Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mrHF93NZgNAgYsPeFgY2BmChEWA.roa
File: mrHF93NZgNAgYsPeFgY2BmChEWA.roa (raw, json)
Hash identifier: BxxIF8n314c7mZbc3I0Bu6GXCS4i6jpDBOd3K+bn1FI=
Subject key identifier: 9A:B1:C5:F7:73:59:80:D0:20:62:C3:DE:16:06:36:06:60:A1:11:60
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A00305E83517DF43BE87807E4812BAF74
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mrHF93NZgNAgYsPeFgY2BmChEWA.roa
Signing time: Wed 16 Aug 2023 21:11:24 +0000
ROA not before: Wed 16 Aug 2023 21:11:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:00:30:5e:83:51:7d:f4:3b:e8:78:07:e4:81:2b:af:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 16 21:11:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ab1c5f7735980d02062c3de1606360660a11160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6d:d5:46:10:24:d5:9d:d1:66:43:51:92:ae:
ae:44:bc:da:59:5b:f7:a1:eb:c7:74:a4:d3:60:84:
2b:9b:6c:04:88:2f:98:c2:24:a1:c5:97:a7:54:67:
1d:7a:70:ff:51:cb:4d:b1:9d:92:11:e3:b7:41:66:
01:8e:9e:0f:69:45:60:fc:91:48:2b:d3:9d:91:61:
c2:24:25:ee:44:e0:02:4e:5d:55:53:ef:ef:34:aa:
1d:49:63:71:ed:73:50:66:c1:b6:29:38:6c:08:58:
3c:a6:bf:6f:ff:76:ce:76:2b:7e:67:61:69:66:73:
75:6c:78:6e:53:d2:2f:43:a9:9a:26:66:af:1f:31:
c5:b3:f7:a5:dc:32:08:c4:b1:8c:b5:16:82:1b:88:
d9:d9:1b:90:64:eb:ad:0c:38:fd:a7:f0:86:f7:75:
75:74:14:72:55:ae:d9:78:c9:ed:15:0e:4b:ef:79:
66:cf:29:c9:c6:41:2c:90:64:3f:1c:53:2b:86:f1:
fe:ea:cd:c3:fa:2c:36:70:15:b4:34:b2:eb:7d:96:
60:1f:fd:30:b8:ff:1b:1a:63:33:7d:15:12:c1:61:
27:3f:42:fb:26:04:e1:5f:15:b3:00:50:06:0b:c4:
ed:fa:4a:65:9f:28:2c:b5:1a:33:ad:dd:d1:53:ef:
1f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B1:C5:F7:73:59:80:D0:20:62:C3:DE:16:06:36:06:60:A1:11:60
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mrHF93NZgNAgYsPeFgY2BmChEWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:2a:64:92:18:66:e3:41:19:5e:45:23:69:8d:8a:7f:09:56:
1b:9e:3e:91:ea:91:5d:41:f1:a0:c6:ed:1e:e1:80:a2:69:5b:
4c:aa:d2:70:a9:3a:6c:a3:13:6c:07:5c:2a:4d:99:41:40:d9:
a4:f7:88:47:71:56:56:1a:d2:3d:c7:91:01:89:91:ad:3b:f2:
50:31:f7:3d:32:13:db:ae:0d:78:04:8a:69:6d:79:e0:9c:39:
97:7d:81:7a:0e:21:18:c9:08:9e:a9:f8:08:f8:5c:f4:fe:81:
2a:f4:0c:ac:47:f1:82:95:c2:ee:39:e9:2d:b0:b7:1a:4c:62:
2f:2a:55:95:12:3d:88:5a:1c:b1:89:2b:65:2c:c3:25:42:eb:
4d:80:11:78:23:0c:ce:85:97:ae:6b:2d:b6:c4:d5:1c:61:28:
94:90:31:68:73:af:8b:5a:35:7e:06:eb:fd:a9:f6:dc:64:e6:
a9:a4:c1:95:6d:89:43:d5:48:91:29:b0:d6:da:60:00:5b:ea:
ab:41:bb:b9:78:dd:40:3f:2a:2d:3d:98:5a:15:b9:ae:3c:c8:
ef:90:e5:94:01:c0:eb:aa:f4:c6:b9:6a:5a:ad:25:9d:24:43:
81:28:40:de:f4:78:b8:9b:23:bd:de:c8:67:26:b6:74:89:a4:
13:c6:d2:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoAMF6DUX30O+h4B+SBK690MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE2MjExMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWIxYzVmNzczNTk4MGQwMjA2MmMzZGUxNjA2MzYwNjYwYTExMTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkm3VRhAk1Z3RZkNRkq6uRLzaWVv3
oevHdKTTYIQrm2wEiC+YwiShxZenVGcdenD/UctNsZ2SEeO3QWYBjp4PaUVg/JFI
K9OdkWHCJCXuROACTl1VU+/vNKodSWNx7XNQZsG2KThsCFg8pr9v/3bOdit+Z2Fp
ZnN1bHhuU9IvQ6maJmavHzHFs/el3DIIxLGMtRaCG4jZ2RuQZOutDDj9p/CG93V1
dBRyVa7ZeMntFQ5L73lmzynJxkEskGQ/HFMrhvH+6s3D+iw2cBW0NLLrfZZgH/0w
uP8bGmMzfRUSwWEnP0L7JgThXxWzAFAGC8Tt+kplnygstRozrd3RU+8fTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJqxxfdzWYDQIGLD3hYGNgZgoRFgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbXJIRjkzTlpnTkFnWXNQZUZnWTJCbUNoRVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACwqZJIYZuNBGV5FI2mN
in8JVhuePpHqkV1B8aDG7R7hgKJpW0yq0nCpOmyjE2wHXCpNmUFA2aT3iEdxVlYa
0j3HkQGJka078lAx9z0yE9uuDXgEimlteeCcOZd9gXoOIRjJCJ6p+Aj4XPT+gSr0
DKxH8YKVwu456S2wtxpMYi8qVZUSPYhaHLGJK2UswyVC602AEXgjDM6Fl65rLbbE
1RxhKJSQMWhzr4taNX4G6/2p9txk5qmkwZVtiUPVSJEpsNbaYABb6qtBu7l43UA/
Ki09mFoVua48yO+Q5ZQBwOuq9Ma5alqtJZ0kQ4EoQN70eLibI73eyGcmtnSJpBPG
0tk=
-----END CERTIFICATE-----
Generated at Thu May 1 00:43:24 2025 by rpki-client