Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mfHbSjsGH9bR_F8GXwDxmKWkqfE.roa
File: mfHbSjsGH9bR_F8GXwDxmKWkqfE.roa (raw, json)
Hash identifier: EfBURuUwCLP8IDKIdOnSJqpa26xB2YkwQOpasTaDJSI=
Subject key identifier: 99:F1:DB:4A:3B:06:1F:D6:D1:FC:5F:06:5F:00:F1:98:A5:A4:A9:F1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186B7486743F82ED23A87D4284F7F3BA872
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mfHbSjsGH9bR_F8GXwDxmKWkqfE.roa
Signing time: Mon 06 Mar 2023 14:17:00 +0000
ROA not before: Mon 06 Mar 2023 14:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b7:48:67:43:f8:2e:d2:3a:87:d4:28:4f:7f:3b:a8:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 6 14:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99f1db4a3b061fd6d1fc5f065f00f198a5a4a9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:40:4a:69:2a:27:a5:be:a8:79:30:3c:56:fb:
ca:27:20:ad:2c:db:73:67:69:50:bc:67:8c:01:d7:
8c:5c:24:52:df:fd:26:77:08:d6:8d:5d:cd:13:fc:
e2:53:29:4e:e5:05:e4:c0:49:51:fe:49:c7:52:46:
98:0b:7f:6f:f8:99:ad:21:84:42:d4:39:4f:2e:76:
a7:22:b4:cc:8b:6a:c4:8f:f4:ae:54:47:38:64:9a:
15:92:aa:c7:7e:a3:c6:f3:c7:48:47:73:a2:e8:d4:
08:aa:97:99:c3:36:12:ae:a4:f9:88:43:dd:d4:68:
cc:c2:31:0c:ff:6d:63:04:47:57:c7:0e:08:95:7e:
6a:4b:70:b0:4a:46:d9:f9:3d:fa:23:83:e1:7c:03:
3b:67:86:21:c0:ab:2d:ba:b6:b7:5d:5b:8f:f1:e2:
e3:6c:64:89:4b:3b:f4:f9:e9:df:e9:83:e3:a4:7f:
1c:ab:fc:91:31:21:b1:0d:5a:0c:e7:e1:2e:e5:5d:
65:6c:bc:3b:06:48:bb:30:ab:ba:45:06:32:1f:9d:
df:dd:a2:43:bf:0b:b4:2f:77:73:48:43:3f:f9:7b:
30:31:7e:d3:9e:72:dc:1d:ed:2d:72:0a:93:d1:f2:
cd:06:21:b9:a5:91:7a:3c:03:08:79:80:f7:cc:a5:
37:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F1:DB:4A:3B:06:1F:D6:D1:FC:5F:06:5F:00:F1:98:A5:A4:A9:F1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mfHbSjsGH9bR_F8GXwDxmKWkqfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:d2:8e:c5:1d:05:16:42:53:4c:df:02:1d:49:79:94:4e:b9:
c1:72:da:d2:55:bd:5b:6f:93:45:89:2b:12:55:b8:a8:d2:10:
1b:d2:26:61:e3:95:16:77:f1:eb:d2:e6:64:7a:e1:98:7f:8d:
bf:5a:ab:4c:82:53:5d:e0:7e:ad:46:ac:68:78:5b:47:b4:52:
16:7d:ef:20:c3:ae:b7:96:f6:d3:f8:96:94:10:b8:62:51:b8:
c0:49:b3:02:59:85:63:d3:3a:35:ea:11:b0:99:a8:12:d3:16:
23:ec:da:97:4a:8c:90:d6:ac:a5:d9:8d:fc:6c:c6:2b:f2:2b:
09:34:ef:74:bf:89:40:fb:ae:15:59:8f:98:90:70:fc:76:5d:
b1:0f:45:62:9e:b7:46:ec:e0:ba:af:1e:6f:6c:58:9b:33:75:
a0:3b:11:0c:f8:28:a1:5b:fc:69:e2:5d:05:5d:34:62:84:e6:
f7:a8:f6:87:a5:2b:a3:fb:1e:70:91:ac:43:d0:24:14:d6:cc:
98:d5:44:e2:55:9b:19:b8:0c:8f:35:36:21:8d:8f:a6:96:5b:
9d:89:62:6a:2d:7f:39:6e:d2:28:a2:15:bb:78:3f:c4:8f:65:
47:24:34:fb:a3:a8:a1:1b:54:c2:b8:39:fe:79:63:cc:3e:a2:
99:cb:ce:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYa3SGdD+C7SOofUKE9/O6hyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA2MTQxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWYxZGI0YTNiMDYxZmQ2ZDFmYzVmMDY1ZjAwZjE5OGE1YTRhOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUBKaSonpb6oeTA8VvvKJyCtLNtz
Z2lQvGeMAdeMXCRS3/0mdwjWjV3NE/ziUylO5QXkwElR/knHUkaYC39v+JmtIYRC
1DlPLnanIrTMi2rEj/SuVEc4ZJoVkqrHfqPG88dIR3Oi6NQIqpeZwzYSrqT5iEPd
1GjMwjEM/21jBEdXxw4IlX5qS3CwSkbZ+T36I4PhfAM7Z4YhwKstura3XVuP8eLj
bGSJSzv0+enf6YPjpH8cq/yRMSGxDVoM5+Eu5V1lbLw7Bki7MKu6RQYyH53f3aJD
vwu0L3dzSEM/+XswMX7TnnLcHe0tcgqT0fLNBiG5pZF6PAMIeYD3zKU3ywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJnx20o7Bh/W0fxfBl8A8ZilpKnxMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbWZIYlNqc0dIOWJSX0Y4R1h3RHhtS1drcWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADTSjsUdBRZCU0zfAh1J
eZROucFy2tJVvVtvk0WJKxJVuKjSEBvSJmHjlRZ38evS5mR64Zh/jb9aq0yCU13g
fq1GrGh4W0e0UhZ97yDDrreW9tP4lpQQuGJRuMBJswJZhWPTOjXqEbCZqBLTFiPs
2pdKjJDWrKXZjfxsxivyKwk073S/iUD7rhVZj5iQcPx2XbEPRWKet0bs4LqvHm9s
WJszdaA7EQz4KKFb/GniXQVdNGKE5veo9oelK6P7HnCRrEPQJBTWzJjVROJVmxm4
DI81NiGNj6aWW52JYmotfzlu0iiiFbt4P8SPZUckNPujqKEbVMK4Of55Y8w+opnL
zsg=
-----END CERTIFICATE-----
Generated at Mon Jun 9 11:54:29 2025 by rpki-client