Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MTbRRjjdrNwoaEMdE2mDt5tnF0Y.roa
File: MTbRRjjdrNwoaEMdE2mDt5tnF0Y.roa (raw, json)
Hash identifier: 6hyvracQcnRjSsdHICz6JAWxzSQh776lp+sSgyX2aHk=
Subject key identifier: 31:36:D1:46:38:DD:AC:DC:28:68:43:1D:13:69:83:B7:9B:67:17:46
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A19B2D49B12975494940AAE1B97CEB417
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MTbRRjjdrNwoaEMdE2mDt5tnF0Y.roa
Signing time: Mon 21 Aug 2023 20:04:24 +0000
ROA not before: Mon 21 Aug 2023 20:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:18a:19b2:ab46/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:19:b2:d4:9b:12:97:54:94:94:0a:ae:1b:97:ce:b4:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 21 20:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3136d14638ddacdc2868431d136983b79b671746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e7:ce:0b:af:1f:ed:85:ae:0c:81:0d:9b:c5:
db:d6:a1:81:17:8f:a8:c3:08:f2:1f:9d:30:e2:14:
fe:9b:b4:97:0d:23:81:e5:ee:27:67:eb:27:22:56:
90:93:e7:08:3b:f3:36:d0:09:e0:eb:2a:8d:cc:8c:
0f:d3:3f:b4:53:86:68:0e:67:85:a2:43:12:18:6a:
40:f3:52:50:a6:67:4c:fc:50:93:50:26:41:5f:bc:
43:29:36:65:74:be:e0:5e:d2:ab:3b:18:66:f5:b9:
8e:d1:d1:09:c6:40:18:1b:ef:d8:b2:85:d5:c8:0e:
00:34:fc:15:80:98:12:bf:43:87:c7:ac:a1:af:e2:
35:d2:71:ee:c2:c7:fb:e5:34:86:88:a8:c7:be:58:
9e:3f:de:81:2a:fc:36:a7:11:bf:ab:ad:f1:75:11:
ff:be:34:97:94:be:91:f3:5c:89:57:a8:e4:39:35:
e7:10:a4:21:a3:e8:23:56:fe:ac:a3:bf:d4:e2:7b:
bc:05:ca:e9:65:25:8c:06:e8:b5:da:e7:ba:d1:2b:
94:70:b5:60:a8:0f:b3:27:2a:bc:3a:ae:1f:a3:fa:
60:e3:29:3a:3d:20:01:86:07:ad:16:fc:34:3d:02:
7e:e6:f5:77:69:d8:1f:27:0d:b2:d2:0f:82:a1:61:
68:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:36:D1:46:38:DD:AC:DC:28:68:43:1D:13:69:83:B7:9B:67:17:46
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MTbRRjjdrNwoaEMdE2mDt5tnF0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:cf:7e:02:1d:e7:10:ac:67:d4:e3:a8:17:b9:33:5b:51:4d:
29:d8:f7:fc:d2:0c:cc:3f:ab:34:82:aa:ce:90:0e:6d:c8:ca:
2d:65:e9:9f:c3:f3:40:2c:2a:42:59:db:2f:9d:d7:7e:1c:69:
53:bd:88:f1:b1:94:a6:17:f8:22:51:18:f7:b3:db:e7:4a:c2:
20:36:af:c5:78:a2:4a:45:07:2a:70:72:8c:ab:d6:cd:4f:1f:
98:7e:40:7e:5f:e9:27:dd:c5:5a:ee:bc:0d:e4:35:68:b9:34:
97:95:6c:44:e0:05:b0:e7:fc:d4:b4:eb:39:13:7d:f5:c3:7a:
24:4f:04:fc:82:5d:bc:a3:b1:fa:58:d2:05:9d:7c:9f:c7:de:
7f:8e:2c:fa:56:54:1b:d6:7d:3d:b9:97:09:bc:2c:50:1a:fb:
75:34:39:07:ad:a4:98:0f:8e:56:21:d7:f2:21:99:6a:51:47:
de:48:b8:d0:4f:50:fc:45:34:82:ce:75:d0:38:29:ce:b0:0c:
9a:9d:f3:53:49:d3:0b:a0:37:61:83:3f:9a:b6:51:54:b4:ad:
8b:4f:88:45:d8:f1:e3:fe:34:a3:a1:b8:31:2d:f9:ba:11:4c:
25:6a:96:72:e3:92:3e:cf:1a:51:ec:70:1c:23:dd:26:99:1a:
e7:1b:89:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoZstSbEpdUlJQKrhuXzrQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIxMjAwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTM2ZDE0NjM4ZGRhY2RjMjg2ODQzMWQxMzY5ODNiNzliNjcxNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtufOC68f7YWuDIENm8Xb1qGBF4+o
wwjyH50w4hT+m7SXDSOB5e4nZ+snIlaQk+cIO/M20Ang6yqNzIwP0z+0U4ZoDmeF
okMSGGpA81JQpmdM/FCTUCZBX7xDKTZldL7gXtKrOxhm9bmO0dEJxkAYG+/YsoXV
yA4ANPwVgJgSv0OHx6yhr+I10nHuwsf75TSGiKjHvlieP96BKvw2pxG/q63xdRH/
vjSXlL6R81yJV6jkOTXnEKQho+gjVv6so7/U4nu8BcrpZSWMBui12ue60SuUcLVg
qA+zJyq8Oq4fo/pg4yk6PSABhgetFvw0PQJ+5vV3adgfJw2y0g+CoWFodQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDE20UY43azcKGhDHRNpg7ebZxdGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTVRiUlJqamRyTndvYUVNZEUybUR0NXRuRjBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFPPfgId5xCsZ9TjqBe5
M1tRTSnY9/zSDMw/qzSCqs6QDm3Iyi1l6Z/D80AsKkJZ2y+d134caVO9iPGxlKYX
+CJRGPez2+dKwiA2r8V4okpFBypwcoyr1s1PH5h+QH5f6SfdxVruvA3kNWi5NJeV
bETgBbDn/NS06zkTffXDeiRPBPyCXbyjsfpY0gWdfJ/H3n+OLPpWVBvWfT25lwm8
LFAa+3U0OQetpJgPjlYh1/IhmWpRR95IuNBPUPxFNILOddA4Kc6wDJqd81NJ0wug
N2GDP5q2UVS0rYtPiEXY8eP+NKOhuDEt+boRTCVqlnLjkj7PGlHscBwj3SaZGucb
ibI=
-----END CERTIFICATE-----
Generated at Thu May 1 05:59:49 2025 by rpki-client