Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mNG7wpiR53T5Ghj7YT0hr6r_E5k.roa
File: mNG7wpiR53T5Ghj7YT0hr6r_E5k.roa (raw, json)
Hash identifier: PeS83zZhZB/TDyQ8g0QGf6pXatb13TCisibGdBdehXg=
Subject key identifier: 98:D1:BB:C2:98:91:E7:74:F9:1A:18:FB:61:3D:21:AF:AA:FF:13:99
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B42ACDC5ED980358DCD58674E787E8FFC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mNG7wpiR53T5Ghj7YT0hr6r_E5k.roa
Signing time: Wed 18 Oct 2023 12:05:06 +0000
ROA not before: Wed 18 Oct 2023 12:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:42ac:3df5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:ac:dc:5e:d9:80:35:8d:cd:58:67:4e:78:7e:8f:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 18 12:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98d1bbc29891e774f91a18fb613d21afaaff1399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:94:69:78:7c:d4:32:70:7e:31:13:00:0c:54:
a9:e2:9d:df:24:b3:d6:6d:c5:e3:58:12:ad:12:dd:
47:4c:7a:f0:8b:1d:88:28:1b:f3:c1:08:3c:77:41:
6c:b6:af:76:95:99:f2:5a:7c:a8:82:5c:f2:a9:f7:
bc:2a:b4:5f:70:83:45:05:82:d0:ed:13:0d:ed:fc:
4d:f0:c2:59:16:1f:ec:a8:3a:6b:bc:05:6e:24:40:
2e:3c:a5:d7:c4:27:fd:b2:9d:7e:b5:ae:8f:ce:55:
90:15:16:c9:24:95:e8:2a:f9:19:0b:e8:fb:76:b6:
d0:21:35:05:9a:14:70:9e:fc:4f:af:ab:8d:4a:81:
35:00:2f:c8:60:40:c6:6e:ab:9d:ee:b8:0b:11:86:
be:d4:3a:66:2f:e5:15:c5:44:e7:27:f9:1b:45:f6:
8a:86:bc:54:2e:c5:05:33:01:9f:d9:80:d7:b3:6e:
38:41:e6:df:99:3e:b3:a0:7e:40:45:6c:02:3e:d0:
53:a7:fb:7b:c3:11:9a:24:0b:20:78:dd:c7:5e:d5:
80:7b:94:4c:3b:cf:31:c2:49:4f:90:38:de:09:73:
e2:b0:50:20:07:7e:70:6e:25:34:31:00:2e:e5:f6:
3a:50:ac:ad:a2:d0:00:5c:1f:d1:72:a4:e2:7c:b8:
ba:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D1:BB:C2:98:91:E7:74:F9:1A:18:FB:61:3D:21:AF:AA:FF:13:99
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mNG7wpiR53T5Ghj7YT0hr6r_E5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:db:a4:7f:e4:db:f6:49:2c:2b:e9:7e:73:2f:7b:47:6d:56:
42:b6:43:17:49:5c:1a:bc:03:c4:33:07:02:6e:21:8a:62:1e:
85:d3:9f:e9:07:ce:43:3a:c8:44:06:c0:13:35:f9:78:7f:b1:
cc:16:cc:d1:ce:86:88:fa:a1:17:6e:6c:bb:43:14:f1:63:4a:
44:d5:e1:dc:a8:06:35:9d:50:78:78:f1:10:b2:28:c4:19:45:
7b:a2:2e:68:b1:3b:b3:8b:62:4e:ae:1c:c0:bd:ee:a4:98:43:
ee:e3:48:32:89:7e:79:ec:57:56:00:5a:29:38:a6:92:d7:45:
fe:d3:81:7c:28:72:56:b6:24:a1:2f:89:26:fd:57:f9:90:2a:
ee:7b:15:02:9d:62:72:55:ef:47:82:ce:be:a5:18:d5:fb:97:
ff:7e:1e:47:3f:95:91:d1:bd:d1:7f:96:05:4a:8b:f8:c8:3a:
91:8a:a0:1d:48:4e:2e:cf:87:d6:39:e0:5f:af:f0:ab:2d:a0:
21:a0:a2:5a:ed:08:f5:db:32:4e:fa:8b:c6:d1:fb:04:1f:8b:
6a:a6:18:ca:cb:c2:76:90:b0:79:39:2e:9c:82:8f:7c:54:ca:
56:59:48:d4:86:cc:bf:0a:e1:30:c9:38:ba:2b:18:f8:ad:f8:
8f:a4:9d:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtCrNxe2YA1jc1YZ054fo/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE4MTIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQxYmJjMjk4OTFlNzc0ZjkxYTE4ZmI2MTNkMjFhZmFhZmYxMzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5RpeHzUMnB+MRMADFSp4p3fJLPW
bcXjWBKtEt1HTHrwix2IKBvzwQg8d0Fstq92lZnyWnyoglzyqfe8KrRfcINFBYLQ
7RMN7fxN8MJZFh/sqDprvAVuJEAuPKXXxCf9sp1+ta6PzlWQFRbJJJXoKvkZC+j7
drbQITUFmhRwnvxPr6uNSoE1AC/IYEDGbqud7rgLEYa+1DpmL+UVxUTnJ/kbRfaK
hrxULsUFMwGf2YDXs244QebfmT6zoH5ARWwCPtBTp/t7wxGaJAsgeN3HXtWAe5RM
O88xwklPkDjeCXPisFAgB35wbiU0MQAu5fY6UKytotAAXB/RcqTifLi6awIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJjRu8KYked0+RoY+2E9Ia+q/xOZMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbU5HN3dwaVI1M1Q1R2hqN1lUMGhyNnJfRTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG7bpH/k2/ZJLCvpfnMv
e0dtVkK2QxdJXBq8A8QzBwJuIYpiHoXTn+kHzkM6yEQGwBM1+Xh/scwWzNHOhoj6
oRdubLtDFPFjSkTV4dyoBjWdUHh48RCyKMQZRXuiLmixO7OLYk6uHMC97qSYQ+7j
SDKJfnnsV1YAWik4ppLXRf7TgXwocla2JKEviSb9V/mQKu57FQKdYnJV70eCzr6l
GNX7l/9+Hkc/lZHRvdF/lgVKi/jIOpGKoB1ITi7Ph9Y54F+v8KstoCGgolrtCPXb
Mk76i8bR+wQfi2qmGMrLwnaQsHk5LpyCj3xUylZZSNSGzL8K4TDJOLorGPit+I+k
nak=
-----END CERTIFICATE-----
Generated at Wed Jun 18 04:10:29 2025 by rpki-client