Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/m--MZaGfMsJVaDEYwyInasIDW44.roa
File: m--MZaGfMsJVaDEYwyInasIDW44.roa (raw, json)
Hash identifier: X0M2kuErOx/lIKGQkTvDa31tbL8ofH80l33O6L3pi1w=
Subject key identifier: 9B:EF:8C:65:A1:9F:32:C2:55:68:31:18:C3:22:27:6A:C2:03:5B:8E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB4DFC0A65758175F7A94D0FA1EA804E0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/m--MZaGfMsJVaDEYwyInasIDW44.roa
Signing time: Wed 20 Sep 2023 23:14:37 +0000
ROA not before: Wed 20 Sep 2023 23:14:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b4:df:c0:a6:57:58:17:5f:7a:94:d0:fa:1e:a8:04:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 20 23:14:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bef8c65a19f32c255683118c322276ac2035b8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6e:be:55:2c:63:2c:eb:8e:a2:88:20:23:14:
84:95:44:a5:3c:46:9d:c5:16:84:f1:a5:5e:8f:ac:
71:85:9b:d7:38:e3:83:6f:9b:db:ca:ac:9a:dd:d0:
8d:36:be:ac:29:7d:d6:68:7e:2a:bd:80:5e:18:74:
98:90:7e:ac:9d:ce:fc:ad:7b:38:fb:63:05:30:d4:
18:0d:19:9d:a0:e3:9b:72:62:f0:3f:84:e8:a2:40:
f1:c9:f8:92:b6:27:f6:3c:a4:72:41:64:ca:48:44:
ce:18:e6:50:cb:79:a6:c3:15:ff:e5:8d:af:03:d4:
8e:2d:38:5c:e9:15:e7:a4:22:48:b4:a9:77:2a:51:
66:1d:5e:62:89:fc:06:70:23:c5:6e:d0:38:2e:a5:
9f:b6:e9:16:ba:a5:fd:7f:f2:5a:f9:cd:0b:69:86:
e4:d3:d3:99:b9:a3:97:ce:13:b5:e9:6e:00:bd:fd:
a0:de:ec:65:11:a5:37:d3:93:bc:8c:aa:fd:a8:0f:
57:05:24:d2:d1:1e:7f:9e:40:32:50:b1:4b:50:07:
4a:55:9b:e6:16:50:a7:84:e4:d1:a4:a9:59:6b:dd:
59:a0:52:86:52:b2:55:e1:c7:3d:ce:6c:d6:0a:48:
f4:4a:ef:a8:5d:c1:05:3e:04:3f:d5:d7:ff:f8:03:
35:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:EF:8C:65:A1:9F:32:C2:55:68:31:18:C3:22:27:6A:C2:03:5B:8E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/m--MZaGfMsJVaDEYwyInasIDW44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:f1:3a:71:fb:ff:11:b3:ef:12:86:ca:27:02:14:10:ba:fc:
95:17:47:5a:c0:bf:e2:e0:6e:b8:dd:43:de:45:c9:4c:41:65:
72:06:7c:5f:ca:03:67:21:85:3f:df:e2:6b:df:54:d4:87:77:
6b:06:c2:2e:66:5b:c5:45:f9:5d:fc:e1:d1:df:af:c0:3a:41:
71:74:dc:96:30:55:92:ea:cf:51:2e:be:c1:a3:d5:ad:08:7b:
e7:c6:0d:4f:bb:05:21:94:9b:73:0b:aa:5f:ec:64:85:c5:b4:
4e:fe:28:30:9d:0a:9c:1a:e6:36:4e:78:4c:d0:34:60:b9:6f:
8d:bd:1c:d1:bf:c5:c3:a6:63:18:fe:0d:9c:6e:35:06:4d:e4:
aa:f9:db:98:b5:35:7f:75:be:b1:84:5b:24:cd:61:fb:5c:78:
51:c6:63:eb:b1:44:6f:6a:c3:cb:32:5b:45:18:12:89:a2:6a:
c6:b2:ce:49:8c:e8:24:f3:24:61:58:d9:a2:3e:72:bb:e7:a6:
0a:2c:45:62:b5:8f:0f:67:82:56:03:a6:9d:bc:a8:a7:0e:0f:
83:2e:e7:20:29:13:ac:a4:b5:12:39:e9:c5:27:fc:f0:ff:84:
07:20:b3:f3:50:07:d0:fd:1d:92:8a:3f:b5:5d:ff:fa:9e:fe:
90:52:71:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq038CmV1gXX3qU0PoeqATgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIwMjMxNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmVmOGM2NWExOWYzMmMyNTU2ODMxMThjMzIyMjc2YWMyMDM1YjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlG6+VSxjLOuOooggIxSElUSlPEad
xRaE8aVej6xxhZvXOOODb5vbyqya3dCNNr6sKX3WaH4qvYBeGHSYkH6snc78rXs4
+2MFMNQYDRmdoOObcmLwP4TookDxyfiStif2PKRyQWTKSETOGOZQy3mmwxX/5Y2v
A9SOLThc6RXnpCJItKl3KlFmHV5iifwGcCPFbtA4LqWftukWuqX9f/Ja+c0LaYbk
09OZuaOXzhO16W4Avf2g3uxlEaU305O8jKr9qA9XBSTS0R5/nkAyULFLUAdKVZvm
FlCnhOTRpKlZa91ZoFKGUrJV4cc9zmzWCkj0Su+oXcEFPgQ/1df/+AM1rQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJvvjGWhnzLCVWgxGMMiJ2rCA1uOMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbS0tTVphR2ZNc0pWYURFWXd5SW5hc0lEVzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAzxOnH7/xGz7xKGyicC
FBC6/JUXR1rAv+LgbrjdQ95FyUxBZXIGfF/KA2chhT/f4mvfVNSHd2sGwi5mW8VF
+V384dHfr8A6QXF03JYwVZLqz1EuvsGj1a0Ie+fGDU+7BSGUm3MLql/sZIXFtE7+
KDCdCpwa5jZOeEzQNGC5b429HNG/xcOmYxj+DZxuNQZN5Kr525i1NX91vrGEWyTN
YftceFHGY+uxRG9qw8syW0UYEomiasayzkmM6CTzJGFY2aI+crvnpgosRWK1jw9n
glYDpp28qKcOD4Mu5yApE6yktRI56cUn/PD/hAcgs/NQB9D9HZKKP7Vd//qe/pBS
cQA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:42:21 2025 by rpki-client