Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mW4dYMS7GmsvGSKflqfvJ-Kj1lQ.roa
File: mW4dYMS7GmsvGSKflqfvJ-Kj1lQ.roa (raw, json)
Hash identifier: uUA00FrpTBjllP0KIo1RozymQCtcEXYFXcbm8BgsyS0=
Subject key identifier: 99:6E:1D:60:C4:BB:1A:6B:2F:19:22:9F:96:A7:EF:27:E2:A3:D6:54
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018692FA58DCB2A54DB5EEAA2E6AB20437B4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mW4dYMS7GmsvGSKflqfvJ-Kj1lQ.roa
Signing time: Mon 27 Feb 2023 13:05:25 +0000
ROA not before: Mon 27 Feb 2023 13:05:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:fa:58:dc:b2:a5:4d:b5:ee:aa:2e:6a:b2:04:37:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 27 13:05:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=996e1d60c4bb1a6b2f19229f96a7ef27e2a3d654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:95:6c:ae:66:cc:03:4b:e1:85:17:3b:41:6a:
ef:6f:ba:91:c8:9a:66:09:32:49:b6:62:31:4d:16:
2c:8b:dc:38:84:95:47:e3:f2:30:49:e9:53:4a:75:
83:eb:7f:77:af:96:96:5a:b3:f4:ca:0e:70:ec:76:
ba:b8:ba:21:03:da:8f:bf:60:f0:60:25:5b:ab:71:
39:9d:87:3c:e5:3b:cb:3a:fe:7c:4b:bd:ed:f9:c5:
02:de:7c:21:3b:67:4f:03:3c:2f:19:e8:e3:2b:e7:
01:20:a3:a9:5b:8d:ad:da:17:69:19:6e:a2:42:bb:
80:44:f9:03:69:b0:2e:df:8e:87:08:d3:83:2e:74:
e2:08:1c:5c:11:f7:67:81:52:a7:75:d8:9c:e0:19:
be:eb:0c:18:2a:5c:f6:7b:7a:b7:df:89:70:4e:49:
d0:b5:77:02:f9:01:10:72:6d:28:81:d2:5f:af:78:
45:18:cc:33:f1:32:e7:a4:93:a6:e0:1d:ce:b3:4d:
a4:eb:38:0e:86:85:07:94:8e:2a:92:62:0a:37:ce:
b2:7b:6c:ed:5b:81:29:1e:5f:96:41:cb:18:a5:c3:
c1:79:c6:5c:65:05:f4:64:f5:bd:eb:5b:2c:c8:8a:
50:2f:23:5b:4c:c3:49:2d:1e:a4:f8:9f:fb:a0:88:
d9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:6E:1D:60:C4:BB:1A:6B:2F:19:22:9F:96:A7:EF:27:E2:A3:D6:54
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mW4dYMS7GmsvGSKflqfvJ-Kj1lQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:58:56:31:08:fc:18:cb:f7:59:01:ce:37:75:f2:ce:5a:1d:
80:4d:0b:68:bc:bd:4b:ad:5b:70:58:ec:d8:98:e1:6f:47:20:
ef:5c:e3:60:33:d6:12:01:51:9b:a2:d2:bb:7e:87:04:f2:c6:
3b:c8:f3:72:1c:d3:99:b9:c3:d5:00:dd:44:c3:43:71:78:cf:
5d:ea:11:4e:2c:3a:f3:19:dd:20:1a:46:f6:3a:52:05:14:ab:
5a:c7:7f:c3:1c:eb:79:41:b9:f8:77:a1:95:a8:67:51:62:72:
cd:7a:4b:c6:8e:d0:ec:d5:1a:03:5b:bc:1d:9d:72:52:62:9b:
6a:68:9e:7e:16:d4:3f:e1:72:a9:37:a9:c2:63:c9:6d:09:ac:
fa:8b:9d:d2:0d:b8:02:0b:4a:7a:dc:af:51:0e:bc:8d:87:e4:
2a:5d:4a:e4:03:50:ae:f3:eb:9d:7a:ba:91:1e:6a:a5:69:13:
00:3a:ee:e1:44:7b:f9:f7:28:6c:fa:ba:d8:f1:2d:db:2c:76:
24:65:f2:70:84:e4:36:c5:4f:27:e2:43:5c:b2:bd:8d:38:3f:
7c:c2:5d:7f:da:34:24:3e:61:33:c3:9a:95:86:c1:3d:ca:ba:
e4:3c:1c:83:a1:e1:ea:68:45:22:e7:67:65:95:76:89:08:fc:
ca:f2:c2:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaS+ljcsqVNte6qLmqyBDe0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI3MTMwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTZlMWQ2MGM0YmIxYTZiMmYxOTIyOWY5NmE3ZWYyN2UyYTNkNjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZVsrmbMA0vhhRc7QWrvb7qRyJpm
CTJJtmIxTRYsi9w4hJVH4/IwSelTSnWD6393r5aWWrP0yg5w7Ha6uLohA9qPv2Dw
YCVbq3E5nYc85TvLOv58S73t+cUC3nwhO2dPAzwvGejjK+cBIKOpW42t2hdpGW6i
QruARPkDabAu346HCNODLnTiCBxcEfdngVKnddic4Bm+6wwYKlz2e3q334lwTknQ
tXcC+QEQcm0ogdJfr3hFGMwz8TLnpJOm4B3Os02k6zgOhoUHlI4qkmIKN86ye2zt
W4EpHl+WQcsYpcPBecZcZQX0ZPW961ssyIpQLyNbTMNJLR6k+J/7oIjZbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJluHWDEuxprLxkin5an7yfio9ZUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbVc0ZFlNUzdHbXN2R1NLZmxxZnZKLUtqMWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKdYVjEI/BjL91kBzjd1
8s5aHYBNC2i8vUutW3BY7NiY4W9HIO9c42Az1hIBUZui0rt+hwTyxjvI83Ic05m5
w9UA3UTDQ3F4z13qEU4sOvMZ3SAaRvY6UgUUq1rHf8Mc63lBufh3oZWoZ1Fics16
S8aO0OzVGgNbvB2dclJim2ponn4W1D/hcqk3qcJjyW0JrPqLndINuAILSnrcr1EO
vI2H5CpdSuQDUK7z6516upEeaqVpEwA67uFEe/n3KGz6utjxLdssdiRl8nCE5DbF
TyfiQ1yyvY04P3zCXX/aNCQ+YTPDmpWGwT3KuuQ8HIOh4epoRSLnZ2WVdokI/Mry
wrU=
-----END CERTIFICATE-----
Generated at Thu May 1 08:16:53 2025 by rpki-client