Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MgOuDZh4NehUDbtDjPMf7t3QA2g.roa
File: MgOuDZh4NehUDbtDjPMf7t3QA2g.roa (raw, json)
Hash identifier: AdOQoZ/tkmr0GyGgfU+r2eOyhkQjslUtgxyD/aCT8Hs=
Subject key identifier: 32:03:AE:0D:98:78:35:E8:54:0D:BB:43:8C:F3:1F:EE:DD:D0:03:68
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189329F56C75CAFEC2012FED703BFD40ED8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MgOuDZh4NehUDbtDjPMf7t3QA2g.roa
Signing time: Fri 07 Jul 2023 23:10:50 +0000
ROA not before: Fri 07 Jul 2023 23:10:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:32:9f:56:c7:5c:af:ec:20:12:fe:d7:03:bf:d4:0e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 7 23:10:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3203ae0d987835e8540dbb438cf31feeddd00368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3e:e4:b8:0d:7d:df:49:ce:d8:06:12:29:ab:
3d:0e:84:b2:41:8b:6e:2d:4d:7f:3a:9e:fc:56:2f:
15:b8:63:ea:cd:9b:e1:0c:27:7b:02:da:3b:c4:e5:
b1:29:30:95:54:06:24:78:e6:b6:e5:01:91:45:91:
c0:c3:2d:f2:6c:42:94:87:4c:76:d4:b5:db:e6:3b:
18:50:61:8c:9a:2b:38:b4:2d:c3:20:8f:bf:d9:d9:
2a:f8:fe:65:c3:3a:b2:a0:91:18:19:ea:66:de:36:
14:d1:32:46:a1:b2:6e:59:0a:ff:38:dc:66:25:db:
f5:3d:cb:87:ca:6f:c1:75:7b:c9:27:2f:4d:9f:96:
2c:e4:ae:4b:36:7a:fd:92:36:e5:35:77:e3:17:54:
74:4b:a0:13:0c:51:76:87:77:9f:33:90:c2:3a:52:
2f:59:e2:a3:05:75:84:42:a5:5b:56:98:5b:fb:0d:
e9:b6:83:1b:9d:4c:52:12:37:73:ca:43:e1:0b:56:
c1:2c:09:23:1a:cf:4a:16:ab:16:01:87:81:9c:c6:
70:64:d3:1f:87:81:b1:3a:42:92:96:68:5c:dd:af:
af:67:a8:de:d9:04:80:ca:33:54:7d:09:1f:2a:00:
99:9a:37:b3:05:f4:3e:dd:9d:47:db:cd:47:24:64:
81:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:03:AE:0D:98:78:35:E8:54:0D:BB:43:8C:F3:1F:EE:DD:D0:03:68
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MgOuDZh4NehUDbtDjPMf7t3QA2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:17:c4:2b:84:17:12:8a:26:6f:dd:1e:1a:11:83:00:1d:f6:
aa:40:25:47:2d:57:e9:46:24:e8:b6:ce:ff:a9:e5:16:d7:2c:
4f:8f:aa:e8:1c:4e:80:d0:09:c9:7a:8e:5e:d8:93:76:98:30:
ec:5f:71:a5:ed:06:81:59:dd:66:f7:8c:93:ab:42:04:4a:60:
cd:75:38:7a:8e:a4:75:f3:c0:8e:ca:9a:4e:82:08:c4:45:08:
e8:87:b6:f5:db:6a:e9:22:2d:60:b5:44:57:cb:04:b4:5d:3b:
b2:90:86:77:e2:d1:f6:4d:91:09:29:4c:70:82:e0:f8:46:0a:
98:43:d5:a8:cd:10:c3:07:4e:7d:fa:4d:6e:10:db:14:8f:f3:
7a:c6:02:56:9f:68:42:f5:a7:ca:7d:67:c5:33:89:2a:29:4f:
2b:e0:ef:bc:63:e4:cd:05:bd:85:cf:42:b5:12:8b:ec:85:a8:
12:04:8e:02:ee:4e:76:5b:c1:aa:43:16:34:0c:00:a4:16:d4:
fc:78:88:28:5e:fb:bd:d5:15:3e:6b:f8:a1:cd:9f:77:5c:ba:
27:b3:28:1a:c7:2f:9d:ba:0b:9e:6a:c3:aa:b7:f4:d2:a2:b6:
55:3f:96:70:55:3c:bb:a5:a6:e1:57:75:28:1e:11:ba:48:a8:
25:e4:77:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYkyn1bHXK/sIBL+1wO/1A7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzA3MjMxMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjAzYWUwZDk4NzgzNWU4NTQwZGJiNDM4Y2YzMWZlZWRkZDAwMzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD7kuA1930nO2AYSKas9DoSyQYtu
LU1/Op78Vi8VuGPqzZvhDCd7Ato7xOWxKTCVVAYkeOa25QGRRZHAwy3ybEKUh0x2
1LXb5jsYUGGMmis4tC3DII+/2dkq+P5lwzqyoJEYGepm3jYU0TJGobJuWQr/ONxm
Jdv1PcuHym/BdXvJJy9Nn5Ys5K5LNnr9kjblNXfjF1R0S6ATDFF2h3efM5DCOlIv
WeKjBXWEQqVbVphb+w3ptoMbnUxSEjdzykPhC1bBLAkjGs9KFqsWAYeBnMZwZNMf
h4GxOkKSlmhc3a+vZ6je2QSAyjNUfQkfKgCZmjezBfQ+3Z1H281HJGSBGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDIDrg2YeDXoVA27Q4zzH+7d0ANoMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTWdPdURaaDROZWhVRGJ0RGpQTWY3dDNRQTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAwXxCuEFxKKJm/dHhoR
gwAd9qpAJUctV+lGJOi2zv+p5RbXLE+PqugcToDQCcl6jl7Yk3aYMOxfcaXtBoFZ
3Wb3jJOrQgRKYM11OHqOpHXzwI7Kmk6CCMRFCOiHtvXbaukiLWC1RFfLBLRdO7KQ
hnfi0fZNkQkpTHCC4PhGCphD1ajNEMMHTn36TW4Q2xSP83rGAlafaEL1p8p9Z8Uz
iSopTyvg77xj5M0FvYXPQrUSi+yFqBIEjgLuTnZbwapDFjQMAKQW1Px4iChe+73V
FT5r+KHNn3dcuiezKBrHL526C55qw6q39NKitlU/lnBVPLulpuFXdSgeEbpIqCXk
d34=
-----END CERTIFICATE-----
Generated at Fri May 2 12:03:04 2025 by rpki-client