Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MFBm5_EhpVAMx6QjQTS1PZq9z8w.roa
File: MFBm5_EhpVAMx6QjQTS1PZq9z8w.roa (raw, json)
Hash identifier: Df/oYNrqAHKkW4+1IYW0lQcjm2/T+TiWoGWn1J8xHIU=
Subject key identifier: 30:50:66:E7:F1:21:A5:50:0C:C7:A4:23:41:34:B5:3D:9A:BD:CF:CC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C69892B099683797A6F9EE3D180CCEE90
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MFBm5_EhpVAMx6QjQTS1PZq9z8w.roa
Signing time: Thu 14 Dec 2023 18:14:06 +0000
ROA not before: Thu 14 Dec 2023 18:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:69:89:2b:09:96:83:79:7a:6f:9e:e3:d1:80:cc:ee:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 14 18:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=305066e7f121a5500cc7a4234134b53d9abdcfcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:21:34:27:b6:19:68:dd:fe:2b:e9:21:8a:ed:
88:d4:93:72:9b:ad:88:91:c8:2a:86:d6:fd:1b:56:
c1:f7:4a:cc:47:d6:0a:df:cc:58:cb:b0:b6:87:36:
eb:84:a6:3c:e7:81:57:10:31:eb:79:79:c1:d4:09:
4a:7d:19:3d:0a:31:36:6a:7a:fa:d3:c4:2e:da:d5:
76:3c:08:37:28:67:ae:8b:20:a9:4a:e5:d3:20:ab:
8a:cc:50:d5:97:3e:10:06:11:84:7e:ea:2c:7f:e8:
3a:c0:61:d0:6f:60:58:86:60:8b:7c:74:0a:9e:c0:
99:71:cc:5b:0d:3c:c4:ee:ce:40:1a:fe:ed:0d:bc:
0a:92:ff:ae:b0:c8:e4:ee:83:cb:b8:f7:64:3e:db:
3c:70:73:e6:e6:e5:2d:a8:2f:8b:02:35:be:a7:aa:
8d:6e:a1:0c:e3:a9:a9:ee:3d:6b:ad:02:f9:c2:91:
cb:fb:ff:83:47:a5:4f:df:94:08:63:ba:30:2f:47:
54:3c:8f:d1:c8:fd:55:7d:0f:32:e0:6c:a8:1a:44:
2c:a2:17:6c:2e:92:f7:e2:dd:2b:42:91:92:59:94:
c0:59:28:cc:e2:85:8c:79:07:a3:56:10:d2:87:d4:
5a:8c:dd:83:c1:5c:d9:a7:70:ec:61:4e:51:ca:d9:
0d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:50:66:E7:F1:21:A5:50:0C:C7:A4:23:41:34:B5:3D:9A:BD:CF:CC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MFBm5_EhpVAMx6QjQTS1PZq9z8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:47:ef:ea:65:f6:d4:eb:60:7c:6a:b9:8d:80:96:34:3a:62:
fc:e9:17:0f:f6:91:e8:c3:28:02:1c:11:9b:e6:67:d8:1d:d8:
96:a3:9a:8f:aa:fd:d7:d2:83:2a:61:c2:4e:0a:8f:50:99:42:
d4:8a:e5:e3:d1:38:d4:3a:38:0a:da:c5:a1:c3:95:6b:03:e7:
ec:ab:39:1e:0e:03:9a:b6:0d:30:84:fb:fa:16:f2:72:b3:29:
20:af:de:1a:dd:3a:22:1a:26:30:5e:be:96:3c:43:6c:8c:70:
8f:e4:dc:c3:33:32:c9:64:c8:48:5d:ae:ef:d0:a5:8d:d4:68:
7a:2a:96:18:ae:72:a6:04:f9:1b:d9:d6:67:2f:bd:6c:e2:e0:
a8:fd:ed:9c:3f:57:0b:3f:74:d6:3c:6c:4a:75:c1:8e:da:d9:
84:14:74:54:80:99:07:b6:67:53:b2:72:51:70:a2:2a:6b:bd:
4c:16:03:ae:13:03:77:52:fc:fa:6d:cd:3b:62:47:93:72:71:
98:d0:c0:9c:d1:db:45:2d:a6:ea:9f:ae:09:80:0a:8d:ff:6d:
02:b5:31:0e:db:e8:65:bb:e6:de:0d:85:62:3c:3c:7a:aa:9f:
e2:fa:9a:4c:41:d4:bb:f4:b6:6b:59:f4:ed:df:6b:a8:19:2c:
bc:f0:2f:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxpiSsJloN5em+e49GAzO6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE0MTgxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDUwNjZlN2YxMjFhNTUwMGNjN2E0MjM0MTM0YjUzZDlhYmRjZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCE0J7YZaN3+K+khiu2I1JNym62I
kcgqhtb9G1bB90rMR9YK38xYy7C2hzbrhKY854FXEDHreXnB1AlKfRk9CjE2anr6
08Qu2tV2PAg3KGeuiyCpSuXTIKuKzFDVlz4QBhGEfuosf+g6wGHQb2BYhmCLfHQK
nsCZccxbDTzE7s5AGv7tDbwKkv+usMjk7oPLuPdkPts8cHPm5uUtqC+LAjW+p6qN
bqEM46mp7j1rrQL5wpHL+/+DR6VP35QIY7owL0dUPI/RyP1VfQ8y4GyoGkQsohds
LpL34t0rQpGSWZTAWSjM4oWMeQejVhDSh9RajN2DwVzZp3DsYU5RytkNewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDBQZufxIaVQDMekI0E0tT2avc/MMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTUZCbTVfRWhwVkFNeDZRalFUUzFQWnE5ejh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI5H7+pl9tTrYHxquY2A
ljQ6YvzpFw/2kejDKAIcEZvmZ9gd2Jajmo+q/dfSgyphwk4Kj1CZQtSK5ePRONQ6
OAraxaHDlWsD5+yrOR4OA5q2DTCE+/oW8nKzKSCv3hrdOiIaJjBevpY8Q2yMcI/k
3MMzMslkyEhdru/QpY3UaHoqlhiucqYE+RvZ1mcvvWzi4Kj97Zw/Vws/dNY8bEp1
wY7a2YQUdFSAmQe2Z1OyclFwoiprvUwWA64TA3dS/PptzTtiR5NycZjQwJzR20Ut
puqfrgmACo3/bQK1MQ7b6GW75t4NhWI8PHqqn+L6mkxB1Lv0tmtZ9O3fa6gZLLzw
L64=
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:22:23 2025 by rpki-client