Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mXKi9SzzPfbPwJfTnb874Ij5GJ0.roa
File: mXKi9SzzPfbPwJfTnb874Ij5GJ0.roa (raw, json)
Hash identifier: 8x3pkqkZvjfP1oQEv3Gvq/QIxUXBVvQYyrlw5fvyo/Y=
Subject key identifier: 99:72:A2:F5:2C:F3:3D:F6:CF:C0:97:D3:9D:BF:3B:E0:88:F9:18:9D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189C0DDA63AD8EF25D13915FB942D48CBB8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mXKi9SzzPfbPwJfTnb874Ij5GJ0.roa
Signing time: Fri 04 Aug 2023 14:04:58 +0000
ROA not before: Fri 04 Aug 2023 14:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
2001:67c:64:ffff:0:189:c0dd:18a4/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:dd:a6:3a:d8:ef:25:d1:39:15:fb:94:2d:48:cb:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 4 14:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9972a2f52cf33df6cfc097d39dbf3be088f9189d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3c:81:8e:4b:4c:cd:fd:06:a1:d4:53:30:ac:
0f:5d:48:47:55:91:6f:3b:08:80:14:a3:7e:32:61:
4d:4e:e5:74:bf:9d:6b:9d:9c:4b:e6:bb:cb:fa:00:
3e:f3:4e:33:e5:1b:ff:f8:3c:38:9e:07:2b:3e:70:
11:e9:ea:92:45:5b:dc:4d:58:2f:40:fe:de:78:32:
43:c9:cd:2e:21:f8:00:20:50:ff:c5:1d:74:83:56:
f1:90:a4:28:4a:95:c5:ac:ed:e5:4c:fa:96:6f:32:
47:fe:96:13:47:2e:90:65:3b:3e:67:c5:6b:f6:46:
ad:12:bc:18:56:98:5f:92:70:19:82:38:a5:37:31:
b0:94:f0:86:59:5d:56:4e:50:97:de:44:05:dd:77:
44:50:be:8d:48:da:fe:c6:b0:35:29:b9:e8:31:2b:
50:10:aa:00:27:6e:cd:10:b2:e1:2d:7f:7a:fe:31:
b4:36:30:85:d8:8f:45:01:e2:9e:1a:6b:ec:b4:1d:
9b:79:e6:87:0d:f5:60:48:39:34:c4:ea:29:13:99:
b1:05:76:b3:ce:4a:57:d5:62:d4:87:7b:79:c2:3d:
6f:5d:74:0a:f5:f0:43:1a:df:45:5c:d2:7a:c4:af:
b8:e2:32:b5:5c:ea:14:f4:62:1e:de:01:da:82:87:
dc:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:72:A2:F5:2C:F3:3D:F6:CF:C0:97:D3:9D:BF:3B:E0:88:F9:18:9D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mXKi9SzzPfbPwJfTnb874Ij5GJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:14:20:77:4b:9b:0e:51:99:ba:a3:61:4e:80:5b:e2:44:e3:
ad:cb:d6:43:d6:4d:3e:c9:19:07:fb:5e:bb:77:97:3a:01:36:
0b:cb:88:f4:f4:72:57:e5:ff:47:95:3a:42:2c:46:b2:7f:91:
bc:dc:d2:5a:d1:17:85:40:50:cd:c6:9d:ec:7f:43:4b:38:1f:
65:af:a8:18:be:79:c8:87:41:a5:dc:65:c0:54:04:39:18:3d:
60:b5:89:60:a8:d0:a9:4a:f0:43:2f:d4:b7:90:8d:1a:3e:d2:
7a:24:27:8a:b0:71:7d:53:ab:c9:cf:2b:93:61:da:7d:bc:67:
df:85:da:7c:6e:05:4a:3c:49:02:9d:83:b6:40:75:78:5b:88:
b1:36:68:8e:0e:be:e1:50:32:8a:11:86:c9:9a:0e:29:e1:f3:
7a:97:83:32:bb:a4:d6:41:66:41:02:98:6b:39:f0:c0:95:ec:
ca:02:82:9b:2b:b8:a2:6a:70:9b:2c:f7:ab:1d:89:f0:5b:38:
42:7c:9e:55:17:77:8f:c7:91:f0:b4:1e:58:b2:d1:cf:e1:9c:
c0:d4:1d:90:05:b6:f4:20:b2:35:04:91:e4:86:58:0e:6f:a7:
2a:7d:b8:7c:06:20:ea:27:74:55:dc:65:ba:ae:57:86:22:4f:
ca:19:84:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnA3aY62O8l0TkV+5QtSMu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA0MTQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTcyYTJmNTJjZjMzZGY2Y2ZjMDk3ZDM5ZGJmM2JlMDg4ZjkxODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzyBjktMzf0GodRTMKwPXUhHVZFv
OwiAFKN+MmFNTuV0v51rnZxL5rvL+gA+804z5Rv/+Dw4ngcrPnAR6eqSRVvcTVgv
QP7eeDJDyc0uIfgAIFD/xR10g1bxkKQoSpXFrO3lTPqWbzJH/pYTRy6QZTs+Z8Vr
9katErwYVphfknAZgjilNzGwlPCGWV1WTlCX3kQF3XdEUL6NSNr+xrA1KbnoMStQ
EKoAJ27NELLhLX96/jG0NjCF2I9FAeKeGmvstB2beeaHDfVgSDk0xOopE5mxBXaz
zkpX1WLUh3t5wj1vXXQK9fBDGt9FXNJ6xK+44jK1XOoU9GIe3gHagofchwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJlyovUs8z32z8CX052/O+CI+RidMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbVhLaTlTenpQZmJQd0pmVG5iODc0SWo1R0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA0UIHdLmw5RmbqjYU6A
W+JE463L1kPWTT7JGQf7Xrt3lzoBNgvLiPT0clfl/0eVOkIsRrJ/kbzc0lrRF4VA
UM3Gnex/Q0s4H2WvqBi+eciHQaXcZcBUBDkYPWC1iWCo0KlK8EMv1LeQjRo+0nok
J4qwcX1Tq8nPK5Nh2n28Z9+F2nxuBUo8SQKdg7ZAdXhbiLE2aI4OvuFQMooRhsma
Dinh83qXgzK7pNZBZkECmGs58MCV7MoCgpsruKJqcJss96sdifBbOEJ8nlUXd4/H
kfC0Hliy0c/hnMDUHZAFtvQgsjUEkeSGWA5vpyp9uHwGIOondFXcZbquV4YiT8oZ
hJQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 22:49:25 2025 by rpki-client