Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mJwouD0nJXOqbf0Gfgfwm5eogXw.roa
File: mJwouD0nJXOqbf0Gfgfwm5eogXw.roa (raw, json)
Hash identifier: eySuDquy0Yky9SJTfufLKB5Qe0H5AsqT//eSc3XTUC8=
Subject key identifier: 98:9C:28:B8:3D:27:25:73:AA:6D:FD:06:7E:07:F0:9B:97:A8:81:7C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADC58C59994FABD39DACF718020EFEC9A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mJwouD0nJXOqbf0Gfgfwm5eogXw.roa
Signing time: Thu 28 Sep 2023 15:11:59 +0000
ROA not before: Thu 28 Sep 2023 15:11:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dc:58:c5:99:94:fa:bd:39:da:cf:71:80:20:ef:ec:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 28 15:11:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=989c28b83d272573aa6dfd067e07f09b97a8817c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8d:02:ae:f7:2a:0a:14:51:a7:e4:5b:7e:a6:
dd:41:3f:96:26:3b:83:ad:d8:6a:b1:3a:a6:41:26:
15:ae:99:86:ae:d5:08:2c:bf:53:80:05:e3:12:50:
5b:46:bc:ac:ac:29:91:e3:cd:0e:8d:b0:e2:1d:93:
07:a2:42:c3:f4:9c:05:74:41:55:52:dc:76:35:7b:
66:0c:13:d7:50:56:b0:8d:63:f5:91:99:05:c8:b1:
a9:75:c0:e7:cf:24:5d:d5:b6:64:a8:63:4f:6f:fe:
4b:04:9e:53:02:f4:39:3b:e1:0e:ca:df:57:eb:08:
ec:db:59:af:4c:05:3a:12:e6:e3:09:9c:bb:25:f0:
eb:71:a2:be:f0:85:aa:ed:09:c5:00:2a:42:bd:7e:
98:11:ac:8b:e3:c3:91:cd:e5:dd:61:7f:14:1b:18:
5c:de:b3:dc:91:27:34:12:14:8a:72:05:de:cc:b8:
00:90:67:f2:7f:76:2f:c9:3c:78:3e:4f:df:7f:d8:
21:9c:65:4e:3c:5e:e1:c3:6f:7f:93:95:2c:de:ad:
0e:6a:15:ab:75:b9:0f:14:e1:04:88:53:41:76:14:
90:20:10:ee:dc:a0:c1:4f:c6:54:09:3a:7a:63:d0:
bd:6b:dd:96:35:33:ec:6b:5b:cc:e4:26:c6:25:27:
95:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:9C:28:B8:3D:27:25:73:AA:6D:FD:06:7E:07:F0:9B:97:A8:81:7C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mJwouD0nJXOqbf0Gfgfwm5eogXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:56:2e:1a:ef:86:cd:44:b8:ed:2a:9d:76:84:82:7d:82:9d:
a8:c7:7f:ff:b2:98:37:64:87:5b:c0:a8:4f:13:19:dc:4d:b0:
bf:f1:7a:39:f0:51:9f:8f:3e:62:7e:ad:9e:d4:70:66:76:da:
1c:c2:62:67:f7:5a:64:58:cf:f2:d7:58:98:2b:b8:7e:e0:81:
c3:e8:6c:77:b5:08:d0:c9:7b:ce:73:b1:4f:e0:b6:0d:b1:64:
b6:76:c4:4e:ff:63:80:3a:8e:c9:71:eb:0d:9c:80:2e:3f:4d:
42:c8:34:af:15:42:3f:b3:b1:94:2d:bd:0d:76:75:56:f9:b6:
73:e0:76:93:e2:0b:bb:7e:7b:eb:b7:b0:1f:f5:ce:d4:fd:73:
3f:14:fc:70:53:68:3e:9e:7f:10:db:f6:e3:96:58:a7:02:82:
43:e4:86:99:31:52:4f:4a:09:d9:30:45:5b:3b:88:32:e7:76:
ef:e3:bc:00:3c:96:c4:f2:07:66:87:d7:65:6d:a7:33:13:97:
c4:7a:a5:01:fd:22:d7:6a:4d:b7:77:2a:ed:82:9e:4d:e0:83:
bb:da:76:46:ae:34:5e:39:01:f7:03:f6:16:bc:1e:d8:4a:a2:
47:f4:4e:7b:b0:a8:56:dc:b9:16:f9:4a:54:a7:4e:0d:97:64:
c3:34:45:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrcWMWZlPq9OdrPcYAg7+yaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI4MTUxMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODljMjhiODNkMjcyNTczYWE2ZGZkMDY3ZTA3ZjA5Yjk3YTg4MTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq40CrvcqChRRp+RbfqbdQT+WJjuD
rdhqsTqmQSYVrpmGrtUILL9TgAXjElBbRrysrCmR480OjbDiHZMHokLD9JwFdEFV
Utx2NXtmDBPXUFawjWP1kZkFyLGpdcDnzyRd1bZkqGNPb/5LBJ5TAvQ5O+EOyt9X
6wjs21mvTAU6EubjCZy7JfDrcaK+8IWq7QnFACpCvX6YEayL48ORzeXdYX8UGxhc
3rPckSc0EhSKcgXezLgAkGfyf3YvyTx4Pk/ff9ghnGVOPF7hw29/k5Us3q0OahWr
dbkPFOEEiFNBdhSQIBDu3KDBT8ZUCTp6Y9C9a92WNTPsa1vM5CbGJSeViQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJicKLg9JyVzqm39Bn4H8JuXqIF8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbUp3b3VEMG5KWE9xYmYwR2ZnZndtNWVvZ1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF5WLhrvhs1EuO0qnXaE
gn2CnajHf/+ymDdkh1vAqE8TGdxNsL/xejnwUZ+PPmJ+rZ7UcGZ22hzCYmf3WmRY
z/LXWJgruH7ggcPobHe1CNDJe85zsU/gtg2xZLZ2xE7/Y4A6jslx6w2cgC4/TULI
NK8VQj+zsZQtvQ12dVb5tnPgdpPiC7t+e+u3sB/1ztT9cz8U/HBTaD6efxDb9uOW
WKcCgkPkhpkxUk9KCdkwRVs7iDLndu/jvAA8lsTyB2aH12VtpzMTl8R6pQH9Itdq
Tbd3Ku2Cnk3gg7vadkauNF45AfcD9ha8HthKokf0TnuwqFbcuRb5SlSnTg2XZMM0
Rcg=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:56:51 2025 by rpki-client