Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/M_NsqUMCajqwxnrWuLP_PN4srys.roa
File: M_NsqUMCajqwxnrWuLP_PN4srys.roa (raw, json)
Hash identifier: zDSQvWzvJ6Ek33KHAWH4tu0gm8CcVS6C3ZyEe6hZkLQ=
Subject key identifier: 33:F3:6C:A9:43:02:6A:3A:B0:C6:7A:D6:B8:B3:FF:3C:DE:2C:AF:2B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01861089812DA34D2B206BCF2B2F70D7D8C0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/M_NsqUMCajqwxnrWuLP_PN4srys.roa
Signing time: Thu 02 Feb 2023 05:11:32 +0000
ROA not before: Thu 02 Feb 2023 05:11:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:10:89:81:2d:a3:4d:2b:20:6b:cf:2b:2f:70:d7:d8:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 2 05:11:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33f36ca943026a3ab0c67ad6b8b3ff3cde2caf2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:00:2d:60:89:60:45:fd:45:c0:8f:d5:57:36:
38:dc:e5:2d:db:42:56:e5:b3:4d:7c:06:66:38:e6:
ae:0b:35:a2:b3:e5:9e:b0:46:8f:da:fb:db:46:7b:
a3:4b:88:5d:85:cd:57:02:8f:8b:e2:78:2f:1b:81:
37:ab:6a:6f:75:76:aa:a5:63:c0:7a:e1:97:48:b4:
88:ce:8d:13:ca:55:03:8f:51:a9:e0:26:bc:94:eb:
61:4a:67:90:32:3a:c4:17:37:f1:d4:bf:bd:69:b0:
98:22:5f:14:00:8d:1b:be:0d:87:aa:16:5d:2b:83:
b3:03:71:16:cb:61:42:a0:af:13:88:b0:d8:4d:c0:
61:52:b1:18:ac:3d:05:b1:e5:64:31:14:30:b5:1a:
20:3d:98:7c:ef:4e:a7:af:71:7d:dd:0c:8c:0b:a2:
b1:f8:d4:89:7d:f3:89:0f:67:3e:d0:ad:c5:e0:bb:
c1:22:bc:f6:dd:22:d3:05:1c:5d:35:4a:b2:ab:27:
be:d3:ba:b5:44:c9:49:a9:1f:f3:14:64:4a:d3:bb:
3f:75:da:75:50:11:ba:23:f2:fd:cf:6d:7b:2b:33:
86:66:2c:b1:9e:eb:07:a5:27:e7:25:c2:cf:05:9f:
78:bc:ed:e4:c0:8f:87:2c:8b:bf:ac:a9:41:af:61:
d6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F3:6C:A9:43:02:6A:3A:B0:C6:7A:D6:B8:B3:FF:3C:DE:2C:AF:2B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/M_NsqUMCajqwxnrWuLP_PN4srys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:68:b4:59:c8:cd:61:a1:50:b2:2e:b6:5a:1c:43:71:a8:fb:
50:41:c9:1e:d9:92:c7:cc:d3:e5:14:17:26:8e:c6:f5:64:0e:
61:16:b1:e7:aa:e2:e5:9f:5b:ac:ff:56:fd:94:f7:38:47:dd:
99:b5:6f:4c:c2:f3:fb:39:4f:1f:49:67:2d:1e:ed:ef:ce:ea:
ca:01:5d:da:a0:9f:5a:3e:0b:ee:33:c1:25:ad:2a:2b:26:33:
39:f9:af:96:c5:eb:e9:d8:d4:cb:3a:24:e5:30:ba:0b:a5:ef:
09:8d:eb:42:d4:29:e0:fb:53:92:a4:3e:cf:b8:bd:cb:73:d3:
e2:61:92:35:16:9a:2f:9c:71:27:1b:89:1c:e9:e2:68:9b:8e:
bf:20:b9:65:c2:1b:13:c6:37:b8:ef:af:fd:86:c7:ab:2a:a8:
43:5d:3a:89:e9:2f:2d:03:4c:b4:17:00:70:74:b0:8f:b9:17:
c7:dd:34:35:c1:a3:4e:8a:20:04:f3:40:96:6d:6d:89:69:de:
8b:67:1a:fb:b5:1e:05:e8:f7:cc:37:34:0b:d2:50:6e:af:5a:
1b:cd:90:91:93:1d:81:24:d4:a1:6b:2d:a7:21:b1:cc:6f:cb:
f7:64:12:f4:8c:9d:cc:62:de:89:c2:82:33:4b:01:25:e9:02:
98:f7:a1:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYQiYEto00rIGvPKy9w19jAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjAyMDUxMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2YzNmNhOTQzMDI2YTNhYjBjNjdhZDZiOGIzZmYzY2RlMmNhZjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwAtYIlgRf1FwI/VVzY43OUt20JW
5bNNfAZmOOauCzWis+WesEaP2vvbRnujS4hdhc1XAo+L4ngvG4E3q2pvdXaqpWPA
euGXSLSIzo0TylUDj1Gp4Ca8lOthSmeQMjrEFzfx1L+9abCYIl8UAI0bvg2HqhZd
K4OzA3EWy2FCoK8TiLDYTcBhUrEYrD0FseVkMRQwtRogPZh8706nr3F93QyMC6Kx
+NSJffOJD2c+0K3F4LvBIrz23SLTBRxdNUqyqye+07q1RMlJqR/zFGRK07s/ddp1
UBG6I/L9z217KzOGZiyxnusHpSfnJcLPBZ94vO3kwI+HLIu/rKlBr2HWCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDPzbKlDAmo6sMZ61riz/zzeLK8rMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTV9Oc3FVTUNhanF3eG5yV3VMUF9QTjRzcnlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABVotFnIzWGhULIutloc
Q3Go+1BByR7ZksfM0+UUFyaOxvVkDmEWseeq4uWfW6z/Vv2U9zhH3Zm1b0zC8/s5
Tx9JZy0e7e/O6soBXdqgn1o+C+4zwSWtKismMzn5r5bF6+nY1Ms6JOUwugul7wmN
60LUKeD7U5KkPs+4vctz0+JhkjUWmi+ccScbiRzp4mibjr8guWXCGxPGN7jvr/2G
x6sqqENdOonpLy0DTLQXAHB0sI+5F8fdNDXBo06KIATzQJZtbYlp3otnGvu1HgXo
98w3NAvSUG6vWhvNkJGTHYEk1KFrLachscxvy/dkEvSMncxi3onCgjNLASXpApj3
odU=
-----END CERTIFICATE-----
Generated at Thu May 1 08:26:40 2025 by rpki-client