Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mAq37gh0xq_g4CJQXTon-sbkG8k.roa
File: mAq37gh0xq_g4CJQXTon-sbkG8k.roa (raw, json)
Hash identifier: t3wk4Tuj430b7ZXpajyYlFhcf0bBudxKKOzxbDRL/4s=
Subject key identifier: 98:0A:B7:EE:08:74:C6:AF:E0:E0:22:50:5D:3A:27:FA:C6:E4:1B:C9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185DD047EECDA399C8C9947439AC2ACF382
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mAq37gh0xq_g4CJQXTon-sbkG8k.roa
Signing time: Mon 23 Jan 2023 05:05:37 +0000
ROA not before: Mon 23 Jan 2023 05:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:dd03:eb52/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dd:04:7e:ec:da:39:9c:8c:99:47:43:9a:c2:ac:f3:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 23 05:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=980ab7ee0874c6afe0e022505d3a27fac6e41bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:be:53:ba:ab:9b:e9:f3:76:4d:58:4d:74:2e:
ed:5f:4b:e3:30:36:19:b9:7a:ca:54:d0:03:62:d2:
8e:6d:bf:5d:e5:2b:46:1b:c9:6a:e4:5e:9e:1d:c6:
f2:0a:98:74:b6:1d:24:50:07:3e:78:ca:6d:d4:91:
b7:d5:57:dc:1e:c7:6d:c1:2e:35:7e:d1:c0:a7:ae:
74:a0:88:06:cf:9d:62:f3:50:13:b6:37:ad:c9:b0:
27:26:92:a5:cf:da:32:70:c9:cd:df:86:79:dc:56:
c1:04:5e:75:86:56:74:ae:4a:74:4b:6a:16:fa:37:
3a:72:d3:11:6f:81:75:94:7c:60:30:95:8b:5f:39:
21:b0:62:8a:be:48:57:f5:c6:7f:06:e5:76:01:e6:
c0:c8:77:87:06:58:67:05:d7:3c:95:13:9c:c6:58:
2d:9c:c5:f2:ac:16:59:16:7e:b4:3a:84:54:1b:06:
9f:5c:80:35:3f:31:b2:80:6e:c5:5f:11:69:90:7b:
6f:35:88:a3:59:16:fb:9c:6a:9f:e7:30:3b:87:b0:
ac:24:05:a3:03:93:63:c3:05:60:40:ed:99:b0:e8:
ef:2d:03:c7:c8:5b:a5:7b:94:56:03:ce:71:7c:80:
28:e5:56:3e:65:6b:1b:6f:af:12:e3:51:7d:23:fc:
db:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0A:B7:EE:08:74:C6:AF:E0:E0:22:50:5D:3A:27:FA:C6:E4:1B:C9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mAq37gh0xq_g4CJQXTon-sbkG8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:fe:44:eb:70:06:e1:60:bf:23:db:54:4f:ce:27:04:45:51:
d3:bb:3d:99:74:e9:b5:3d:02:2a:fa:0f:58:3f:af:d8:e8:2d:
23:b0:b0:88:3c:77:9e:4a:6d:a1:6f:fc:bf:74:07:3c:77:34:
71:d1:c2:f2:4a:24:f3:6a:13:0b:f6:ba:e2:9a:6d:f9:ef:b2:
a8:77:ec:24:4c:3b:d0:cd:53:d6:98:51:d1:38:d7:77:5b:2e:
58:08:a9:95:6a:3b:22:a8:e0:6b:8b:35:2a:7c:e3:4a:e0:62:
82:2e:19:a8:1f:f4:0c:18:10:21:38:54:26:4a:0d:b7:8b:a4:
8d:7f:dd:ce:b3:f6:a8:b2:9e:e6:26:e7:3f:82:86:d2:5f:93:
bc:25:c0:58:fc:ab:34:f6:f0:2b:e3:c2:01:94:27:2c:d9:65:
bf:8f:ab:e0:b7:2c:f3:94:19:90:d3:be:ae:48:dc:48:e4:57:
84:3e:03:74:ce:9f:49:20:88:e6:59:1c:78:74:96:0f:ef:6e:
9f:50:3f:69:31:9b:9e:bf:01:a7:17:3e:7f:73:6e:33:77:64:
bd:ac:b7:29:38:67:d6:2d:67:40:80:18:d1:61:a2:1f:25:f4:
04:6c:6c:7e:16:95:c2:2a:83:84:9a:13:d6:c2:95:09:a8:e4:
73:59:1a:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXdBH7s2jmcjJlHQ5rCrPOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIzMDUwNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODBhYjdlZTA4NzRjNmFmZTBlMDIyNTA1ZDNhMjdmYWM2ZTQxYmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo75Tuqub6fN2TVhNdC7tX0vjMDYZ
uXrKVNADYtKObb9d5StGG8lq5F6eHcbyCph0th0kUAc+eMpt1JG31VfcHsdtwS41
ftHAp650oIgGz51i81ATtjetybAnJpKlz9oycMnN34Z53FbBBF51hlZ0rkp0S2oW
+jc6ctMRb4F1lHxgMJWLXzkhsGKKvkhX9cZ/BuV2AebAyHeHBlhnBdc8lROcxlgt
nMXyrBZZFn60OoRUGwafXIA1PzGygG7FXxFpkHtvNYijWRb7nGqf5zA7h7CsJAWj
A5NjwwVgQO2ZsOjvLQPHyFule5RWA85xfIAo5VY+ZWsbb68S41F9I/zb9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJgKt+4IdMav4OAiUF06J/rG5BvJMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbUFxMzdnaDB4cV9nNENKUVhUb24tc2JrRzhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFf+ROtwBuFgvyPbVE/O
JwRFUdO7PZl06bU9Air6D1g/r9joLSOwsIg8d55KbaFv/L90Bzx3NHHRwvJKJPNq
Ewv2uuKabfnvsqh37CRMO9DNU9aYUdE413dbLlgIqZVqOyKo4GuLNSp840rgYoIu
Gagf9AwYECE4VCZKDbeLpI1/3c6z9qiynuYm5z+ChtJfk7wlwFj8qzT28CvjwgGU
JyzZZb+Pq+C3LPOUGZDTvq5I3EjkV4Q+A3TOn0kgiOZZHHh0lg/vbp9QP2kxm56/
AacXPn9zbjN3ZL2styk4Z9YtZ0CAGNFhoh8l9ARsbH4WlcIqg4SaE9bClQmo5HNZ
Gkw=
-----END CERTIFICATE-----
Generated at Thu May 1 03:15:56 2025 by rpki-client