:e6:
15:a2:f6:e3:a7:86:c3:5f:61:8f:5b:7d:bb:95:b2:fe:67:da:
c1:32:2a:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZnOL+htpoXi4zLiNaloZSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE5MDExMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDY1YjNjYThlZmEyZTM3MmE5NTU0MzZjZDg1ZGFlNzYwN2U0NzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2z3pyXx1gRaOJYB1uwfqTTJwKrEi
eV6fg56lcP4erm6wvf1SS6JwZz2ry9648HawzpYmUU7RgY51KDmZojJtGeZ21SQd
D88TRj/TR7O4tymPRQhWYvNV06hoG+99kwXq7qmRkLYC+n2VMiu2YxJpeJfe3xx4
rGo9VrrTs9aGhpPQtKGYpToaMN1rMozivDbj+cyObAFcgplAYxeev7GGFK//IL4f
dOPz3L60pdIyQ2xtYdCk8OPusZzf6GvX6/MM03RMSrkr0ij1zx+NYMfRJJgG7NvY
oT6WU4i6le3K65+ayhlp8on9ru4ZNGEdqPe9KuWAsH32IyRiH03xAG0RBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDBls8qO+i43KpVUNs2F2udgfkcwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTUdXenlvNzZMamNxbFZRMnpZWGE1MkItUnpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA6iOjMt6mzMLtBmgqNf
aoAgb1is1yU5czIYhyvvmj545yiYexA3JJCcwN/Ldk9Kf4Z0OO46W6rMZG8ZbS3W
QVpaYvS2ScOJ2pyce8iqbh1Gz7JPUmgnxvXiMv5yryHg2X2qKlN0iN63aPZb4R8m
61qUjfCD/tfeK9vf2zm0U5bxACsMBed9cn2cmA4VntgMp2fBmH+nQtlA0XeIxBM1
xHerehewZRwf8kQA28PmPYhh9as3F5dXVmgmjL/S6DFeeYQ4E5FRKmBh4viItiy7
V6DODo45raF1lYFpda1GS4IgPGjJjKEfqT/v5hWi9uOnhsNfYY9bfbuVsv5n2sEy
KnA=
-----END CERTIFICATE-----
Generated at Sat May 3 21:27:16 2025 by rpki-client