Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mVAJp3rqN2n_5ilmOshJrAFhzUI.roa
File: mVAJp3rqN2n_5ilmOshJrAFhzUI.roa (raw, json)
Hash identifier: nZS7VtfvaT+1A7EUpXErFRFaq/dJOmiYZDPUS/Wk6zs=
Subject key identifier: 99:50:09:A7:7A:EA:37:69:FF:E6:29:66:3A:C8:49:AC:01:61:CD:42
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184ECECEBC597E7597D9022BECDFC3CE302
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mVAJp3rqN2n_5ilmOshJrAFhzUI.roa
Signing time: Wed 07 Dec 2022 14:11:00 +0000
ROA not before: Wed 07 Dec 2022 14:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:ec:eb:c5:97:e7:59:7d:90:22:be:cd:fc:3c:e3:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 7 14:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=995009a77aea3769ffe629663ac849ac0161cd42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:35:a2:cb:d5:ab:38:0b:2c:4a:b7:a5:68:31:
86:70:ec:6b:3b:ce:ec:ef:dc:3a:9a:f9:53:6c:c8:
c4:c4:93:5f:cb:4f:d0:b6:eb:75:8c:71:50:64:7e:
b9:a0:96:85:85:3b:03:17:44:cc:df:68:82:76:96:
b9:ae:17:48:44:21:14:ec:14:3f:7b:66:eb:c6:a1:
c0:56:2f:40:39:9a:df:36:9c:4d:ab:dd:a4:f1:26:
7c:83:3f:73:fe:06:56:24:84:f1:17:1c:60:b9:36:
99:77:e8:77:94:aa:f7:94:a6:93:a8:f5:75:24:e1:
b4:89:2c:10:d0:aa:36:84:83:c2:52:a0:7d:1c:e9:
21:9b:42:f2:de:33:f9:d8:b4:0a:57:c6:66:49:5d:
b0:31:da:81:95:7b:96:da:13:7e:ed:0a:93:fb:9c:
cb:08:ba:1b:ee:20:0e:7a:a6:47:79:e4:43:eb:18:
cf:67:75:20:2f:63:1d:15:60:bb:9c:fc:7b:50:4c:
4d:a8:d3:14:67:19:06:e6:43:d1:ab:9e:98:cc:ec:
15:25:88:91:a1:b8:8d:b1:9d:fd:11:5a:8f:b0:1d:
55:41:83:72:01:8c:1e:5b:18:46:03:41:93:7b:07:
ca:ca:b5:0a:38:bf:20:2e:c8:bf:ad:9c:43:16:78:
11:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:50:09:A7:7A:EA:37:69:FF:E6:29:66:3A:C8:49:AC:01:61:CD:42
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mVAJp3rqN2n_5ilmOshJrAFhzUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:79:0c:a6:7b:9b:cc:64:db:b3:72:42:19:02:39:d5:7f:b3:
5b:52:33:94:71:52:b7:02:0e:81:1b:ae:d3:d6:f7:84:ec:ad:
61:1a:23:2d:5f:af:09:60:30:94:e0:ee:97:18:8c:29:21:0b:
7b:c9:25:1c:fe:49:5e:92:08:cc:33:a6:1f:a4:54:db:cb:8a:
b8:12:b2:7d:d6:18:c3:54:1f:c9:02:36:5a:61:ef:fe:ca:a7:
4d:4b:61:a0:72:96:1b:62:7e:86:36:2c:fa:b2:2f:c1:a2:f6:
a8:1b:3a:fa:cd:4f:92:9a:57:b2:67:67:7e:02:fe:02:b4:6d:
06:fa:86:b5:3a:86:4d:33:87:5d:44:e0:09:c9:df:42:50:d1:
6e:12:95:f1:45:0f:22:a5:6c:39:fc:a6:3e:e2:d3:8c:63:e1:
ae:dc:14:97:f6:d8:cb:3c:d8:b5:ab:6b:3e:3b:7c:41:f0:5d:
bf:10:93:e4:f6:f4:b6:1d:1a:9f:52:1d:7d:f7:5f:b1:90:76:
65:d4:29:33:a9:f6:9b:d6:5f:d5:8e:17:2e:52:02:77:45:5c:
2a:8e:7a:b7:6b:24:d4:b8:87:55:c8:58:bd:eb:06:c8:e1:c6:
f1:c3:ba:23:04:27:8b:ef:b0:b7:3d:8c:1a:1b:5c:88:71:ab:
4f:5c:26:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTs7OvFl+dZfZAivs38POMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA3MTQxMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTUwMDlhNzdhZWEzNzY5ZmZlNjI5NjYzYWM4NDlhYzAxNjFjZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDWiy9WrOAssSrelaDGGcOxrO87s
79w6mvlTbMjExJNfy0/Qtut1jHFQZH65oJaFhTsDF0TM32iCdpa5rhdIRCEU7BQ/
e2brxqHAVi9AOZrfNpxNq92k8SZ8gz9z/gZWJITxFxxguTaZd+h3lKr3lKaTqPV1
JOG0iSwQ0Ko2hIPCUqB9HOkhm0Ly3jP52LQKV8ZmSV2wMdqBlXuW2hN+7QqT+5zL
CLob7iAOeqZHeeRD6xjPZ3UgL2MdFWC7nPx7UExNqNMUZxkG5kPRq56YzOwVJYiR
obiNsZ39EVqPsB1VQYNyAYweWxhGA0GTewfKyrUKOL8gLsi/rZxDFngRdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJlQCad66jdp/+YpZjrISawBYc1CMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbVZBSnAzcnFOMm5fNWlsbU9zaEpyQUZoelVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAN5DKZ7m8xk27NyQhkC
OdV/s1tSM5RxUrcCDoEbrtPW94TsrWEaIy1frwlgMJTg7pcYjCkhC3vJJRz+SV6S
CMwzph+kVNvLirgSsn3WGMNUH8kCNlph7/7Kp01LYaBylhtifoY2LPqyL8Gi9qgb
OvrNT5KaV7JnZ34C/gK0bQb6hrU6hk0zh11E4AnJ30JQ0W4SlfFFDyKlbDn8pj7i
04xj4a7cFJf22Ms82LWraz47fEHwXb8Qk+T29LYdGp9SHX33X7GQdmXUKTOp9pvW
X9WOFy5SAndFXCqOerdrJNS4h1XIWL3rBsjhxvHDuiMEJ4vvsLc9jBobXIhxq09c
JhE=
-----END CERTIFICATE-----
Generated at Thu May 1 11:17:09 2025 by rpki-client