Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mIR0GxEoq3aMSQ-w56TqO-zyUKQ.roa
File: mIR0GxEoq3aMSQ-w56TqO-zyUKQ.roa (raw, json)
Hash identifier: kwk2V4fI4/WIxueIUGWctTqGT92pmz2MDVB7Hp5Pk8A=
Subject key identifier: 98:84:74:1B:11:28:AB:76:8C:49:0F:B0:E7:A4:EA:3B:EC:F2:50:A4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189A9EED131D08D73D9D9E2A974962A870C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mIR0GxEoq3aMSQ-w56TqO-zyUKQ.roa
Signing time: Mon 31 Jul 2023 03:12:27 +0000
ROA not before: Mon 31 Jul 2023 03:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a9:ee:d1:31:d0:8d:73:d9:d9:e2:a9:74:96:2a:87:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 31 03:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9884741b1128ab768c490fb0e7a4ea3becf250a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b2:59:40:50:ce:c4:bb:1b:74:43:f0:e4:d8:
e4:13:32:c0:9e:1b:9e:c5:61:48:10:fb:4f:71:23:
84:b7:61:df:fc:70:a0:ed:7e:95:c9:30:db:80:f0:
d9:85:04:59:f0:2c:bf:61:92:53:7e:5f:3e:5a:d3:
85:9e:1c:66:29:30:2f:42:3b:1a:f5:77:f6:39:ac:
bc:81:9a:ae:6d:b1:fa:9a:ca:19:74:d3:6c:0f:f7:
a6:7e:58:2d:4f:fc:04:99:37:cd:53:48:f4:ae:b4:
8d:5c:e0:9c:0c:8d:82:94:46:32:ec:86:e9:d5:3a:
f6:47:f5:2e:7b:fd:ce:9f:e0:a7:c3:f2:9c:b1:51:
83:4b:80:57:1f:2b:82:42:e0:80:97:b2:b4:6c:fb:
c4:f7:3d:e5:22:35:37:3c:4e:d9:cb:9b:7d:b9:c5:
b2:61:80:1d:65:e5:bb:82:a8:70:d3:a6:aa:1e:6b:
a7:82:4a:be:4e:46:6b:5f:46:34:74:25:3a:a1:f5:
22:0a:88:46:6d:cd:5f:11:62:ec:e6:49:4b:c6:2c:
34:65:c3:75:7f:fd:d5:2d:11:1d:53:ec:12:4f:23:
21:60:12:38:13:76:91:32:28:d5:c1:4a:d7:2c:43:
49:f2:4a:51:c1:5e:98:d4:ae:f7:f7:db:11:2f:1b:
e7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:84:74:1B:11:28:AB:76:8C:49:0F:B0:E7:A4:EA:3B:EC:F2:50:A4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mIR0GxEoq3aMSQ-w56TqO-zyUKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:90:fc:ed:ef:44:19:56:c3:c8:14:4c:db:be:a0:74:ed:38:
03:41:c1:8b:73:8f:d2:69:91:53:cd:99:e6:29:76:df:b5:08:
53:e3:23:72:a3:03:e2:26:97:81:7b:de:e1:ac:c3:9a:cb:a7:
59:58:6d:29:8b:67:7a:dd:ba:19:3a:1a:7b:c0:13:5c:41:4e:
9a:b1:24:34:ea:82:c0:40:12:38:26:6d:0f:33:5d:9c:23:4a:
69:17:3c:bf:ed:92:b4:ea:8a:0d:8b:bd:ba:ad:c3:5e:9a:6e:
42:db:b1:48:ac:77:3a:36:b8:86:93:d6:b3:79:53:c0:ed:14:
0c:b2:83:b5:be:68:fd:cf:8e:71:b3:1f:39:68:68:93:79:5e:
a4:d7:69:ba:0b:72:7a:f4:09:bb:e6:74:f2:3c:7b:ba:f3:f0:
ad:36:39:43:bf:d4:3d:15:66:cc:db:aa:c1:04:78:5b:28:46:
f2:a7:9f:ca:37:cc:2a:68:02:54:b1:d0:50:4b:5a:87:cc:ca:
ff:63:7c:97:3e:71:9e:2a:1b:51:72:b9:7f:a5:5a:12:b1:da:
0e:2c:d5:9a:d8:bf:dd:7c:41:eb:77:2b:6b:3a:5c:7c:15:e4:
ce:f2:4c:73:31:16:c2:f7:38:9d:6d:08:96:86:bf:df:d5:5a:
1c:bc:de:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmp7tEx0I1z2dniqXSWKocMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMxMDMxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODg0NzQxYjExMjhhYjc2OGM0OTBmYjBlN2E0ZWEzYmVjZjI1MGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLJZQFDOxLsbdEPw5NjkEzLAnhue
xWFIEPtPcSOEt2Hf/HCg7X6VyTDbgPDZhQRZ8Cy/YZJTfl8+WtOFnhxmKTAvQjsa
9Xf2Oay8gZqubbH6msoZdNNsD/emflgtT/wEmTfNU0j0rrSNXOCcDI2ClEYy7Ibp
1Tr2R/Uue/3On+Cnw/KcsVGDS4BXHyuCQuCAl7K0bPvE9z3lIjU3PE7Zy5t9ucWy
YYAdZeW7gqhw06aqHmungkq+TkZrX0Y0dCU6ofUiCohGbc1fEWLs5klLxiw0ZcN1
f/3VLREdU+wSTyMhYBI4E3aRMijVwUrXLENJ8kpRwV6Y1K7399sRLxvnIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJiEdBsRKKt2jEkPsOek6jvs8lCkMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbUlSMEd4RW9xM2FNU1EtdzU2VHFPLXp5VUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACCQ/O3vRBlWw8gUTNu+
oHTtOANBwYtzj9JpkVPNmeYpdt+1CFPjI3KjA+Iml4F73uGsw5rLp1lYbSmLZ3rd
uhk6GnvAE1xBTpqxJDTqgsBAEjgmbQ8zXZwjSmkXPL/tkrTqig2Lvbqtw16abkLb
sUisdzo2uIaT1rN5U8DtFAyyg7W+aP3PjnGzHzloaJN5XqTXaboLcnr0CbvmdPI8
e7rz8K02OUO/1D0VZszbqsEEeFsoRvKnn8o3zCpoAlSx0FBLWofMyv9jfJc+cZ4q
G1FyuX+lWhKx2g4s1ZrYv918Qet3K2s6XHwV5M7yTHMxFsL3OJ1tCJaGv9/VWhy8
3gI=
-----END CERTIFICATE-----
Generated at Mon Jun 9 07:58:19 2025 by rpki-client