Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MtM21Fupy4RNeWHz4JDebbapkZk.roa
File: MtM21Fupy4RNeWHz4JDebbapkZk.roa (raw, json)
Hash identifier: xdNTw4gbL6I2V8UgV0cDs+36ay4Pn54UI3ZQhMMjgkY=
Subject key identifier: 32:D3:36:D4:5B:A9:CB:84:4D:79:61:F3:E0:90:DE:6D:B6:A9:91:99
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A424184ECCEC3931EA220BE1AB06F1085
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MtM21Fupy4RNeWHz4JDebbapkZk.roa
Signing time: Tue 29 Aug 2023 17:05:04 +0000
ROA not before: Tue 29 Aug 2023 17:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:4241:3965/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:42:41:84:ec:ce:c3:93:1e:a2:20:be:1a:b0:6f:10:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 29 17:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32d336d45ba9cb844d7961f3e090de6db6a99199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:86:69:e3:50:0d:8f:9c:d0:b2:9f:44:63:a4:
3c:bb:dd:a6:73:f1:0a:1a:6a:4a:82:67:7f:5e:a1:
c6:2a:07:2c:9e:6c:9b:33:51:c2:f6:88:a8:46:fe:
0c:c8:ce:f4:b8:96:72:03:ea:07:83:0d:47:fa:06:
0d:c7:c8:e4:bf:94:de:c4:c1:e0:de:27:05:97:5d:
62:47:19:a1:f8:02:66:5a:f9:b3:a2:8e:3c:83:2e:
be:d9:a2:3c:73:cd:f3:a1:f2:74:ed:59:fc:d5:9c:
05:c8:61:eb:0f:3e:a9:e1:76:56:39:b2:d2:14:a1:
b6:17:b0:7c:09:07:34:c5:b5:46:d2:07:1f:63:4a:
cc:51:1e:d8:81:3a:46:74:6a:74:e7:ad:91:1f:c4:
c4:44:53:7c:a3:0d:09:a3:f4:5a:6b:ea:ac:8d:71:
51:4c:1b:23:4e:d4:26:59:44:5c:d5:29:3a:e0:1d:
49:cb:5f:05:0f:8e:8b:fc:6e:b3:f2:73:3c:b4:ba:
6d:2c:bc:4c:3d:61:82:cc:6d:e1:a3:a0:f2:d2:64:
83:41:bc:57:a0:40:a4:3e:6f:93:87:ca:91:c2:4d:
7b:90:7a:7b:81:71:a8:25:58:3c:c7:f6:5c:e7:7f:
88:fb:3d:70:b3:f8:3f:cd:04:d4:fd:7c:6e:4e:ab:
ff:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D3:36:D4:5B:A9:CB:84:4D:79:61:F3:E0:90:DE:6D:B6:A9:91:99
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MtM21Fupy4RNeWHz4JDebbapkZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:b3:76:25:02:00:14:b8:69:8a:21:a3:5d:81:0f:fe:67:2f:
e4:71:3d:ff:b0:69:32:28:1f:7f:0a:48:8d:38:0c:6b:42:80:
e4:51:7f:74:8d:74:82:02:7d:dc:7b:5b:d9:cf:2a:28:d4:f8:
2b:b9:d5:6d:b8:4f:6c:0f:ab:63:91:a5:d4:78:a1:51:07:0d:
00:13:43:fa:b1:7a:96:9d:7e:28:2d:95:9b:d0:c2:ab:50:3a:
3d:3b:e1:d4:33:56:c2:23:4c:58:e6:27:b6:d3:42:3c:53:9e:
9c:51:25:d6:75:70:91:fe:e5:51:a7:b7:c9:7a:09:4d:96:e4:
0c:e6:27:28:13:d8:c6:cb:24:a6:e8:bd:f7:17:89:f8:d3:eb:
d2:8a:db:30:d2:3f:d6:25:fc:d5:9f:72:66:c3:69:29:a6:26:
24:07:34:ea:1d:37:68:22:37:97:99:0f:54:e2:93:e9:37:3d:
9a:f3:e7:65:59:5b:8a:31:ee:62:57:25:c6:4e:3d:38:c8:8c:
82:63:cf:41:0e:3c:45:c8:47:1e:13:4b:6f:ef:e3:85:c5:73:
26:92:25:e6:28:25:e9:e0:61:a4:d3:2d:d2:50:09:b6:ec:9b:
1c:6a:de:c5:95:9d:d0:2f:58:94:99:19:c2:9b:fe:36:f5:fe:
c7:e6:6e:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpCQYTszsOTHqIgvhqwbxCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI5MTcwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQzMzZkNDViYTljYjg0NGQ3OTYxZjNlMDkwZGU2ZGI2YTk5MTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIZp41ANj5zQsp9EY6Q8u92mc/EK
GmpKgmd/XqHGKgcsnmybM1HC9oioRv4MyM70uJZyA+oHgw1H+gYNx8jkv5TexMHg
3icFl11iRxmh+AJmWvmzoo48gy6+2aI8c83zofJ07Vn81ZwFyGHrDz6p4XZWObLS
FKG2F7B8CQc0xbVG0gcfY0rMUR7YgTpGdGp0562RH8TERFN8ow0Jo/Raa+qsjXFR
TBsjTtQmWURc1Sk64B1Jy18FD46L/G6z8nM8tLptLLxMPWGCzG3ho6Dy0mSDQbxX
oECkPm+Th8qRwk17kHp7gXGoJVg8x/Zc53+I+z1ws/g/zQTU/XxuTqv/iwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDLTNtRbqcuETXlh8+CQ3m22qZGZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTXRNMjFGdXB5NFJOZVdIejRKRGViYmFwa1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKGzdiUCABS4aYoho12B
D/5nL+RxPf+waTIoH38KSI04DGtCgORRf3SNdIICfdx7W9nPKijU+Cu51W24T2wP
q2ORpdR4oVEHDQATQ/qxepadfigtlZvQwqtQOj074dQzVsIjTFjmJ7bTQjxTnpxR
JdZ1cJH+5VGnt8l6CU2W5AzmJygT2MbLJKbovfcXifjT69KK2zDSP9Yl/NWfcmbD
aSmmJiQHNOodN2giN5eZD1Tik+k3PZrz52VZW4ox7mJXJcZOPTjIjIJjz0EOPEXI
Rx4TS2/v44XFcyaSJeYoJengYaTTLdJQCbbsmxxq3sWVndAvWJSZGcKb/jb1/sfm
bpc=
-----END CERTIFICATE-----
Generated at Sun May 4 00:27:00 2025 by rpki-client