Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MPVh5rkG-H01CDoQNaHIVxYFy5w.roa
File: MPVh5rkG-H01CDoQNaHIVxYFy5w.roa (raw, json)
Hash identifier: uUuDv4UP2VRAy93jnfIAOodfBfJlf2oDtifozV2fm2w=
Subject key identifier: 30:F5:61:E6:B9:06:F8:7D:35:08:3A:10:35:A1:C8:57:16:05:CB:9C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01893D93985E75A7270B57086A0905F8E60B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MPVh5rkG-H01CDoQNaHIVxYFy5w.roa
Signing time: Mon 10 Jul 2023 02:13:50 +0000
ROA not before: Mon 10 Jul 2023 02:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3d:93:98:5e:75:a7:27:0b:57:08:6a:09:05:f8:e6:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 10 02:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30f561e6b906f87d35083a1035a1c8571605cb9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a6:7f:5c:de:ca:a6:c1:38:a0:ed:97:44:e9:
7b:26:09:8a:3f:ae:58:32:4b:9b:06:4d:0d:79:c1:
fd:eb:7c:f6:5d:19:39:ac:3e:de:04:46:96:78:ec:
e6:da:5d:ce:b5:aa:3d:c5:13:57:20:1b:11:bc:cd:
ab:22:a6:96:5c:11:f8:ad:a1:33:f4:c8:14:8d:5e:
0c:9d:75:97:17:a0:5f:43:a2:28:dc:5d:e6:28:75:
8b:d7:3a:cf:b3:d6:11:ed:2d:11:44:50:ed:00:5a:
fc:ed:95:b0:cc:ff:73:7c:9b:13:87:2b:94:08:b5:
1d:42:ba:4a:86:45:75:26:25:e4:ec:c3:c7:7c:5f:
36:9b:94:cc:2e:e9:7c:7b:8e:0b:a4:7e:04:d0:25:
bc:37:c4:d1:ff:62:a2:35:11:84:0e:2c:a4:d0:8f:
64:57:04:62:e6:47:77:2f:49:2d:ac:71:83:91:7e:
0b:ad:50:80:42:47:02:f2:1e:76:42:a7:02:15:67:
a9:66:16:17:70:22:44:58:30:f2:05:c5:62:39:41:
bc:7d:33:a5:26:6f:2a:24:64:e7:dc:36:1f:2f:cc:
4e:13:65:aa:ac:53:50:de:f2:40:98:91:14:e1:37:
a4:0d:32:9d:d6:ab:30:b8:2d:75:9f:99:4d:8f:d5:
8c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F5:61:E6:B9:06:F8:7D:35:08:3A:10:35:A1:C8:57:16:05:CB:9C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MPVh5rkG-H01CDoQNaHIVxYFy5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:a2:0c:e9:3a:65:89:50:71:71:0f:a0:ce:77:56:90:99:53:
ac:20:74:5a:67:05:a6:dc:0f:b0:16:3d:6b:06:94:7e:c4:41:
ca:a3:cc:0f:90:2c:45:82:dd:09:bc:50:a3:dd:bb:37:77:b4:
c9:4b:4b:16:92:ed:c6:34:87:2f:ef:34:9e:ff:4f:bf:d0:68:
18:bf:5e:0b:ba:ff:96:b6:ca:f6:47:e4:1e:fd:a4:85:df:3e:
9a:bd:31:f6:5f:bc:a6:c4:5d:d4:e5:2b:c8:93:9b:7a:02:8d:
67:33:fe:25:a3:0d:84:a2:c5:92:fe:f2:37:44:51:b5:3a:af:
af:f4:25:76:03:72:c9:0b:20:e0:58:22:6f:58:25:36:b5:20:
04:a0:89:ea:66:2b:6f:ef:8c:d6:b2:d4:b3:e6:57:50:13:80:
e1:18:f7:79:83:78:e2:ae:20:fb:38:16:75:f5:d4:55:25:6c:
d9:b2:3e:e8:83:dd:74:95:8d:93:ca:fe:c2:21:97:6e:01:35:
89:7c:19:39:f7:6e:82:18:ee:88:9c:51:fe:d2:8f:62:ee:46:
cd:b6:4a:a8:83:88:ea:ee:9e:61:e2:bf:ac:5f:e7:9b:6f:dc:
5d:87:43:25:4d:f6:f3:50:fe:bf:46:d6:38:f4:0b:42:83:04:
e3:35:1e:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYk9k5hedacnC1cIagkF+OYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzEwMDIxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY1NjFlNmI5MDZmODdkMzUwODNhMTAzNWExYzg1NzE2MDVjYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKZ/XN7KpsE4oO2XROl7JgmKP65Y
MkubBk0NecH963z2XRk5rD7eBEaWeOzm2l3Otao9xRNXIBsRvM2rIqaWXBH4raEz
9MgUjV4MnXWXF6BfQ6Io3F3mKHWL1zrPs9YR7S0RRFDtAFr87ZWwzP9zfJsThyuU
CLUdQrpKhkV1JiXk7MPHfF82m5TMLul8e44LpH4E0CW8N8TR/2KiNRGEDiyk0I9k
VwRi5kd3L0ktrHGDkX4LrVCAQkcC8h52QqcCFWepZhYXcCJEWDDyBcViOUG8fTOl
Jm8qJGTn3DYfL8xOE2WqrFNQ3vJAmJEU4TekDTKd1qswuC11n5lNj9WMtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDD1Yea5Bvh9NQg6EDWhyFcWBcucMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTVBWaDVya0ctSDAxQ0RvUU5hSElWeFlGeTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD2iDOk6ZYlQcXEPoM53
VpCZU6wgdFpnBabcD7AWPWsGlH7EQcqjzA+QLEWC3Qm8UKPduzd3tMlLSxaS7cY0
hy/vNJ7/T7/QaBi/Xgu6/5a2yvZH5B79pIXfPpq9MfZfvKbEXdTlK8iTm3oCjWcz
/iWjDYSixZL+8jdEUbU6r6/0JXYDcskLIOBYIm9YJTa1IASgiepmK2/vjNay1LPm
V1ATgOEY93mDeOKuIPs4FnX11FUlbNmyPuiD3XSVjZPK/sIhl24BNYl8GTn3boIY
7oicUf7Sj2LuRs22SqiDiOrunmHiv6xf55tv3F2HQyVN9vNQ/r9G1jj0C0KDBOM1
Huk=
-----END CERTIFICATE-----
Generated at Thu May 1 22:23:27 2025 by rpki-client