Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mvjqrgLPzy0tGbq63sAclvpj7d8.roa
File: mvjqrgLPzy0tGbq63sAclvpj7d8.roa (raw, json)
Hash identifier: ZufZNyRx1Q0B5I8x8KKmwEzwE8L6jLurI5PGg1EZL/k=
Subject key identifier: 9A:F8:EA:AE:02:CF:CF:2D:2D:19:BA:BA:DE:C0:1C:96:FA:63:ED:DF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186F5B63FFAD767D48DEFDD7795898702B1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mvjqrgLPzy0tGbq63sAclvpj7d8.roa
Signing time: Sat 18 Mar 2023 17:13:27 +0000
ROA not before: Sat 18 Mar 2023 17:13:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f5:b6:3f:fa:d7:67:d4:8d:ef:dd:77:95:89:87:02:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 18 17:13:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9af8eaae02cfcf2d2d19babadec01c96fa63eddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:00:4a:48:88:95:93:32:10:3b:b5:6e:dc:70:
71:a5:76:f3:91:d0:e2:80:09:03:93:10:66:72:2d:
92:0c:39:82:2a:49:40:bf:66:a4:b4:bf:68:63:1d:
ff:51:3e:c7:60:7b:79:d1:89:25:82:40:2f:01:ab:
b1:f0:cd:bc:f5:be:7d:bf:70:73:9e:65:57:d8:6c:
0d:60:0f:8f:84:29:88:55:3e:a8:40:0a:c4:ba:b3:
2e:95:68:34:c1:6d:7e:c3:7e:a0:0c:df:70:df:20:
ce:6c:cc:9a:5d:12:7f:8f:c3:5d:4c:64:aa:17:e5:
b1:e8:41:62:27:2e:57:de:2f:cf:84:b5:fd:89:87:
d2:94:8c:e0:34:39:6a:46:e7:79:b3:1d:11:cc:3b:
5c:bb:17:65:e2:9e:6a:0a:f1:7d:7d:db:f0:fe:93:
68:53:91:e9:f0:20:06:89:a8:8a:09:af:86:19:5e:
ef:2f:5c:c2:73:54:88:0a:5b:b4:64:a8:52:fa:ae:
db:86:aa:35:af:54:4d:7a:0a:82:c1:36:20:07:fc:
cb:73:e1:c3:3d:6f:81:a7:a3:ae:5f:2f:3c:de:d0:
02:25:6e:a5:29:e5:4a:2a:d7:9a:51:22:77:d4:87:
18:3f:1a:25:fb:23:1c:8c:68:f8:70:57:03:9f:4f:
a3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F8:EA:AE:02:CF:CF:2D:2D:19:BA:BA:DE:C0:1C:96:FA:63:ED:DF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/mvjqrgLPzy0tGbq63sAclvpj7d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:94:ed:2e:1a:6f:d5:95:1c:f2:9b:3f:e7:ef:70:d3:f3:15:
8d:e9:85:bd:36:24:cd:c1:24:0a:7d:11:bb:b6:ef:a5:44:bf:
02:b2:cd:b7:4e:87:aa:a3:5d:01:ec:10:2f:cd:a3:ad:32:4e:
9a:26:ab:9a:ba:4a:83:be:b0:bb:b6:24:cc:6f:6f:bf:8e:bd:
f6:73:72:8b:85:72:dc:d7:22:ac:d4:3b:92:d5:10:f8:0f:f8:
36:6e:9f:3d:54:de:39:53:f2:6b:c9:d0:b9:7f:c8:41:ac:68:
e2:88:c0:ef:34:bc:73:6a:e7:0b:70:85:1c:b9:d9:12:89:24:
92:ea:d3:5c:fe:7a:19:66:fb:74:d2:02:7c:a1:63:b7:83:ea:
14:31:58:56:a5:4d:ea:c3:ce:5a:b6:71:15:04:ee:e2:a9:77:
14:a7:2e:fe:d9:fc:0d:5f:74:53:ad:c8:42:06:d6:a4:cd:80:
55:a3:fc:08:0b:5c:f6:9d:f0:62:16:ca:90:d1:bb:22:b1:64:
ce:e9:72:ec:c0:16:27:87:ea:a2:3c:58:57:3e:b8:c2:08:1c:
2c:41:54:b9:00:db:49:dd:83:7e:56:f4:01:ed:1e:bc:77:a2:
bb:f6:61:25:4a:07:cb:3f:fb:f5:b0:b9:c3:7e:21:f3:88:96:
e2:03:09:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYb1tj/612fUje/dd5WJhwKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE4MTcxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWY4ZWFhZTAyY2ZjZjJkMmQxOWJhYmFkZWMwMWM5NmZhNjNlZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQBKSIiVkzIQO7Vu3HBxpXbzkdDi
gAkDkxBmci2SDDmCKklAv2aktL9oYx3/UT7HYHt50YklgkAvAaux8M289b59v3Bz
nmVX2GwNYA+PhCmIVT6oQArEurMulWg0wW1+w36gDN9w3yDObMyaXRJ/j8NdTGSq
F+Wx6EFiJy5X3i/PhLX9iYfSlIzgNDlqRud5sx0RzDtcuxdl4p5qCvF9fdvw/pNo
U5Hp8CAGiaiKCa+GGV7vL1zCc1SIClu0ZKhS+q7bhqo1r1RNegqCwTYgB/zLc+HD
PW+Bp6OuXy883tACJW6lKeVKKteaUSJ31IcYPxol+yMcjGj4cFcDn0+jfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJr46q4Cz88tLRm6ut7AHJb6Y+3fMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbXZqcXJnTFB6eTB0R2JxNjNzQWNsdnBqN2Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJeU7S4ab9WVHPKbP+fv
cNPzFY3phb02JM3BJAp9Ebu276VEvwKyzbdOh6qjXQHsEC/No60yTpomq5q6SoO+
sLu2JMxvb7+OvfZzcouFctzXIqzUO5LVEPgP+DZunz1U3jlT8mvJ0Ll/yEGsaOKI
wO80vHNq5wtwhRy52RKJJJLq01z+ehlm+3TSAnyhY7eD6hQxWFalTerDzlq2cRUE
7uKpdxSnLv7Z/A1fdFOtyEIG1qTNgFWj/AgLXPad8GIWypDRuyKxZM7pcuzAFieH
6qI8WFc+uMIIHCxBVLkA20ndg35W9AHtHrx3orv2YSVKB8s/+/WwucN+IfOIluID
CUc=
-----END CERTIFICATE-----
Generated at Wed Jun 11 00:23:43 2025 by rpki-client