Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/m3qELvlZ1e9SLXfl8WP2CgvMF_Q.roa
File: m3qELvlZ1e9SLXfl8WP2CgvMF_Q.roa (raw, json)
Hash identifier: YXE1SROom1YItJ+MsVAUEPthy61QW18bno94UQv5LKg=
Subject key identifier: 9B:7A:84:2E:F9:59:D5:EF:52:2D:77:E5:F1:63:F6:0A:0B:CC:17:F4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186DDDD5187EE73BF3B47230003CBFB7028
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/m3qELvlZ1e9SLXfl8WP2CgvMF_Q.roa
Signing time: Tue 14 Mar 2023 02:05:14 +0000
ROA not before: Tue 14 Mar 2023 02:05:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:dddc:6cc7/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:dd:dd:51:87:ee:73:bf:3b:47:23:00:03:cb:fb:70:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 14 02:05:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b7a842ef959d5ef522d77e5f163f60a0bcc17f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fd:0c:02:91:55:e6:a4:7e:9d:ff:08:1f:13:
f9:9f:6b:b1:3a:07:ae:6d:29:99:9d:84:1c:c8:5b:
f5:14:05:b8:2c:00:7d:75:19:c8:6d:8c:78:d0:37:
e9:a4:62:1d:7b:f4:0b:83:69:fc:cf:10:8f:e6:85:
f6:0e:d8:a8:7c:e6:f9:43:98:d1:61:53:6e:26:28:
b2:54:80:63:b6:82:6f:83:f5:0e:82:8d:f1:ed:c8:
33:bc:c2:3d:16:2d:56:30:40:cb:90:1a:22:53:cf:
4a:49:f0:98:d0:a5:8a:eb:46:a9:3a:87:8f:27:23:
d2:f1:42:cd:bf:34:37:dd:bc:08:cc:33:95:63:65:
12:2f:c1:87:0f:00:8e:e0:8c:7a:2d:eb:a5:1f:5e:
ef:1a:8d:40:2c:aa:10:03:f2:a1:40:c9:44:0b:4d:
3c:1e:6f:81:ed:c7:c6:c6:2e:5b:72:67:75:24:54:
ea:c7:91:05:b8:32:27:14:5e:6c:06:18:b7:4a:b1:
ef:e2:6c:de:18:03:55:dc:0d:ed:ea:c1:a3:51:64:
94:e8:dc:7a:c3:eb:b2:e8:24:8c:31:21:a9:66:3c:
04:f7:ce:d2:ba:f8:36:b0:d1:46:c0:95:c7:b6:37:
a6:25:2d:0c:41:9d:7f:2b:9a:0b:7e:53:24:a6:95:
83:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:7A:84:2E:F9:59:D5:EF:52:2D:77:E5:F1:63:F6:0A:0B:CC:17:F4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/m3qELvlZ1e9SLXfl8WP2CgvMF_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
32:c9:12:4f:56:ea:97:41:9d:bb:76:d1:87:25:4f:62:c2:37:
fd:fb:c9:be:c7:ba:c8:f4:84:0a:36:6c:7a:8b:7d:d8:81:a6:
12:dc:2a:ac:64:06:8a:14:ea:c8:71:84:dd:d8:13:05:89:f6:
f4:5f:36:3e:3b:5f:dc:fb:ad:27:6f:3b:17:67:25:9e:95:c7:
ed:8a:03:e8:6c:ed:47:4a:d2:43:0a:b9:7d:54:42:41:2d:23:
e3:d6:1e:ac:9c:ee:a7:56:91:f7:d9:f8:72:9d:99:2b:48:cc:
b2:86:62:d6:ea:6b:83:6a:54:78:70:d0:59:a6:74:e3:e5:10:
bb:4d:28:44:a8:61:19:40:a4:91:fc:7b:ca:0f:52:d2:97:1e:
d7:bc:d1:5a:ca:57:1a:f1:3f:db:7a:cb:a3:ad:a5:27:20:b0:
36:ed:6e:16:05:ce:a6:96:84:1c:5f:01:b1:02:af:5c:bd:9c:
0c:ca:d6:1c:cd:62:56:0c:37:37:0d:99:55:4c:99:7d:e2:99:
8c:f5:75:20:40:1b:c4:91:e3:17:d1:4e:76:31:f6:49:57:9a:
3d:77:fc:4d:a8:7e:9e:b7:28:ab:77:c2:0e:f4:a0:dc:57:a6:
23:0f:34:ca:a7:cc:c2:67:86:14:04:a2:1b:d2:c0:21:ca:be:
a5:d8:be:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbd3VGH7nO/O0cjAAPL+3AoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE0MDIwNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjdhODQyZWY5NTlkNWVmNTIyZDc3ZTVmMTYzZjYwYTBiY2MxN2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/0MApFV5qR+nf8IHxP5n2uxOgeu
bSmZnYQcyFv1FAW4LAB9dRnIbYx40DfppGIde/QLg2n8zxCP5oX2DtiofOb5Q5jR
YVNuJiiyVIBjtoJvg/UOgo3x7cgzvMI9Fi1WMEDLkBoiU89KSfCY0KWK60apOoeP
JyPS8ULNvzQ33bwIzDOVY2USL8GHDwCO4Ix6LeulH17vGo1ALKoQA/KhQMlEC008
Hm+B7cfGxi5bcmd1JFTqx5EFuDInFF5sBhi3SrHv4mzeGANV3A3t6sGjUWSU6Nx6
w+uy6CSMMSGpZjwE987Suvg2sNFGwJXHtjemJS0MQZ1/K5oLflMkppWDIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJt6hC75WdXvUi135fFj9goLzBf0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbTNxRUx2bFoxZTlTTFhmbDhXUDJDZ3ZNRl9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADLJEk9W6pdBnbt20Ycl
T2LCN/37yb7Husj0hAo2bHqLfdiBphLcKqxkBooU6shxhN3YEwWJ9vRfNj47X9z7
rSdvOxdnJZ6Vx+2KA+hs7UdK0kMKuX1UQkEtI+PWHqyc7qdWkffZ+HKdmStIzLKG
Ytbqa4NqVHhw0FmmdOPlELtNKESoYRlApJH8e8oPUtKXHte80VrKVxrxP9t6y6Ot
pScgsDbtbhYFzqaWhBxfAbECr1y9nAzK1hzNYlYMNzcNmVVMmX3imYz1dSBAG8SR
4xfRTnYx9klXmj13/E2ofp63KKt3wg70oNxXpiMPNMqnzMJnhhQEohvSwCHKvqXY
vgo=
-----END CERTIFICATE-----
Generated at Fri May 2 01:17:08 2025 by rpki-client