Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MrKZg5mNvJzCJzQzGYeflkKW4sk.roa
File: MrKZg5mNvJzCJzQzGYeflkKW4sk.roa (raw, json)
Hash identifier: xd3IqeuAC53oKaTO40W30KlkIVkJy5m3ty4cV8J+Wxg=
Subject key identifier: 32:B2:99:83:99:8D:BC:9C:C2:27:34:33:19:87:9F:96:42:96:E2:C9
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1ACC9002D5FD93D0FFCCFE9E003E3AD0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MrKZg5mNvJzCJzQzGYeflkKW4sk.roa
Signing time: Tue 10 Oct 2023 18:14:55 +0000
ROA not before: Tue 10 Oct 2023 18:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1a:cc:90:02:d5:fd:93:d0:ff:cc:fe:9e:00:3e:3a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 10 18:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32b29983998dbc9cc227343319879f964296e2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:de:0a:29:ef:34:8c:49:bc:3d:8c:57:ed:23:
0d:35:80:dc:23:cd:58:d5:f6:73:dd:1f:4f:07:d5:
82:2c:a4:fc:4d:b1:88:ee:df:f5:0c:ba:a2:be:b3:
0d:89:50:32:e0:20:27:07:9a:b2:c8:a5:57:21:d5:
9b:7d:0d:a4:81:5c:16:a3:88:b4:f2:7f:a5:f2:4b:
a3:e6:5b:40:03:0d:67:25:20:35:a3:b5:3d:dd:e6:
14:82:be:3a:e7:06:c6:56:14:50:7d:65:30:f9:70:
30:ac:4a:0a:31:58:50:e1:62:bc:65:83:75:f4:de:
3a:1e:45:76:ab:72:13:a5:7d:73:14:34:fb:94:dc:
86:37:97:b8:be:99:af:00:81:88:42:c6:f3:13:d2:
3d:8d:e7:90:1e:65:52:fe:8b:a3:47:0b:c2:1b:1f:
cb:e7:0d:63:14:6a:71:5e:53:e7:55:b1:b7:49:96:
ab:37:c1:cf:96:67:b8:fd:58:ed:1b:83:9f:97:f7:
a0:1c:34:fd:c7:55:83:f8:66:61:a7:20:15:cf:4d:
ac:b5:d1:be:fb:e7:18:56:a8:13:5c:2f:34:a2:51:
20:b4:d5:b1:16:a9:cf:f7:e4:52:b9:bc:1f:21:5d:
21:8b:a0:06:0e:b6:63:c5:0e:b4:52:52:bb:71:b1:
f7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B2:99:83:99:8D:BC:9C:C2:27:34:33:19:87:9F:96:42:96:E2:C9
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MrKZg5mNvJzCJzQzGYeflkKW4sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:9d:b6:53:3c:bc:c9:4c:f8:05:5b:cd:75:10:27:aa:8f:a3:
8d:ba:a1:b4:fa:97:b1:27:07:9f:6c:f5:f1:c5:03:1a:be:6b:
bd:d5:ec:db:11:0b:9f:33:5e:f5:21:ba:13:e9:17:c7:a7:b1:
e1:22:e7:b5:d7:8a:e6:e5:95:1c:8d:fd:a6:97:ca:7a:36:1a:
f2:42:ca:f9:56:bf:4f:0e:09:b2:d1:5f:03:b9:bc:b9:c4:58:
34:08:38:78:b5:70:f3:16:e4:a5:0e:8b:12:e4:f4:99:4a:71:
9d:cd:ac:53:24:5b:b2:a3:8d:a9:94:82:5c:b5:ca:88:dc:0b:
cf:19:80:ea:81:2e:7f:f3:8d:e9:a8:82:9c:37:08:de:99:77:
9a:06:23:88:ce:e7:4e:95:27:fa:24:27:0e:8d:ab:2b:3a:39:
9f:b6:67:56:7b:f5:db:df:63:c9:10:6c:c8:92:07:fd:a4:9e:
2e:11:00:b1:b2:59:9f:bb:f8:cd:e3:c9:25:8c:a7:ac:2d:2c:
c4:78:d8:70:9e:2e:c0:63:ef:6c:e5:aa:ef:0a:c9:0f:5c:ab:
26:95:69:a6:32:f3:bb:29:0d:70:63:4a:2f:07:1e:03:e3:8e:
be:ef:88:02:a9:52:38:e4:74:c0:ca:07:e5:19:af:41:9a:1d:
d9:8a:b1:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsazJAC1f2T0P/M/p4APjrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEwMTgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmIyOTk4Mzk5OGRiYzljYzIyNzM0MzMxOTg3OWY5NjQyOTZlMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApN4KKe80jEm8PYxX7SMNNYDcI81Y
1fZz3R9PB9WCLKT8TbGI7t/1DLqivrMNiVAy4CAnB5qyyKVXIdWbfQ2kgVwWo4i0
8n+l8kuj5ltAAw1nJSA1o7U93eYUgr465wbGVhRQfWUw+XAwrEoKMVhQ4WK8ZYN1
9N46HkV2q3ITpX1zFDT7lNyGN5e4vpmvAIGIQsbzE9I9jeeQHmVS/oujRwvCGx/L
5w1jFGpxXlPnVbG3SZarN8HPlme4/VjtG4Ofl/egHDT9x1WD+GZhpyAVz02stdG+
++cYVqgTXC80olEgtNWxFqnP9+RSubwfIV0hi6AGDrZjxQ60UlK7cbH37QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDKymYOZjbycwic0MxmHn5ZCluLJMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTXJLWmc1bU52SnpDSnpRekdZZWZsa0tXNHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAWdtlM8vMlM+AVbzXUQ
J6qPo426obT6l7EnB59s9fHFAxq+a73V7NsRC58zXvUhuhPpF8enseEi57XXiubl
lRyN/aaXyno2GvJCyvlWv08OCbLRXwO5vLnEWDQIOHi1cPMW5KUOixLk9JlKcZ3N
rFMkW7KjjamUgly1yojcC88ZgOqBLn/zjemogpw3CN6Zd5oGI4jO506VJ/okJw6N
qys6OZ+2Z1Z79dvfY8kQbMiSB/2kni4RALGyWZ+7+M3jySWMp6wtLMR42HCeLsBj
72zlqu8KyQ9cqyaVaaYy87spDXBjSi8HHgPjjr7viAKpUjjkdMDKB+UZr0GaHdmK
sUc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 14:25:18 2025 by rpki-client