Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MhhWFLqKUb048ZP-gwKRcLgZ6uM.roa
File: MhhWFLqKUb048ZP-gwKRcLgZ6uM.roa (raw, json)
Hash identifier: E14oU9kLGH9eNRFTgBpq4iMkLnjNRa8RPRF1N2ZH/1Y=
Subject key identifier: 32:18:56:14:BA:8A:51:BD:38:F1:93:FE:83:02:91:70:B8:19:EA:E3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A1A2E6F726B42FB88CDC266DAD498D964
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MhhWFLqKUb048ZP-gwKRcLgZ6uM.roa
Signing time: Mon 21 Aug 2023 22:19:25 +0000
ROA not before: Mon 21 Aug 2023 22:19:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1a:2e:6f:72:6b:42:fb:88:cd:c2:66:da:d4:98:d9:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 21 22:19:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32185614ba8a51bd38f193fe83029170b819eae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1f:05:12:4e:54:69:58:b6:ce:44:d1:6f:43:
59:66:7d:5c:2e:c1:d3:19:86:8a:68:19:d4:87:2f:
89:8e:a3:6a:92:7c:4c:7a:4d:43:6d:2e:c8:36:81:
e0:23:e5:a5:08:b2:97:65:9c:86:19:5d:7c:ec:68:
f2:ac:43:4c:a7:7d:0a:55:6d:74:4c:96:b2:b2:64:
42:be:58:37:7f:59:b2:6a:ea:a9:d2:9e:5f:01:7f:
c7:6b:ea:cf:ec:6c:67:b8:25:77:e4:84:5f:52:29:
b6:cb:b2:6a:7f:20:3d:6d:03:13:fa:87:c3:fb:a4:
c2:50:73:f7:66:60:b2:35:d3:e4:10:fe:46:2f:56:
15:28:77:a3:c4:23:8f:bf:01:ab:24:86:fe:fc:a9:
c5:59:e1:f7:5f:c1:3c:67:79:8a:fd:79:08:55:3a:
47:2a:0b:e7:34:d2:a2:8e:6e:e8:77:55:ae:1b:57:
67:8b:86:22:b6:a5:e1:27:13:2f:df:ed:13:94:1b:
69:05:09:53:d2:2c:fa:fd:15:83:f0:62:89:1b:a3:
4a:2f:98:0f:5e:02:63:73:c0:f5:c6:dd:d7:ea:79:
c6:8b:a4:c2:02:5f:e7:b6:93:4f:e5:9f:a8:1f:fb:
f2:8c:a5:ac:bc:bc:af:46:9a:05:6d:da:bd:e5:35:
b3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:18:56:14:BA:8A:51:BD:38:F1:93:FE:83:02:91:70:B8:19:EA:E3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MhhWFLqKUb048ZP-gwKRcLgZ6uM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:98:d3:62:a5:22:02:f7:8b:9c:57:a9:cf:db:f5:e6:db:b0:
a3:2e:f5:7a:08:49:42:35:6b:43:c1:06:6f:20:cb:5e:6b:42:
0d:95:b2:18:a3:38:17:f9:ea:d7:b8:34:21:4e:53:67:3e:64:
df:30:20:14:b2:d3:c3:ce:e9:42:a5:66:53:5f:84:aa:02:c7:
6e:6f:aa:f0:f0:b3:55:1d:35:7b:93:4a:26:eb:59:f2:63:c5:
80:67:d4:40:1c:49:37:78:a0:5c:a3:21:12:d8:65:7c:31:49:
db:82:87:fd:21:64:1e:c0:38:46:a3:7b:ed:ec:b5:a5:f8:0a:
20:d4:d1:85:88:54:8b:05:6b:5f:fa:e4:2c:a5:e7:47:13:69:
0d:ae:6d:d5:5e:96:4b:3b:d3:1b:88:af:35:65:e0:d1:f7:d8:
77:19:f6:6f:bc:00:e5:45:dd:90:54:49:f4:44:57:29:e0:87:
c9:d3:b5:ef:2e:62:95:26:03:3f:72:ba:9f:ce:0d:2a:98:43:
61:e2:bf:62:97:6f:a3:41:16:35:89:d1:a3:f5:06:81:be:55:
fa:4b:a4:6d:4b:89:c2:b7:c7:c7:d7:19:d6:9e:cb:83:5d:87:
b3:b9:f3:1e:cf:c0:33:b0:ec:5a:6c:29:8d:f5:9f:87:28:e5:
41:4f:0b:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoaLm9ya0L7iM3CZtrUmNlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIxMjIxOTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjE4NTYxNGJhOGE1MWJkMzhmMTkzZmU4MzAyOTE3MGI4MTllYWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh8FEk5UaVi2zkTRb0NZZn1cLsHT
GYaKaBnUhy+JjqNqknxMek1DbS7INoHgI+WlCLKXZZyGGV187GjyrENMp30KVW10
TJaysmRCvlg3f1myauqp0p5fAX/Ha+rP7GxnuCV35IRfUim2y7JqfyA9bQMT+ofD
+6TCUHP3ZmCyNdPkEP5GL1YVKHejxCOPvwGrJIb+/KnFWeH3X8E8Z3mK/XkIVTpH
KgvnNNKijm7od1WuG1dni4YitqXhJxMv3+0TlBtpBQlT0iz6/RWD8GKJG6NKL5gP
XgJjc8D1xt3X6nnGi6TCAl/ntpNP5Z+oH/vyjKWsvLyvRpoFbdq95TWzYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDIYVhS6ilG9OPGT/oMCkXC4GerjMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTWhoV0ZMcUtVYjA0OFpQLWd3S1JjTGdaNnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB6Y02KlIgL3i5xXqc/b
9ebbsKMu9XoISUI1a0PBBm8gy15rQg2VshijOBf56te4NCFOU2c+ZN8wIBSy08PO
6UKlZlNfhKoCx25vqvDws1UdNXuTSibrWfJjxYBn1EAcSTd4oFyjIRLYZXwxSduC
h/0hZB7AOEaje+3staX4CiDU0YWIVIsFa1/65Cyl50cTaQ2ubdVelks70xuIrzVl
4NH32HcZ9m+8AOVF3ZBUSfREVyngh8nTte8uYpUmAz9yup/ODSqYQ2Hiv2KXb6NB
FjWJ0aP1BoG+VfpLpG1LicK3x8fXGdaey4Ndh7O58x7PwDOw7FpsKY31n4co5UFP
C38=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:33:59 2025 by rpki-client