Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/muX7K_s68uQD0WR7nJqNnGhzqzM.roa
File: muX7K_s68uQD0WR7nJqNnGhzqzM.roa (raw, json)
Hash identifier: Ej3pd9A9UsDvKjFFoNAYjv6rPPzGeIGyawHEXyzWCOM=
Subject key identifier: 9A:E5:FB:2B:FB:3A:F2:E4:03:D1:64:7B:9C:9A:8D:9C:68:73:AB:33
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185C647CBEE408E5127A97887D772117A80
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/muX7K_s68uQD0WR7nJqNnGhzqzM.roa
Signing time: Wed 18 Jan 2023 19:07:51 +0000
ROA not before: Wed 18 Jan 2023 19:07:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:c644:7fa9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c6:47:cb:ee:40:8e:51:27:a9:78:87:d7:72:11:7a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 18 19:07:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ae5fb2bfb3af2e403d1647b9c9a8d9c6873ab33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4d:d8:23:9d:ed:85:49:3d:22:49:48:47:db:
31:7e:4c:05:8a:84:96:40:1f:fc:f0:1a:02:5e:bc:
40:27:86:7b:74:ee:9a:b7:fe:1d:d0:ad:ca:04:59:
17:3f:e1:e7:1f:86:00:2a:88:c0:f9:85:fa:85:08:
17:7e:00:46:2c:22:e5:1f:25:e7:70:1d:f6:5d:83:
4b:d1:5a:71:e3:90:14:df:71:46:43:a4:20:25:c4:
47:70:dc:3b:b7:c3:0e:66:d8:45:3a:44:bf:80:82:
f9:32:fc:f1:18:ea:f5:17:72:5c:2e:97:e9:30:47:
b1:e8:24:60:97:63:1e:9f:68:d4:7c:76:5b:b6:37:
45:a4:ee:b0:03:41:e7:e0:a0:8f:ae:34:41:f0:ec:
b4:7f:3f:dd:dc:d6:74:b1:89:6c:bb:24:d4:fe:7a:
7a:36:7f:d8:9d:ca:ad:f8:10:14:48:23:ac:8c:bf:
ec:12:a3:92:c0:1c:0c:6a:ed:7b:0a:14:eb:1f:4e:
5f:a7:7a:42:9d:32:3b:1d:c8:5e:2e:9e:99:b9:07:
48:50:06:02:f8:29:a8:57:66:76:a3:b2:b4:a8:97:
65:91:a7:3b:04:62:8b:ad:f7:38:29:4a:b3:13:ef:
2b:8e:ab:12:bb:f8:0d:d6:aa:b4:e1:70:89:72:fc:
33:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:E5:FB:2B:FB:3A:F2:E4:03:D1:64:7B:9C:9A:8D:9C:68:73:AB:33
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/muX7K_s68uQD0WR7nJqNnGhzqzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:9e:86:17:2b:d4:89:a1:05:78:60:fe:eb:9f:54:59:cf:1b:
f2:85:bc:12:6b:80:fc:f7:76:07:27:eb:94:22:86:69:1d:af:
3c:8a:9d:35:4b:42:d7:6c:50:26:1c:81:d4:99:7a:e1:47:73:
87:0c:88:20:17:8c:03:84:68:4f:27:b5:12:0a:e6:58:53:6a:
25:47:a4:90:2c:7c:e4:e4:5b:eb:60:da:16:e9:a5:9c:01:0a:
ee:09:38:de:1a:0f:e6:c2:b8:87:e5:1b:d9:4d:f4:d4:5e:72:
18:ce:ca:97:61:4d:7c:e5:3b:c1:c6:ab:66:00:36:7f:94:4b:
90:c3:d8:a7:d5:08:f6:f3:75:61:46:d8:c9:65:44:26:f9:6e:
4b:07:3e:fc:02:3e:5b:80:d1:ff:7b:e7:73:0c:8c:7b:2d:8b:
26:11:c9:38:e6:9a:d1:1c:73:86:70:5b:5c:0d:49:37:2f:fb:
03:7c:b4:76:95:a2:9c:4a:43:42:da:b6:94:a4:b3:cf:f4:c7:
61:3c:90:2d:a6:f5:00:3d:d5:17:dc:0a:d7:cf:45:ee:d4:ab:
d0:06:a9:85:b3:59:5d:07:6a:1f:6f:2b:7b:07:fa:5b:22:50:
0d:67:03:8b:46:46:e2:47:6c:9c:81:43:dc:aa:d3:d4:9b:c8:
ed:e3:71:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXGR8vuQI5RJ6l4h9dyEXqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTE4MTkwNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWU1ZmIyYmZiM2FmMmU0MDNkMTY0N2I5YzlhOGQ5YzY4NzNhYjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy03YI53thUk9IklIR9sxfkwFioSW
QB/88BoCXrxAJ4Z7dO6at/4d0K3KBFkXP+HnH4YAKojA+YX6hQgXfgBGLCLlHyXn
cB32XYNL0Vpx45AU33FGQ6QgJcRHcNw7t8MOZthFOkS/gIL5MvzxGOr1F3JcLpfp
MEex6CRgl2Men2jUfHZbtjdFpO6wA0Hn4KCPrjRB8Oy0fz/d3NZ0sYlsuyTU/np6
Nn/Yncqt+BAUSCOsjL/sEqOSwBwMau17ChTrH05fp3pCnTI7HcheLp6ZuQdIUAYC
+CmoV2Z2o7K0qJdlkac7BGKLrfc4KUqzE+8rjqsSu/gN1qq04XCJcvwzlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJrl+yv7OvLkA9Fke5yajZxoc6szMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbXVYN0tfczY4dVFEMFdSN25KcU5uR2h6cXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGCehhcr1ImhBXhg/uuf
VFnPG/KFvBJrgPz3dgcn65QihmkdrzyKnTVLQtdsUCYcgdSZeuFHc4cMiCAXjAOE
aE8ntRIK5lhTaiVHpJAsfOTkW+tg2hbppZwBCu4JON4aD+bCuIflG9lN9NRechjO
ypdhTXzlO8HGq2YANn+US5DD2KfVCPbzdWFG2MllRCb5bksHPvwCPluA0f9753MM
jHstiyYRyTjmmtEcc4ZwW1wNSTcv+wN8tHaVopxKQ0LatpSks8/0x2E8kC2m9QA9
1RfcCtfPRe7Uq9AGqYWzWV0Hah9vK3sH+lsiUA1nA4tGRuJHbJyBQ9yq09SbyO3j
cQs=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:18:48 2025 by rpki-client