Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MZVphm8MINEaSNIiIUdle5kvmAA.roa
File: MZVphm8MINEaSNIiIUdle5kvmAA.roa (raw, json)
Hash identifier: 78h2e9oQIEpPprvv9wxsRTjDxHwU/sVO8w1o52bm/Yk=
Subject key identifier: 31:95:69:86:6F:0C:20:D1:1A:48:D2:22:21:47:65:7B:99:2F:98:00
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BFC7EF904E8DAA0489C5E93D6A111D247
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MZVphm8MINEaSNIiIUdle5kvmAA.roa
Signing time: Thu 23 Nov 2023 14:04:21 +0000
ROA not before: Thu 23 Nov 2023 14:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:fc7e:ad3a/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:7e:f9:04:e8:da:a0:48:9c:5e:93:d6:a1:11:d2:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 23 14:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=319569866f0c20d11a48d2222147657b992f9800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fb:fb:3c:7f:8e:51:9c:b9:c6:0c:21:fa:26:
fc:b6:ea:2e:6a:95:31:e4:57:ed:0e:6a:84:1b:09:
dc:1c:43:fb:66:f2:6f:fc:32:c9:2d:5c:8d:36:b5:
47:22:c9:36:33:b9:cc:c3:16:5d:7b:05:32:f4:d0:
eb:4e:e9:23:07:8b:e3:4d:0c:7e:f4:56:6e:ba:ac:
ee:1b:a2:d3:c0:cc:21:61:26:98:bc:10:ad:59:c9:
86:70:20:b0:49:e5:00:99:52:b3:2b:0d:78:8f:8e:
29:3d:bd:32:58:4c:c0:7d:65:f9:8f:a5:0f:a4:16:
03:bb:8f:92:84:0e:1c:81:d8:20:b6:cf:64:9c:0b:
58:2f:09:a2:43:4e:99:ea:04:2b:e7:63:e6:41:e8:
7d:47:e6:e4:ec:81:07:b0:b8:16:3c:e1:81:76:e2:
ec:97:d4:69:ec:d8:6f:77:f1:dc:c9:02:12:2f:a1:
ea:f2:1b:9c:33:ea:4f:dc:e9:1c:2a:75:45:52:0b:
c5:03:da:48:f4:da:48:78:cc:94:0d:84:fc:15:8d:
00:6b:fe:3a:58:8c:d8:67:06:49:b7:84:84:7f:fa:
f2:b3:83:3f:e4:cd:45:33:34:0e:51:0d:b2:19:59:
97:93:dd:28:63:86:c8:2d:f0:74:56:cb:9a:89:d5:
78:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:95:69:86:6F:0C:20:D1:1A:48:D2:22:21:47:65:7B:99:2F:98:00
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MZVphm8MINEaSNIiIUdle5kvmAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:91:72:c8:12:60:03:82:30:bb:3c:ef:71:36:4d:04:bd:5b:
c9:ca:5a:43:9b:11:cb:d1:e7:21:ae:a6:7c:84:78:12:da:e8:
88:72:37:5b:7a:71:92:fb:73:57:fb:a3:1d:bd:db:e9:72:c9:
5e:2d:d0:e4:d1:38:af:4b:d4:49:0f:0f:5d:ba:b4:2c:ed:f6:
2f:07:d8:ad:b9:46:32:5f:62:e0:09:90:13:b8:dd:11:ea:d7:
9f:70:a8:1e:40:04:42:7b:d8:c9:ac:55:00:bc:32:9a:b4:d8:
7f:1d:2f:9b:bb:df:07:03:8a:34:5b:7c:5b:c8:53:90:18:52:
fc:2c:ab:e2:2d:b5:e2:c8:b1:21:00:a6:89:54:d6:42:71:2d:
fc:99:d7:f8:d5:d2:b8:d3:50:3f:51:13:2e:08:ad:db:a7:61:
26:7d:22:66:9d:ba:79:aa:16:ec:23:18:24:4a:ae:0d:62:14:
79:ca:83:c6:00:d0:6a:f6:c6:26:88:fb:88:81:75:54:8b:fa:
a8:0a:5a:12:de:67:97:ce:85:83:25:95:b7:17:b9:c1:55:65:
1e:44:8f:e4:89:8f:a0:9c:19:76:c3:1b:16:54:62:9b:16:f8:
0d:e3:bf:9f:71:70:d2:ba:c4:57:5a:04:8a:6e:1f:a3:64:18:
70:07:fe:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv8fvkE6NqgSJxek9ahEdJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIzMTQwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTk1Njk4NjZmMGMyMGQxMWE0OGQyMjIyMTQ3NjU3Yjk5MmY5ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvv7PH+OUZy5xgwh+ib8tuouapUx
5FftDmqEGwncHEP7ZvJv/DLJLVyNNrVHIsk2M7nMwxZdewUy9NDrTukjB4vjTQx+
9FZuuqzuG6LTwMwhYSaYvBCtWcmGcCCwSeUAmVKzKw14j44pPb0yWEzAfWX5j6UP
pBYDu4+ShA4cgdggts9knAtYLwmiQ06Z6gQr52PmQeh9R+bk7IEHsLgWPOGBduLs
l9Rp7Nhvd/HcyQISL6Hq8hucM+pP3OkcKnVFUgvFA9pI9NpIeMyUDYT8FY0Aa/46
WIzYZwZJt4SEf/rys4M/5M1FMzQOUQ2yGVmXk90oY4bILfB0VsuaidV4zwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDGVaYZvDCDRGkjSIiFHZXuZL5gAMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTVpWcGhtOE1JTkVhU05JaUlVZGxlNWt2bUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKuRcsgSYAOCMLs873E2
TQS9W8nKWkObEcvR5yGupnyEeBLa6IhyN1t6cZL7c1f7ox292+lyyV4t0OTROK9L
1EkPD126tCzt9i8H2K25RjJfYuAJkBO43RHq159wqB5ABEJ72MmsVQC8Mpq02H8d
L5u73wcDijRbfFvIU5AYUvwsq+ItteLIsSEApolU1kJxLfyZ1/jV0rjTUD9REy4I
rdunYSZ9ImadunmqFuwjGCRKrg1iFHnKg8YA0Gr2xiaI+4iBdVSL+qgKWhLeZ5fO
hYMllbcXucFVZR5Ej+SJj6CcGXbDGxZUYpsW+A3jv59xcNK6xFdaBIpuH6NkGHAH
/jU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:54:57 2025 by rpki-client