Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mm5AH8y1I6QO158f5Xgv6AX0lOk.roa
File: mm5AH8y1I6QO158f5Xgv6AX0lOk.roa (raw, json)
Hash identifier: Vm8jC3VnSIg2taryxwiRxSDZwr+n+6Y5ZW+5DoDt8Nc=
Subject key identifier: 9A:6E:40:1F:CC:B5:23:A4:0E:D7:9F:1F:E5:78:2F:E8:05:F4:94:E9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01889855FD249DAA41C3D5612C484AC1EDB3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mm5AH8y1I6QO158f5Xgv6AX0lOk.roa
Signing time: Thu 08 Jun 2023 00:09:12 +0000
ROA not before: Thu 08 Jun 2023 00:09:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:98:55:fd:24:9d:aa:41:c3:d5:61:2c:48:4a:c1:ed:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 8 00:09:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a6e401fccb523a40ed79f1fe5782fe805f494e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a2:47:55:4c:0e:37:c8:ff:df:80:8a:dc:bb:
f8:29:85:a8:3e:c1:ed:33:31:ad:1a:e1:53:bc:34:
46:29:7d:17:ce:d6:8b:bb:3f:f3:94:d7:e9:59:77:
6b:a1:f9:e0:42:d6:1a:20:13:cc:6b:93:39:3d:ae:
ef:e0:96:2d:25:89:92:ce:a1:ef:c0:ce:14:b3:dc:
ff:43:29:7b:3a:5e:f6:4a:03:33:20:52:3d:b4:a4:
07:1e:87:2e:fc:c8:fb:74:9a:22:ba:c5:dd:1d:fb:
ec:3b:00:83:26:8f:21:37:f4:56:2d:37:6d:cb:9f:
2b:38:74:13:24:b8:6d:b5:90:4d:e7:02:87:9a:49:
c1:51:ca:72:92:24:12:a6:32:24:95:4c:f4:9a:d9:
97:62:39:b9:45:1b:d1:43:e7:71:fc:17:ba:4b:f9:
cf:5e:bc:7e:fc:ad:26:83:dd:19:6c:65:0b:a8:63:
63:21:91:1d:74:6e:40:2a:77:72:9c:70:08:c5:24:
d7:e3:7b:4c:16:a1:71:22:04:0e:da:7a:fd:f4:65:
f6:43:e0:5e:62:c0:08:bb:7d:b4:c2:04:0d:43:f7:
89:f1:06:7b:61:e3:77:91:a9:00:00:a5:f7:cf:ac:
35:fe:38:40:17:ac:2a:1f:b4:73:dc:6b:d2:a5:eb:
fd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:6E:40:1F:CC:B5:23:A4:0E:D7:9F:1F:E5:78:2F:E8:05:F4:94:E9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mm5AH8y1I6QO158f5Xgv6AX0lOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:fd:95:3a:75:7c:5f:69:97:42:85:bd:44:69:67:82:2c:cb:
b9:d7:5a:00:7f:fc:32:ac:90:12:ec:20:22:ca:8d:3b:9f:33:
92:a7:ac:e5:42:2b:c5:d1:c5:0a:60:71:6a:79:40:ed:40:69:
88:e5:d4:a7:38:de:31:74:1e:04:28:a6:14:30:6e:01:39:6d:
28:8f:b1:2c:9b:e6:5a:2b:f6:5e:67:04:67:74:56:13:f5:23:
dc:bb:b9:3a:0c:f8:a1:3b:1f:83:13:31:82:7e:6a:f6:40:9e:
48:3a:03:49:51:c8:63:8e:87:47:ea:8a:e0:19:b7:8a:f7:d0:
6d:66:5e:ee:0c:c2:60:33:d5:fc:21:d2:62:56:f3:3e:3a:ac:
73:bf:ce:7d:23:7a:af:84:36:91:96:50:0a:8b:ad:7c:ea:07:
de:7e:c5:ca:0e:f5:18:30:d5:3f:cd:55:dd:81:01:32:47:e5:
5c:76:bb:d0:f7:ee:31:b6:02:d4:31:50:a3:10:9d:e3:6c:cf:
51:22:7e:11:95:50:2f:5f:3c:78:d7:f7:b3:a1:d3:7e:53:5e:
bf:29:91:f6:45:9b:b5:6f:9a:df:a4:10:be:32:7b:d6:f4:6a:
58:c7:da:5d:17:8b:1c:c9:40:d2:f3:63:e4:b1:f9:58:06:ec:
1f:19:8b:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiYVf0knapBw9VhLEhKwe2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjA4MDAwOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTZlNDAxZmNjYjUyM2E0MGVkNzlmMWZlNTc4MmZlODA1ZjQ5NGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6JHVUwON8j/34CK3Lv4KYWoPsHt
MzGtGuFTvDRGKX0XztaLuz/zlNfpWXdrofngQtYaIBPMa5M5Pa7v4JYtJYmSzqHv
wM4Us9z/Qyl7Ol72SgMzIFI9tKQHHocu/Mj7dJoiusXdHfvsOwCDJo8hN/RWLTdt
y58rOHQTJLhttZBN5wKHmknBUcpykiQSpjIklUz0mtmXYjm5RRvRQ+dx/Be6S/nP
Xrx+/K0mg90ZbGULqGNjIZEddG5AKndynHAIxSTX43tMFqFxIgQO2nr99GX2Q+Be
YsAIu320wgQNQ/eJ8QZ7YeN3kakAAKX3z6w1/jhAF6wqH7Rz3GvSpev9RQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJpuQB/MtSOkDtefH+V4L+gF9JTpMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbW01QUg4eTFJNlFPMTU4ZjVYZ3Y2QVgwbE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAf9lTp1fF9pl0KFvURp
Z4Isy7nXWgB//DKskBLsICLKjTufM5KnrOVCK8XRxQpgcWp5QO1AaYjl1Kc43jF0
HgQophQwbgE5bSiPsSyb5lor9l5nBGd0VhP1I9y7uToM+KE7H4MTMYJ+avZAnkg6
A0lRyGOOh0fqiuAZt4r30G1mXu4MwmAz1fwh0mJW8z46rHO/zn0jeq+ENpGWUAqL
rXzqB95+xcoO9Rgw1T/NVd2BATJH5Vx2u9D37jG2AtQxUKMQneNsz1EifhGVUC9f
PHjX97Oh035TXr8pkfZFm7Vvmt+kEL4ye9b0aljH2l0XixzJQNLzY+Sx+VgG7B8Z
i/A=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:34:06 2025 by rpki-client