Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MTrKAl5FpOkB_ZutucSg3Zcgtgs.roa
File: MTrKAl5FpOkB_ZutucSg3Zcgtgs.roa (raw, json)
Hash identifier: yuPRyGbX1nIDlbmWFPGn2d9fQiEmfPy49AcljmP3iQA=
Subject key identifier: 31:3A:CA:02:5E:45:A4:E9:01:FD:9B:AD:B9:C4:A0:DD:97:20:B6:0B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018899699307C8C0655539420B6F1FC9C539
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MTrKAl5FpOkB_ZutucSg3Zcgtgs.roa
Signing time: Thu 08 Jun 2023 05:10:12 +0000
ROA not before: Thu 08 Jun 2023 05:10:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:99:69:93:07:c8:c0:65:55:39:42:0b:6f:1f:c9:c5:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 8 05:10:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=313aca025e45a4e901fd9badb9c4a0dd9720b60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:5d:2e:22:eb:45:22:2e:09:01:da:00:dc:71:
b0:b1:cd:07:e9:1b:8a:2f:bf:4f:b1:c8:6a:5c:3b:
e3:b8:0a:7b:6c:58:1a:d7:41:02:2e:5c:12:d4:ae:
e0:dc:e4:fa:c1:85:51:34:17:13:c6:9b:f7:d5:42:
90:09:2e:73:12:3c:07:61:0b:8e:95:21:55:c4:97:
49:92:0a:80:e1:c6:88:0a:5e:b3:e2:b2:e6:58:ea:
f6:6a:3c:cb:31:ae:3e:c5:08:b7:b9:fd:81:02:ef:
f0:5f:fa:89:93:76:9f:29:c8:24:3b:36:c8:3e:da:
7b:ef:c3:d7:52:15:0a:04:1c:1a:85:ef:d9:91:ef:
b9:f8:dc:a3:7f:85:27:76:39:d1:68:af:cb:72:a8:
c2:7f:61:76:73:61:28:d1:1f:05:55:98:be:e0:13:
a0:35:1a:d0:5c:65:c5:57:f1:7c:bf:f5:22:a1:98:
e5:98:e1:10:76:81:12:1f:33:b5:3e:40:94:2d:2a:
db:7e:c2:32:77:5e:0d:be:32:a7:19:e4:8e:42:95:
f8:22:7a:7f:7d:b0:70:93:3a:62:64:b8:88:59:14:
c7:1a:4e:19:19:8f:df:20:de:7b:f1:fa:2e:0e:63:
4e:0f:85:a4:50:49:09:b2:5f:09:ad:1c:e0:55:8c:
87:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:3A:CA:02:5E:45:A4:E9:01:FD:9B:AD:B9:C4:A0:DD:97:20:B6:0B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MTrKAl5FpOkB_ZutucSg3Zcgtgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:e4:de:ad:83:12:9b:62:b5:d1:ab:8d:e5:96:54:ab:07:71:
5c:27:f6:29:ef:04:20:52:bd:12:b1:db:dc:ac:a1:1e:ca:59:
c0:db:40:71:2d:81:80:19:d9:49:b8:d7:90:d8:44:87:a4:5f:
e9:7f:0c:ba:02:95:fd:55:5d:1d:c5:c1:82:57:ec:58:b0:26:
76:10:33:fb:c7:69:c3:1f:26:ef:0c:62:1a:b8:3d:61:03:a0:
a9:03:7a:b2:83:2f:43:64:29:7b:a9:d1:fe:16:67:05:d2:53:
b6:12:75:7f:4f:d9:69:5f:29:95:e7:7e:c5:8a:cb:45:f5:00:
89:c0:c7:9f:70:13:bb:58:25:89:63:ce:ae:f6:90:9f:8e:c0:
6f:c1:0e:c0:94:4f:85:65:6f:68:be:79:37:25:6f:c2:a3:bf:
e7:0a:6b:60:4a:6b:35:0b:65:6c:b2:cd:41:a1:ba:06:58:ca:
b6:01:81:1a:61:ed:74:d9:36:47:a1:e4:0c:6d:97:a4:1f:56:
50:8d:1c:16:5f:cb:6e:2b:07:8b:ce:c2:72:88:15:e3:f2:4e:
33:f8:db:a2:ff:e5:19:f8:22:95:a1:de:46:9d:75:72:9d:54:
84:47:d1:2c:31:62:73:db:9d:c3:e1:ba:f0:a2:36:fe:90:ef:
43:b1:5e:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiZaZMHyMBlVTlCC28fycU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjA4MDUxMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTNhY2EwMjVlNDVhNGU5MDFmZDliYWRiOWM0YTBkZDk3MjBiNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7F0uIutFIi4JAdoA3HGwsc0H6RuK
L79PschqXDvjuAp7bFga10ECLlwS1K7g3OT6wYVRNBcTxpv31UKQCS5zEjwHYQuO
lSFVxJdJkgqA4caICl6z4rLmWOr2ajzLMa4+xQi3uf2BAu/wX/qJk3afKcgkOzbI
Ptp778PXUhUKBBwahe/Zke+5+Nyjf4UndjnRaK/LcqjCf2F2c2Eo0R8FVZi+4BOg
NRrQXGXFV/F8v/UioZjlmOEQdoESHzO1PkCULSrbfsIyd14NvjKnGeSOQpX4Inp/
fbBwkzpiZLiIWRTHGk4ZGY/fIN578fouDmNOD4WkUEkJsl8JrRzgVYyHwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDE6ygJeRaTpAf2brbnEoN2XILYLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTVRyS0FsNUZwT2tCX1p1dHVjU2czWmNndGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJvk3q2DEptitdGrjeWW
VKsHcVwn9invBCBSvRKx29ysoR7KWcDbQHEtgYAZ2Um415DYRIekX+l/DLoClf1V
XR3FwYJX7FiwJnYQM/vHacMfJu8MYhq4PWEDoKkDerKDL0NkKXup0f4WZwXSU7YS
dX9P2WlfKZXnfsWKy0X1AInAx59wE7tYJYljzq72kJ+OwG/BDsCUT4Vlb2i+eTcl
b8Kjv+cKa2BKazULZWyyzUGhugZYyrYBgRph7XTZNkeh5Axtl6QfVlCNHBZfy24r
B4vOwnKIFePyTjP426L/5Rn4IpWh3kaddXKdVIRH0SwxYnPbncPhuvCiNv6Q70Ox
Xhk=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:50:18 2025 by rpki-client