Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sMstBLnySb0t3xwXeJFXJsQI7BE.roa
File: sMstBLnySb0t3xwXeJFXJsQI7BE.roa (raw, json)
Hash identifier: gXII51mRm6xCVyIDXSGh49vnoiuKNmtpVMF3MiYqFBE=
Subject key identifier: B0:CB:2D:04:B9:F2:49:BD:2D:DF:1C:17:78:91:57:26:C4:08:EC:11
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018494863C5B082DCD8FF860FBBD87F5A959
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sMstBLnySb0t3xwXeJFXJsQI7BE.roa
Signing time: Sun 20 Nov 2022 10:12:16 +0000
ROA not before: Sun 20 Nov 2022 10:12:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:94:86:3c:5b:08:2d:cd:8f:f8:60:fb:bd:87:f5:a9:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 20 10:12:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0cb2d04b9f249bd2ddf1c1778915726c408ec11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:1f:3e:08:15:ac:19:29:d7:fe:34:e6:92:0e:
9a:82:51:78:02:1c:9b:d7:53:49:8f:fc:ba:7a:02:
ac:d0:15:56:2d:dc:97:1b:83:9e:c3:4e:f8:24:64:
c4:0e:5a:39:32:fa:22:be:2b:b4:a8:b8:2e:04:ac:
ef:5e:f5:30:55:2d:d4:29:84:b1:8d:88:7f:01:40:
ab:8d:89:fd:ab:c4:96:e2:70:a8:7a:10:92:14:78:
40:8c:a3:cb:91:4c:31:de:af:28:7f:5b:4c:eb:a5:
37:fb:13:54:a3:9b:56:6d:b1:c0:b1:a2:5b:12:f7:
44:97:2a:5f:38:fc:c5:82:1b:c7:dd:fc:b5:f5:04:
55:d8:07:38:0f:2d:3d:90:14:57:fc:68:56:79:10:
a1:97:d2:fb:8d:8b:13:cb:83:f8:92:c9:97:bf:0b:
9e:8e:0d:84:17:ed:e1:0a:7e:44:a2:c9:e7:f7:c5:
ce:fa:f3:81:ac:b3:3b:1f:40:b2:66:13:3e:69:71:
60:90:95:5b:43:53:6a:a0:0d:f8:22:ab:72:3f:d9:
81:ff:3b:56:37:fb:68:80:15:66:f0:18:17:49:90:
48:e4:1c:06:12:ae:e6:ba:6a:c5:7b:8b:5d:04:9b:
29:5d:35:38:56:86:00:0a:10:33:2c:3d:c6:a9:19:
06:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:CB:2D:04:B9:F2:49:BD:2D:DF:1C:17:78:91:57:26:C4:08:EC:11
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sMstBLnySb0t3xwXeJFXJsQI7BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:44:ef:ea:77:26:62:38:ba:2b:a2:b4:85:c7:46:0d:a9:eb:
7c:d3:c8:da:08:3b:a6:37:95:aa:bd:79:1a:f4:7e:30:ec:7e:
76:d9:8f:8e:fb:3d:65:06:2e:a3:6d:5b:6f:df:1c:36:e9:71:
97:4e:a0:77:6f:07:de:8d:bb:0f:61:f2:65:21:f9:7d:53:b6:
71:ea:4f:a7:6e:71:81:40:df:22:06:16:7b:9e:50:8d:5e:1a:
96:77:69:2b:6d:da:8d:9f:6e:be:b5:26:60:18:63:ab:41:32:
d9:54:42:24:1e:91:d2:53:9c:54:4c:ca:0a:ca:aa:10:ef:c1:
c1:af:91:fc:40:71:1b:6e:0f:b2:64:e3:b5:e6:f7:36:41:11:
7a:b2:39:8e:2d:ad:9a:6b:21:82:b7:b0:a2:ea:b2:b3:99:2f:
ec:8e:72:08:37:df:fe:bc:7f:fd:06:d9:b0:83:aa:36:b6:c9:
1f:ab:79:1d:a1:c3:cb:72:14:64:e9:02:0b:0a:5f:94:2c:5a:
fb:ed:41:d8:be:f8:94:3f:6f:20:64:ca:9c:fd:26:14:62:eb:
76:4d:32:d7:5e:1b:41:48:0e:cd:ff:2c:ff:3b:7a:09:2c:78:
89:0a:31:ee:12:ea:00:6f:e9:f4:7b:7a:7e:8c:ec:56:9e:46:
fe:27:ef:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYSUhjxbCC3Nj/hg+72H9alZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTIwMTAxMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGNiMmQwNGI5ZjI0OWJkMmRkZjFjMTc3ODkxNTcyNmM0MDhlYzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1x8+CBWsGSnX/jTmkg6aglF4Ahyb
11NJj/y6egKs0BVWLdyXG4Oew074JGTEDlo5Mvoiviu0qLguBKzvXvUwVS3UKYSx
jYh/AUCrjYn9q8SW4nCoehCSFHhAjKPLkUwx3q8of1tM66U3+xNUo5tWbbHAsaJb
EvdElypfOPzFghvH3fy19QRV2Ac4Dy09kBRX/GhWeRChl9L7jYsTy4P4ksmXvwue
jg2EF+3hCn5Eosnn98XO+vOBrLM7H0CyZhM+aXFgkJVbQ1NqoA34IqtyP9mB/ztW
N/togBVm8BgXSZBI5BwGEq7mumrFe4tdBJspXTU4VoYAChAzLD3GqRkGrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLDLLQS58km9Ld8cF3iRVybECOwRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvc01zdEJMbnlTYjB0M3h3WGVKRlhKc1FJN0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE9E7+p3JmI4uiuitIXH
Rg2p63zTyNoIO6Y3laq9eRr0fjDsfnbZj477PWUGLqNtW2/fHDbpcZdOoHdvB96N
uw9h8mUh+X1TtnHqT6ducYFA3yIGFnueUI1eGpZ3aStt2o2fbr61JmAYY6tBMtlU
QiQekdJTnFRMygrKqhDvwcGvkfxAcRtuD7Jk47Xm9zZBEXqyOY4trZprIYK3sKLq
srOZL+yOcgg33/68f/0G2bCDqja2yR+reR2hw8tyFGTpAgsKX5QsWvvtQdi++JQ/
byBkypz9JhRi63ZNMtdeG0FIDs3/LP87egkseIkKMe4S6gBv6fR7en6M7FaeRv4n
7xA=
-----END CERTIFICATE-----
Generated at Thu May 1 18:45:03 2025 by rpki-client