Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mf6zoE4J9g-kN9DADwS4nZsQ3z8.roa
File: mf6zoE4J9g-kN9DADwS4nZsQ3z8.roa (raw, json)
Hash identifier: JNpH2KMLFq7Y13VnQhADr4l4yA832+sIASK/dQeSokc=
Subject key identifier: 99:FE:B3:A0:4E:09:F6:0F:A4:37:D0:C0:0F:04:B8:9D:9B:10:DF:3F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018553B4E244B8E8BD58A35051CC4799C792
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mf6zoE4J9g-kN9DADwS4nZsQ3z8.roa
Signing time: Tue 27 Dec 2022 13:10:41 +0000
ROA not before: Tue 27 Dec 2022 13:10:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:53:b4:e2:44:b8:e8:bd:58:a3:50:51:cc:47:99:c7:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 27 13:10:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99feb3a04e09f60fa437d0c00f04b89d9b10df3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:64:26:21:5f:9f:49:a9:20:98:b4:1a:69:19:
ee:3e:62:3b:e9:1a:7f:e9:5c:57:73:c2:7a:bb:37:
3e:0d:16:5f:cd:12:57:2b:43:07:df:a1:79:f8:1c:
b2:da:a2:e4:2d:8e:9f:60:89:ea:12:6f:54:a6:4a:
18:cb:06:5a:26:cd:a3:6a:81:fc:1e:77:a5:f6:ec:
7b:90:b6:d8:54:ba:d5:b5:f0:04:53:0f:7a:ce:72:
7d:90:51:2e:bf:c9:26:88:c9:67:39:44:5b:fb:5f:
ec:1b:b5:ac:ad:7a:6d:d4:ec:55:bb:e3:6d:11:31:
bd:5e:00:80:dd:6a:bd:68:89:c0:f1:8c:d9:93:cb:
79:91:78:db:53:4e:fa:1b:32:b0:b2:db:3b:ac:64:
10:ed:ac:26:23:f2:2a:4a:2c:a0:c4:4e:35:d7:12:
f4:ab:fc:1d:f7:21:43:6c:a8:06:c5:68:f1:96:17:
78:ac:24:71:8c:60:af:01:50:84:df:d6:89:90:c8:
0c:09:7f:1e:e3:4e:52:6d:ba:de:a8:35:4d:26:b1:
dc:a9:68:4c:5e:45:09:a0:0e:4a:64:40:fa:9e:83:
aa:a7:19:75:bb:13:45:83:00:f6:94:53:cb:a7:97:
59:01:90:bd:e5:78:26:7e:f4:96:8b:cf:65:cd:d6:
c0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FE:B3:A0:4E:09:F6:0F:A4:37:D0:C0:0F:04:B8:9D:9B:10:DF:3F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mf6zoE4J9g-kN9DADwS4nZsQ3z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:76:4c:d8:ec:2a:c6:05:4c:40:92:20:bc:9b:48:ee:2d:2a:
ff:a9:50:d8:c8:d8:2a:14:01:7a:16:fd:00:cc:6f:f5:6d:a1:
f9:f9:c3:b0:72:6c:b1:62:6d:95:d0:5f:26:7a:49:d6:c1:83:
a9:b2:27:90:44:5c:9e:1a:e3:0a:d0:ac:1b:08:3f:0d:15:58:
26:7c:97:fd:13:34:78:a1:15:34:42:1f:ff:1e:8a:5f:3d:7e:
0b:89:da:38:8e:fa:c8:21:e8:77:36:8c:a2:7b:50:e9:ac:73:
5e:59:49:9d:ec:2a:ed:36:f1:a1:8f:b3:82:09:ba:93:2b:79:
33:72:f3:e0:e7:48:8c:c8:5d:33:c9:0e:f4:e1:dd:f1:b9:d5:
b1:61:31:fc:72:32:09:73:7c:dd:ff:0e:e5:56:39:9c:3e:b7:
6f:23:e8:8e:3e:26:12:ba:81:9c:83:3c:c9:5d:3d:26:e4:9f:
d1:2e:0d:77:30:0a:d1:3c:da:01:36:88:7e:36:fd:dd:3c:73:
bb:6b:c2:67:81:53:e9:ba:77:a7:63:2b:8a:48:3b:78:71:77:
19:d5:0a:28:6a:a9:21:6e:81:42:68:49:96:5f:82:b0:4d:b5:
ab:67:b1:78:db:18:c8:d2:ee:4e:83:88:56:25:44:c9:76:69:
4f:e4:c8:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVTtOJEuOi9WKNQUcxHmceSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI3MTMxMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWZlYjNhMDRlMDlmNjBmYTQzN2QwYzAwZjA0Yjg5ZDliMTBkZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWQmIV+fSakgmLQaaRnuPmI76Rp/
6VxXc8J6uzc+DRZfzRJXK0MH36F5+Byy2qLkLY6fYInqEm9UpkoYywZaJs2jaoH8
Hnel9ux7kLbYVLrVtfAEUw96znJ9kFEuv8kmiMlnOURb+1/sG7WsrXpt1OxVu+Nt
ETG9XgCA3Wq9aInA8YzZk8t5kXjbU076GzKwsts7rGQQ7awmI/IqSiygxE411xL0
q/wd9yFDbKgGxWjxlhd4rCRxjGCvAVCE39aJkMgMCX8e405SbbreqDVNJrHcqWhM
XkUJoA5KZED6noOqpxl1uxNFgwD2lFPLp5dZAZC95XgmfvSWi89lzdbANwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJn+s6BOCfYPpDfQwA8EuJ2bEN8/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbWY2em9FNEo5Zy1rTjlEQUR3UzRuWnNRM3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABF2TNjsKsYFTECSILyb
SO4tKv+pUNjI2CoUAXoW/QDMb/Vtofn5w7BybLFibZXQXyZ6SdbBg6myJ5BEXJ4a
4wrQrBsIPw0VWCZ8l/0TNHihFTRCH/8eil89fguJ2jiO+sgh6Hc2jKJ7UOmsc15Z
SZ3sKu028aGPs4IJupMreTNy8+DnSIzIXTPJDvTh3fG51bFhMfxyMglzfN3/DuVW
OZw+t28j6I4+JhK6gZyDPMldPSbkn9EuDXcwCtE82gE2iH42/d08c7trwmeBU+m6
d6djK4pIO3hxdxnVCihqqSFugUJoSZZfgrBNtatnsXjbGMjS7k6DiFYlRMl2aU/k
yOI=
-----END CERTIFICATE-----
Generated at Sun May 4 17:43:59 2025 by rpki-client