Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mNJEDRyNxl2ofqDS8cG0bH4nJts.roa
File: mNJEDRyNxl2ofqDS8cG0bH4nJts.roa (raw, json)
Hash identifier: vBoJIDZXEQPDFKcS2hTc+gVQwEVNBxncysiouzyQ2wM=
Subject key identifier: 98:D2:44:0D:1C:8D:C6:5D:A8:7E:A0:D2:F1:C1:B4:6C:7E:27:26:DB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189ACF0C52334147EE023E1F9B26C87DE02
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mNJEDRyNxl2ofqDS8cG0bH4nJts.roa
Signing time: Mon 31 Jul 2023 17:13:27 +0000
ROA not before: Mon 31 Jul 2023 17:13:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:f0:c5:23:34:14:7e:e0:23:e1:f9:b2:6c:87:de:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 31 17:13:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98d2440d1c8dc65da87ea0d2f1c1b46c7e2726db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:95:ad:8f:14:02:5f:05:16:4a:71:c6:14:e5:
a7:80:28:17:6d:7c:33:5b:61:03:98:4c:73:1e:02:
c7:b7:e9:da:d4:23:99:29:3c:f3:2e:84:be:84:10:
bf:db:e1:44:3d:c1:de:12:58:50:55:ad:f7:d9:ed:
45:a2:c8:6a:63:a5:2d:ce:9b:02:28:56:dc:c6:2a:
88:fb:13:34:a2:7f:29:41:83:91:ba:26:90:72:56:
cd:5f:ca:c9:e0:a2:80:0e:66:7b:50:1b:1f:eb:1c:
5a:6a:d1:d1:f3:1e:28:e2:40:32:05:e9:15:86:8c:
24:62:ce:f3:fd:1e:1b:ed:7d:43:cb:02:fc:aa:65:
fc:4d:d7:45:f0:15:5c:d5:b1:06:9f:c5:2c:fd:4a:
7b:f4:6a:0d:31:de:18:91:99:07:27:ce:0e:b9:60:
f7:de:91:4f:b5:2f:8a:26:9c:e6:5b:bd:66:25:90:
4c:1d:56:94:dc:44:db:0f:8c:37:4b:c3:04:c2:d3:
6b:1e:1a:61:85:a3:9c:1a:e8:64:09:fd:0a:9a:94:
5c:1e:83:d1:43:97:94:e3:6d:cd:ed:bc:bd:82:9e:
0f:65:e4:a0:3a:7d:8d:c5:c1:9c:b7:99:47:49:54:
d0:27:b4:1f:0d:5f:0c:66:22:d8:30:a9:16:7d:f3:
e0:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D2:44:0D:1C:8D:C6:5D:A8:7E:A0:D2:F1:C1:B4:6C:7E:27:26:DB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mNJEDRyNxl2ofqDS8cG0bH4nJts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:18:56:ef:b0:ff:29:7c:75:41:ae:21:7b:c1:72:22:21:e0:
49:8a:d2:13:c5:f4:29:d5:2b:2f:fa:87:84:69:2a:9d:8c:77:
23:7b:f2:fd:14:9c:a1:39:89:91:fd:b9:45:1b:c7:4e:77:52:
53:2a:9c:10:4d:d6:d3:f5:ba:cf:2e:51:fd:a6:c7:af:3b:a7:
7a:b0:6e:20:f6:84:1b:e5:45:2b:2a:01:93:cf:e7:f0:1d:fe:
fe:4f:1e:ec:14:74:d0:85:e5:7c:6a:be:a1:e5:04:c6:34:23:
37:8d:0f:c7:47:63:77:ca:50:7e:7e:4b:10:31:03:45:ca:a0:
e9:4e:e1:1f:58:87:c4:93:27:95:f8:85:35:a4:b4:7a:44:ea:
21:f8:f6:84:a4:0f:5d:1c:38:20:df:9d:28:ce:f4:5f:0a:71:
5d:04:c7:b7:a9:e4:f6:8a:f1:76:8b:de:4f:0e:99:05:19:51:
36:12:1c:37:3f:47:8f:cd:fe:b4:0b:40:7b:58:3a:77:d8:89:
e1:0a:6b:e6:c4:c9:1b:9a:0c:d7:94:c6:af:36:df:63:8d:03:
61:33:95:a8:7d:cb:f7:3c:70:aa:71:ff:14:51:d3:8e:44:de:
b0:b5:40:08:38:ac:ff:d4:cc:b8:14:60:eb:9f:89:fa:27:b2:
55:07:18:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYms8MUjNBR+4CPh+bJsh94CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMxMTcxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQyNDQwZDFjOGRjNjVkYTg3ZWEwZDJmMWMxYjQ2YzdlMjcyNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpWtjxQCXwUWSnHGFOWngCgXbXwz
W2EDmExzHgLHt+na1COZKTzzLoS+hBC/2+FEPcHeElhQVa332e1FoshqY6UtzpsC
KFbcxiqI+xM0on8pQYORuiaQclbNX8rJ4KKADmZ7UBsf6xxaatHR8x4o4kAyBekV
howkYs7z/R4b7X1DywL8qmX8TddF8BVc1bEGn8Us/Up79GoNMd4YkZkHJ84OuWD3
3pFPtS+KJpzmW71mJZBMHVaU3ETbD4w3S8MEwtNrHhphhaOcGuhkCf0KmpRcHoPR
Q5eU423N7by9gp4PZeSgOn2NxcGct5lHSVTQJ7QfDV8MZiLYMKkWffPgFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJjSRA0cjcZdqH6g0vHBtGx+JybbMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbU5KRURSeU54bDJvZnFEUzhjRzBiSDRuSnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG4YVu+w/yl8dUGuIXvB
ciIh4EmK0hPF9CnVKy/6h4RpKp2MdyN78v0UnKE5iZH9uUUbx053UlMqnBBN1tP1
us8uUf2mx687p3qwbiD2hBvlRSsqAZPP5/Ad/v5PHuwUdNCF5XxqvqHlBMY0IzeN
D8dHY3fKUH5+SxAxA0XKoOlO4R9Yh8STJ5X4hTWktHpE6iH49oSkD10cOCDfnSjO
9F8KcV0Ex7ep5PaK8XaL3k8OmQUZUTYSHDc/R4/N/rQLQHtYOnfYieEKa+bEyRua
DNeUxq8232ONA2Ezlah9y/c8cKpx/xRR045E3rC1QAg4rP/UzLgUYOufifonslUH
GBc=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:42:49 2025 by rpki-client