Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jMAh6YnHtB38tzMrleveeu6XaMQ.roa
File: jMAh6YnHtB38tzMrleveeu6XaMQ.roa (raw, json)
Hash identifier: G4330Xz8Agn+6Kc3cxpYNshWCzBCgRWAhVDwahzNLQ0=
Subject key identifier: 8C:C0:21:E9:89:C7:B4:1D:FC:B7:33:2B:95:EB:DE:7A:EE:97:68:C4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018694B91FB66BBDCF21EABDBCC0EE727CC4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jMAh6YnHtB38tzMrleveeu6XaMQ.roa
Signing time: Mon 27 Feb 2023 21:13:25 +0000
ROA not before: Mon 27 Feb 2023 21:13:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:94:b9:1f:b6:6b:bd:cf:21:ea:bd:bc:c0:ee:72:7c:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 27 21:13:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cc021e989c7b41dfcb7332b95ebde7aee9768c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:63:2a:eb:de:78:1e:ef:5f:49:d7:7c:c6:8b:
9f:07:5f:4f:b8:48:66:e1:95:07:b6:12:88:30:53:
9c:96:ca:ff:2e:a1:38:ec:9f:21:3d:4f:ef:58:25:
b2:66:7f:f7:a6:80:a4:83:9a:95:78:e4:03:69:63:
47:44:62:64:7e:47:48:53:6f:5a:04:a9:91:8c:81:
5d:30:67:69:fa:d6:2c:7e:8a:53:4b:c7:d7:43:2b:
3d:a3:24:ad:88:a8:e3:3e:cc:b5:31:94:9f:73:45:
bd:48:fa:56:93:12:36:ed:18:ba:6b:9b:1a:f2:5e:
32:f6:1f:67:66:e0:c2:40:2d:bf:b0:01:fc:74:a3:
a2:c6:2d:cb:bf:8f:d0:7f:52:b0:2a:a7:0e:5a:ba:
f6:4c:62:56:26:03:dd:bb:89:bd:6f:08:66:ed:d4:
f8:76:d4:bb:1d:a7:d7:bc:6a:7a:ba:14:84:2c:e0:
df:f1:b3:b6:9c:00:2d:18:b5:0f:ef:3a:b1:5f:49:
bb:36:12:63:57:ac:e4:c2:90:a1:dd:0a:ec:4e:9f:
6a:d6:c1:36:b7:2a:b0:12:12:94:02:ea:f5:75:dc:
12:cc:8f:33:09:e4:ee:5b:3b:1e:f7:63:a0:82:f8:
85:61:f4:1f:58:60:13:ad:49:34:06:0a:c5:de:eb:
db:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C0:21:E9:89:C7:B4:1D:FC:B7:33:2B:95:EB:DE:7A:EE:97:68:C4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jMAh6YnHtB38tzMrleveeu6XaMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:e8:47:d2:09:8c:6b:c5:11:0e:e0:37:ef:72:3f:c4:26:b1:
c9:94:2d:fe:63:cc:fe:84:1b:bb:d4:62:cb:10:26:d3:7a:28:
e7:21:15:73:76:56:79:43:64:e6:bd:3c:55:2b:2c:48:f9:dd:
0f:5a:03:79:5a:a9:ec:2b:f6:cf:92:4f:cb:e3:da:ce:ca:2c:
32:15:e4:e5:43:9e:bc:84:b7:86:1e:be:3a:13:02:94:e4:f5:
e1:4f:57:be:bc:e9:ab:85:4f:46:fa:f0:a1:b8:84:5c:1d:15:
e3:95:f3:82:40:dd:77:fb:b0:98:a1:6d:ad:33:e4:d9:53:15:
85:30:d4:0a:cf:8c:df:9a:96:fb:b4:95:98:3a:65:38:72:55:
aa:38:45:98:6b:8f:a7:3a:02:46:50:70:a5:1c:c1:4e:a0:3a:
f6:e4:d4:5f:e0:0d:df:b2:56:17:6f:c2:08:54:b9:a0:03:fe:
1e:ee:7f:61:92:2c:e9:f4:05:6b:1a:40:e6:b0:d4:e7:85:f9:
b5:c8:26:35:08:51:7d:2b:6b:97:d3:23:08:a2:32:d1:b0:7e:
d8:91:f4:a9:07:67:a3:0e:6e:5e:db:bc:7f:64:6b:ec:1d:6e:
29:06:62:14:e0:18:b2:87:c0:5e:ef:da:66:a3:46:ad:f6:c1:
9e:4a:07:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaUuR+2a73PIeq9vMDucnzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI3MjExMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2MwMjFlOTg5YzdiNDFkZmNiNzMzMmI5NWViZGU3YWVlOTc2OGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGMq6954Hu9fSdd8xoufB19PuEhm
4ZUHthKIMFOclsr/LqE47J8hPU/vWCWyZn/3poCkg5qVeOQDaWNHRGJkfkdIU29a
BKmRjIFdMGdp+tYsfopTS8fXQys9oyStiKjjPsy1MZSfc0W9SPpWkxI27Ri6a5sa
8l4y9h9nZuDCQC2/sAH8dKOixi3Lv4/Qf1KwKqcOWrr2TGJWJgPdu4m9bwhm7dT4
dtS7HafXvGp6uhSELODf8bO2nAAtGLUP7zqxX0m7NhJjV6zkwpCh3QrsTp9q1sE2
tyqwEhKUAur1ddwSzI8zCeTuWzse92OggviFYfQfWGATrUk0BgrF3uvbgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIzAIemJx7Qd/LczK5Xr3nrul2jEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvak1BaDZZbkh0QjM4dHpNcmxldmVldTZYYU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFLoR9IJjGvFEQ7gN+9y
P8QmscmULf5jzP6EG7vUYssQJtN6KOchFXN2VnlDZOa9PFUrLEj53Q9aA3laqewr
9s+ST8vj2s7KLDIV5OVDnryEt4YevjoTApTk9eFPV7686auFT0b68KG4hFwdFeOV
84JA3Xf7sJihba0z5NlTFYUw1ArPjN+alvu0lZg6ZThyVao4RZhrj6c6AkZQcKUc
wU6gOvbk1F/gDd+yVhdvwghUuaAD/h7uf2GSLOn0BWsaQOaw1OeF+bXIJjUIUX0r
a5fTIwiiMtGwftiR9KkHZ6MObl7bvH9ka+wdbikGYhTgGLKHwF7v2majRq32wZ5K
B88=
-----END CERTIFICATE-----
Generated at Mon Jun 9 11:54:47 2025 by rpki-client