Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Mdn-6J2IQ_JUGQBJDMGaFGoXjpI.roa
File: Mdn-6J2IQ_JUGQBJDMGaFGoXjpI.roa (raw, json)
Hash identifier: mYEhEWyYLLDDNHm5MBYXv3C3yF4tv2dVzQe9ZRmhZ2s=
Subject key identifier: 31:D9:FE:E8:9D:88:43:F2:54:19:00:49:0C:C1:9A:14:6A:17:8E:92
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186C7C27FA12B41BB8DE76A0E25BBCDB674
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Mdn-6J2IQ_JUGQBJDMGaFGoXjpI.roa
Signing time: Thu 09 Mar 2023 19:04:17 +0000
ROA not before: Thu 09 Mar 2023 19:04:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c7c2:6ba2/128 maxlen: 128
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c7:c2:7f:a1:2b:41:bb:8d:e7:6a:0e:25:bb:cd:b6:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 9 19:04:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31d9fee89d8843f2541900490cc19a146a178e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3c:12:9d:e8:0c:3f:90:6d:62:6f:ff:b3:9f:
ef:03:b4:80:a5:0a:8f:fa:49:ec:aa:0e:a0:2d:52:
10:5d:7e:ba:4a:85:75:cc:e6:3a:7e:f3:7b:b6:ee:
ca:05:57:e7:bc:0e:10:7a:26:ea:4d:f2:22:20:44:
0a:18:74:92:03:c7:21:67:33:37:5d:91:29:84:dd:
e5:82:69:5e:21:68:73:f4:a6:42:bf:c5:dd:ac:a7:
42:12:ab:78:eb:bf:84:08:be:2b:b3:eb:48:f5:f4:
06:f0:76:f8:b3:2f:12:01:8e:0c:35:60:89:02:c4:
4f:98:83:58:81:b7:f2:42:ec:91:bc:fa:fe:05:c7:
2e:52:43:bd:1a:1e:82:48:45:e4:fb:82:22:92:0c:
0c:2f:07:d2:ad:4c:3b:9f:a1:6b:b4:f1:ad:2f:50:
59:a8:40:2d:30:9b:f1:65:85:28:fb:d4:bf:d6:2b:
c4:2f:f8:ec:44:5c:57:d0:63:d1:7a:52:f9:a8:1d:
5c:95:35:9f:b1:d3:b8:b3:6d:38:e1:33:4b:99:3a:
8b:d1:61:b6:72:7f:fe:f9:6e:c8:2e:48:c2:7e:19:
69:6b:3c:a4:ab:f0:0f:00:14:1b:b0:47:8e:d6:ba:
5f:9a:dc:c7:c9:3c:ad:a6:68:80:3e:01:6f:84:23:
de:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D9:FE:E8:9D:88:43:F2:54:19:00:49:0C:C1:9A:14:6A:17:8E:92
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Mdn-6J2IQ_JUGQBJDMGaFGoXjpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:e7:36:1f:62:5f:28:4e:44:2d:24:c6:f3:36:1e:fd:af:09:
75:e3:d7:68:ec:a2:1e:42:83:98:a9:05:ce:67:b5:a4:3e:85:
1e:2f:fe:22:bb:9d:1c:26:8a:39:c7:2c:ac:d6:2b:18:e3:f4:
69:40:cd:d9:9e:ba:18:87:22:0e:e2:cc:8a:a7:12:f6:ab:91:
07:6d:fe:72:91:4e:50:3a:8a:5d:9b:26:be:a6:09:b8:b6:f0:
3d:ae:3f:ad:d7:06:9a:27:02:5a:56:2a:cb:fc:d3:17:dc:e6:
bd:9a:21:e7:66:fe:4b:6d:ed:24:4e:69:13:94:05:9c:5b:d2:
99:15:5e:e2:1e:84:73:c8:d8:f4:9e:fb:ba:9c:bb:fb:d0:ae:
60:66:22:db:fe:b5:57:b6:86:25:30:4b:98:3d:88:70:f9:02:
6d:78:1b:43:f6:a2:92:02:78:3a:4d:23:2b:b4:b6:11:9b:64:
bc:a9:d6:7f:cc:9d:93:d1:5e:37:f0:d3:01:4d:e8:ba:ed:6c:
2d:4f:af:aa:12:31:eb:d4:a7:24:33:6c:26:47:7d:43:db:0d:
a8:35:1b:88:34:a4:41:4e:b6:e0:eb:f8:12:32:cc:53:02:f8:
9e:bc:32:cf:5e:65:93:17:a2:86:b0:15:29:05:3c:06:37:96:
fe:33:bd:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbHwn+hK0G7jedqDiW7zbZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA5MTkwNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWQ5ZmVlODlkODg0M2YyNTQxOTAwNDkwY2MxOWExNDZhMTc4ZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzwSnegMP5BtYm//s5/vA7SApQqP
+knsqg6gLVIQXX66SoV1zOY6fvN7tu7KBVfnvA4QeibqTfIiIEQKGHSSA8chZzM3
XZEphN3lgmleIWhz9KZCv8XdrKdCEqt467+ECL4rs+tI9fQG8Hb4sy8SAY4MNWCJ
AsRPmINYgbfyQuyRvPr+BccuUkO9Gh6CSEXk+4IikgwMLwfSrUw7n6FrtPGtL1BZ
qEAtMJvxZYUo+9S/1ivEL/jsRFxX0GPRelL5qB1clTWfsdO4s2044TNLmTqL0WG2
cn/++W7ILkjCfhlpazykq/APABQbsEeO1rpfmtzHyTytpmiAPgFvhCPeXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDHZ/uidiEPyVBkASQzBmhRqF46SMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTWRuLTZKMklRX0pVR1FCSkRNR2FGR29YanBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAbnNh9iXyhORC0kxvM2
Hv2vCXXj12jsoh5Cg5ipBc5ntaQ+hR4v/iK7nRwmijnHLKzWKxjj9GlAzdmeuhiH
Ig7izIqnEvarkQdt/nKRTlA6il2bJr6mCbi28D2uP63XBponAlpWKsv80xfc5r2a
Iedm/ktt7SROaROUBZxb0pkVXuIehHPI2PSe+7qcu/vQrmBmItv+tVe2hiUwS5g9
iHD5Am14G0P2opICeDpNIyu0thGbZLyp1n/MnZPRXjfw0wFN6LrtbC1Pr6oSMevU
pyQzbCZHfUPbDag1G4g0pEFOtuDr+BIyzFMC+J68Ms9eZZMXooawFSkFPAY3lv4z
vT4=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:26:42 2025 by rpki-client