Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/M1wKqtAymlnQked112-DvkdFryI.roa
File: M1wKqtAymlnQked112-DvkdFryI.roa (raw, json)
Hash identifier: oFRC3HooJMDgcye4JmTXWg+uZwR1iCWI4GbpVL1pbTo=
Subject key identifier: 33:5C:0A:AA:D0:32:9A:59:D0:91:E7:75:D7:6F:83:BE:47:45:AF:22
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A05882BAF09AF5FAB43C1E203D7C235FD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/M1wKqtAymlnQked112-DvkdFryI.roa
Signing time: Thu 17 Aug 2023 22:05:24 +0000
ROA not before: Thu 17 Aug 2023 22:05:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:587:3f39/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:05:88:2b:af:09:af:5f:ab:43:c1:e2:03:d7:c2:35:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 17 22:05:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=335c0aaad0329a59d091e775d76f83be4745af22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a9:1c:18:a8:24:84:18:21:2d:6d:a4:90:ab:
35:ef:6e:d9:a3:15:74:f2:c6:20:7a:56:cb:73:75:
54:88:8c:b0:fb:e8:92:be:49:e5:f0:29:80:fd:05:
41:b4:78:82:57:fc:b0:68:de:4a:79:c4:04:9e:22:
d7:36:3f:27:0f:55:84:fb:32:92:6d:36:64:17:c1:
8c:59:25:c2:1b:a9:dc:b6:41:2a:9f:26:f8:70:77:
5c:d8:d6:6c:9c:77:d2:61:26:23:c6:11:23:a7:c5:
55:68:be:bb:49:7b:c8:59:6a:b9:26:22:26:1a:27:
83:c2:8f:b0:4e:2d:71:d5:81:33:18:f8:87:2f:5e:
c1:7c:7c:ed:ff:ab:da:38:df:e8:95:ba:dd:2d:0f:
b0:21:c6:62:80:6f:52:66:01:bc:b6:92:af:61:4c:
16:e9:c1:43:7c:91:e3:39:78:f1:04:9b:38:11:2d:
0f:63:6c:a6:3d:3c:b9:05:7b:ff:e7:9b:a1:54:88:
f3:a6:e0:ad:93:75:f8:da:a0:fd:c6:d1:7e:c0:5e:
e3:4c:a3:ab:13:3e:48:d8:f4:69:40:2b:f8:59:dd:
06:6b:fa:30:1f:56:fe:b5:50:54:e7:47:9b:4b:a9:
c4:64:f3:e8:95:f0:87:bd:17:5c:73:d1:89:43:6b:
cf:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:5C:0A:AA:D0:32:9A:59:D0:91:E7:75:D7:6F:83:BE:47:45:AF:22
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/M1wKqtAymlnQked112-DvkdFryI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b4:d2:69:22:07:92:6c:d1:37:50:10:cf:aa:0b:49:83:5b:32:
78:07:8c:f0:16:1d:85:f6:17:40:54:36:df:04:42:a0:d2:fd:
94:d3:17:36:db:97:18:a1:d9:5f:dd:e9:1f:97:17:4c:bd:99:
22:2d:cd:27:e9:07:59:e7:31:6c:72:bf:3d:2b:61:19:34:c5:
74:df:a8:1a:04:e5:31:78:ad:eb:76:60:83:20:27:ab:97:51:
16:c4:6b:06:65:4d:92:38:6b:35:24:75:da:51:92:3e:f5:2a:
3e:55:45:9a:0e:08:db:43:a5:9a:56:0b:ce:5b:51:36:b2:8d:
6a:59:3d:30:e2:83:0c:42:03:7d:38:36:63:a3:2d:c1:5d:13:
1f:5d:67:92:c6:0b:6e:eb:31:d9:80:25:23:cb:4d:47:3b:b7:
ff:bb:4b:22:ee:36:c7:42:a6:4b:0c:55:47:03:d3:ce:10:d2:
85:dd:9f:6d:66:b4:87:66:4b:78:9a:1f:90:20:4f:6a:4b:a2:
7c:07:4d:b9:c4:e1:63:a6:da:4d:df:ba:e3:33:de:47:bc:af:
f2:36:32:61:3b:1d:81:c5:09:40:2d:1d:3a:4f:d4:c5:43:91:
a2:87:11:e2:b1:f4:6f:64:f4:ab:66:ec:de:0d:34:a0:55:83:
ae:9e:24:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoFiCuvCa9fq0PB4gPXwjX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE3MjIwNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzVjMGFhYWQwMzI5YTU5ZDA5MWU3NzVkNzZmODNiZTQ3NDVhZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKkcGKgkhBghLW2kkKs1727ZoxV0
8sYgelbLc3VUiIyw++iSvknl8CmA/QVBtHiCV/ywaN5KecQEniLXNj8nD1WE+zKS
bTZkF8GMWSXCG6nctkEqnyb4cHdc2NZsnHfSYSYjxhEjp8VVaL67SXvIWWq5JiIm
GieDwo+wTi1x1YEzGPiHL17BfHzt/6vaON/olbrdLQ+wIcZigG9SZgG8tpKvYUwW
6cFDfJHjOXjxBJs4ES0PY2ymPTy5BXv/55uhVIjzpuCtk3X42qD9xtF+wF7jTKOr
Ez5I2PRpQCv4Wd0Ga/owH1b+tVBU50ebS6nEZPPolfCHvRdcc9GJQ2vP4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDNcCqrQMppZ0JHndddvg75HRa8iMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTTF3S3F0QXltbG5Ra2VkMTEyLUR2a2RGcnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALTSaSIHkmzRN1AQz6oL
SYNbMngHjPAWHYX2F0BUNt8EQqDS/ZTTFzbblxih2V/d6R+XF0y9mSItzSfpB1nn
MWxyvz0rYRk0xXTfqBoE5TF4ret2YIMgJ6uXURbEawZlTZI4azUkddpRkj71Kj5V
RZoOCNtDpZpWC85bUTayjWpZPTDigwxCA304NmOjLcFdEx9dZ5LGC27rMdmAJSPL
TUc7t/+7SyLuNsdCpksMVUcD084Q0oXdn21mtIdmS3iaH5AgT2pLonwHTbnE4WOm
2k3fuuMz3ke8r/I2MmE7HYHFCUAtHTpP1MVDkaKHEeKx9G9k9Ktm7N4NNKBVg66e
JOU=
-----END CERTIFICATE-----
Generated at Mon Jun 9 04:56:28 2025 by rpki-client