Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MzxUfXw4oGCIaPM8-5yPcNINmsY.roa
File: MzxUfXw4oGCIaPM8-5yPcNINmsY.roa (raw, json)
Hash identifier: ohLtyYAmDRcRTCHgN7fffLk5DfoRNpbmSGVMTTI92m4=
Subject key identifier: 33:3C:54:7D:7C:38:A0:60:88:68:F3:3C:FB:9C:8F:70:D2:0D:9A:C6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 86998D35
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MzxUfXw4oGCIaPM8-5yPcNINmsY.roa
Signing time: Mon 23 May 2022 12:08:29 +0000
ROA not before: Mon 23 May 2022 12:08:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:ddb5:bc5/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:e0ec:efe1/128 maxlen: 128
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2258210101 (0x86998d35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 23 12:08:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=333c547d7c38a0608868f33cfb9c8f70d20d9ac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f7:3d:e0:79:ef:f0:6b:71:82:67:2a:39:ca:
36:84:bc:c4:d1:ed:8a:95:f7:0c:20:bf:65:ee:3b:
2b:10:c5:7a:2e:71:35:eb:27:d3:96:78:b7:fd:98:
a3:9a:64:0e:29:be:86:e5:03:5d:0b:af:93:38:bd:
39:27:20:e2:dd:25:19:ac:7e:0c:82:18:c1:c9:ae:
46:5e:fe:4d:59:e8:f7:8d:df:5f:10:02:fd:a5:f3:
e6:42:10:00:55:23:49:ef:44:8a:7f:c5:ac:1b:bd:
de:8b:67:bc:21:9b:f6:7f:07:1b:bd:10:1a:d3:63:
f0:a6:5a:73:29:dd:14:db:b8:9e:35:0b:e9:fb:5d:
08:c7:ce:2b:12:f5:b1:ff:3e:f8:39:f7:b4:63:28:
40:ce:05:f1:b6:33:87:64:1a:1e:13:a4:ac:d2:17:
e6:3e:b4:2e:92:19:89:27:d8:21:0c:0f:2e:f1:b6:
5d:f1:6b:d0:d3:0b:75:86:7a:eb:bc:81:0f:fc:10:
39:f2:3d:a5:fc:42:60:5a:a4:d2:ed:7f:db:a5:be:
8b:ea:e7:33:70:ce:98:52:52:9d:84:ff:b7:7d:34:
eb:9b:c2:88:28:be:16:09:80:ac:ee:b2:df:94:75:
3d:cc:6f:3c:ed:6e:86:88:a9:af:a2:85:b5:f2:45:
b2:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:3C:54:7D:7C:38:A0:60:88:68:F3:3C:FB:9C:8F:70:D2:0D:9A:C6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/MzxUfXw4oGCIaPM8-5yPcNINmsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:e9:dc:5b:f8:e9:86:ba:e4:8f:a2:aa:bb:70:6f:89:f3:19:
a3:de:40:4b:07:c3:e3:a1:3b:67:88:78:ce:5c:1a:a8:44:03:
64:6d:45:e3:81:6f:f4:fc:50:b1:2f:d4:69:cf:50:4d:4f:16:
40:55:81:b8:10:78:8b:eb:5e:35:b8:66:fc:85:70:27:01:05:
d0:5b:87:5a:10:01:aa:c7:e9:66:ea:78:d3:75:f4:26:91:61:
96:c9:95:04:05:37:b8:29:df:6f:94:8d:cb:37:a8:f4:2b:3d:
3c:66:a8:8e:ca:9d:51:df:f9:a9:cf:1f:61:12:94:61:c2:6a:
0b:05:a3:cd:a6:1c:e2:55:ef:af:af:88:1c:4e:a0:1f:81:de:
4f:6b:32:4b:10:50:ad:58:16:eb:f9:7b:a8:51:68:fa:82:2a:
99:13:89:9d:8c:b8:f4:c9:d7:19:45:24:06:58:e7:f3:64:0b:
b4:31:31:3e:02:af:8a:32:c0:f4:6c:c4:a6:bc:75:b6:bf:cb:
22:c6:34:74:aa:3f:ea:79:51:6b:ca:96:e7:d5:15:2f:d5:82:
89:2e:da:f0:b0:e8:f0:f4:1b:cb:1f:44:80:0a:c3:ce:f9:b3:
b0:a7:e7:d9:f0:da:8a:60:2c:5f:bf:4b:b5:64:cd:f8:f4:5e:
2a:3b:47:af
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIaZjTUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjMxMjA4MjlaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDMzM2M1NDdkN2Mz
OGEwNjA4ODY4ZjMzY2ZiOWM4ZjcwZDIwZDlhYzYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCX9z3gee/wa3GCZyo5yjaEvMTR7YqV9wwgv2XuOysQxXou
cTXrJ9OWeLf9mKOaZA4pvoblA10Lr5M4vTknIOLdJRmsfgyCGMHJrkZe/k1Z6PeN
318QAv2l8+ZCEABVI0nvRIp/xawbvd6LZ7whm/Z/Bxu9EBrTY/CmWnMp3RTbuJ41
C+n7XQjHzisS9bH/Pvg597RjKEDOBfG2M4dkGh4TpKzSF+Y+tC6SGYkn2CEMDy7x
tl3xa9DTC3WGeuu8gQ/8EDnyPaX8QmBapNLtf9ulvovq5zNwzphSUp2E/7d9NOub
wogovhYJgKzust+UdT3MbzztboaIqa+ihbXyRbI5AgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUMzxUfXw4oGCIaPM8+5yPcNINmsYwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9NenhVZlh3NG9HQ0lhUE04LTV5UGNOSU5tc1kucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAGuncW/jphrrkj6Kqu3BvifMZo95ASwfD46E7
Z4h4zlwaqEQDZG1F44Fv9PxQsS/Uac9QTU8WQFWBuBB4i+teNbhm/IVwJwEF0FuH
WhABqsfpZup403X0JpFhlsmVBAU3uCnfb5SNyzeo9Cs9PGaojsqdUd/5qc8fYRKU
YcJqCwWjzaYc4lXvr6+IHE6gH4HeT2sySxBQrVgW6/l7qFFo+oIqmROJnYy49MnX
GUUkBljn82QLtDExPgKvijLA9GzEprx1tr/LIsY0dKo/6nlRa8qW59UVL9WCiS7a
8LDo8PQbyx9EgArDzvmzsKfn2fDaimAsX79LtWTN+PReKjtHrw==
-----END CERTIFICATE-----
Generated at Thu May 1 19:19:43 2025 by rpki-client