Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mAvgRB_Cghzp1-Aglya8oUWhTRw.roa
File: mAvgRB_Cghzp1-Aglya8oUWhTRw.roa (raw, json)
Hash identifier: 6kvT825RKgLuDaqrju7YY1onInlcJAVtblTWfa9CAXc=
Subject key identifier: 98:0B:E0:44:1F:C2:82:1C:E9:D7:E0:20:97:26:BC:A1:45:A1:4D:1C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C0BFD844C79E28C0DDA31BD682438D74D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mAvgRB_Cghzp1-Aglya8oUWhTRw.roa
Signing time: Sun 26 Nov 2023 14:16:52 +0000
ROA not before: Sun 26 Nov 2023 14:16:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0b:fd:84:4c:79:e2:8c:0d:da:31:bd:68:24:38:d7:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 26 14:16:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=980be0441fc2821ce9d7e0209726bca145a14d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:df:07:b2:09:a7:6e:cb:e8:7c:c8:6d:0b:25:
46:6d:b3:64:d9:48:70:5c:cd:15:28:3e:83:e0:dd:
75:40:39:21:09:62:a5:3e:47:5c:f4:f3:88:ac:c0:
a0:fb:96:60:ff:26:b9:f4:d3:2b:29:bb:18:33:24:
6c:91:a9:25:19:88:10:c7:3f:76:f1:41:09:db:e6:
59:b5:c0:b9:3b:23:8d:5e:7b:92:3c:fb:73:12:75:
eb:d2:e8:bf:e4:aa:b0:74:fb:e3:6f:67:0a:fa:57:
31:64:7e:6e:be:f4:05:c2:4a:f5:44:2b:98:24:41:
0d:55:87:29:58:13:21:0e:4c:77:c1:28:dc:6e:0e:
3d:27:96:6b:fd:c9:4e:a6:de:a8:1a:f0:76:7f:93:
22:08:68:1f:16:71:8f:31:8a:f1:6d:0c:cf:e8:f2:
d3:37:c0:57:b6:2d:8b:41:b8:58:34:12:7b:56:84:
ae:64:58:a3:ab:b1:7e:e1:7b:86:9b:8e:b9:b8:28:
3c:21:b5:ad:da:94:d0:2f:a5:98:c6:51:7f:1b:18:
46:51:a0:3d:89:fd:db:c6:c6:56:a2:af:8c:59:8f:
c6:78:c5:91:70:42:1e:fc:cf:37:d2:15:df:9d:7d:
c8:b7:29:f7:d4:8a:e6:d4:a9:ba:ac:44:ad:34:57:
50:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0B:E0:44:1F:C2:82:1C:E9:D7:E0:20:97:26:BC:A1:45:A1:4D:1C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mAvgRB_Cghzp1-Aglya8oUWhTRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1f:89:0a:d3:4b:a6:30:8a:83:cb:8d:27:ba:2e:ef:46:a5:57:
77:c5:9b:f0:2f:1c:4a:69:be:2b:75:ec:c3:f2:28:44:7b:43:
f1:46:4d:63:9e:42:fe:ea:d4:f6:b2:c6:c2:74:9f:c1:82:f6:
e6:2b:80:78:e8:7e:6b:2a:89:80:0f:1c:f5:ab:70:4d:30:9f:
7d:b6:bf:74:f8:e0:95:76:08:28:44:d6:5d:23:13:e0:be:31:
14:de:fb:a8:da:c0:b7:41:ab:a9:10:54:d5:5f:ba:8a:9e:70:
fc:37:0c:8b:25:b2:a1:98:1b:2e:f7:bb:e2:1d:6f:6d:a7:5d:
f1:64:0c:65:8b:e1:2d:f7:be:86:3b:1e:b3:f6:40:10:e7:e0:
b0:ea:89:c7:d9:39:87:13:73:81:25:88:e8:49:b1:cc:26:6f:
5b:78:62:b2:3d:c4:11:2b:94:d6:59:f8:a8:e3:92:91:81:0d:
22:20:27:3b:a6:5a:87:cd:f7:2e:a9:20:c3:ab:4d:00:4b:21:
0c:0c:24:88:0e:94:d8:83:eb:aa:1d:8c:fb:99:21:e4:00:d8:
74:1d:f1:67:25:83:bc:8d:d8:70:20:fb:1c:73:4e:4b:cb:86:
03:0d:e4:db:6d:66:aa:76:54:37:ee:75:73:84:04:e7:a2:85:
06:7d:49:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwL/YRMeeKMDdoxvWgkONdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI2MTQxNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODBiZTA0NDFmYzI4MjFjZTlkN2UwMjA5NzI2YmNhMTQ1YTE0ZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnd8HsgmnbsvofMhtCyVGbbNk2Uhw
XM0VKD6D4N11QDkhCWKlPkdc9POIrMCg+5Zg/ya59NMrKbsYMyRskaklGYgQxz92
8UEJ2+ZZtcC5OyONXnuSPPtzEnXr0ui/5KqwdPvjb2cK+lcxZH5uvvQFwkr1RCuY
JEENVYcpWBMhDkx3wSjcbg49J5Zr/clOpt6oGvB2f5MiCGgfFnGPMYrxbQzP6PLT
N8BXti2LQbhYNBJ7VoSuZFijq7F+4XuGm465uCg8IbWt2pTQL6WYxlF/GxhGUaA9
if3bxsZWoq+MWY/GeMWRcEIe/M830hXfnX3Ityn31Irm1Km6rEStNFdQiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJgL4EQfwoIc6dfgIJcmvKFFoU0cMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbUF2Z1JCX0NnaHpwMS1BZ2x5YThvVVdoVFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB+JCtNLpjCKg8uNJ7ou
70alV3fFm/AvHEppvit17MPyKER7Q/FGTWOeQv7q1PayxsJ0n8GC9uYrgHjofmsq
iYAPHPWrcE0wn322v3T44JV2CChE1l0jE+C+MRTe+6jawLdBq6kQVNVfuoqecPw3
DIslsqGYGy73u+Idb22nXfFkDGWL4S33voY7HrP2QBDn4LDqicfZOYcTc4EliOhJ
scwmb1t4YrI9xBErlNZZ+KjjkpGBDSIgJzumWofN9y6pIMOrTQBLIQwMJIgOlNiD
66odjPuZIeQA2HQd8Wclg7yN2HAg+xxzTkvLhgMN5NttZqp2VDfudXOEBOeihQZ9
SQM=
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:02:44 2025 by rpki-client