Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mboaI-xvwlegxCFvs5rKPdjJeuM.roa
File: mboaI-xvwlegxCFvs5rKPdjJeuM.roa (raw, json)
Hash identifier: Rpz2j1cQ4I2UyaQSCtnDNukSXsa5iaLR9dsr2v4qG+w=
Subject key identifier: 99:BA:1A:23:EC:6F:C2:57:A0:C4:21:6F:B3:9A:CA:3D:D8:C9:7A:E3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC6E34353C6AB18D599C3027824BA8374
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mboaI-xvwlegxCFvs5rKPdjJeuM.roa
Signing time: Sun 24 Sep 2023 11:11:37 +0000
ROA not before: Sun 24 Sep 2023 11:11:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c6:e3:43:53:c6:ab:18:d5:99:c3:02:78:24:ba:83:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 24 11:11:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99ba1a23ec6fc257a0c4216fb39aca3dd8c97ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ad:93:47:38:be:70:a5:5f:4b:8d:77:4b:85:
02:fc:d8:93:81:86:45:77:43:23:b1:24:62:2f:35:
c3:80:dd:16:1e:d7:63:97:51:f7:26:54:11:83:67:
f6:b3:d7:74:0f:7d:37:e8:42:b1:eb:a5:ee:4f:f6:
50:a3:ce:26:88:59:bb:84:5f:54:1c:32:56:0b:fd:
62:fc:dd:59:8c:1f:c9:6b:02:0c:0b:d2:06:f2:00:
9c:13:c8:aa:03:20:24:af:28:30:8a:d9:0b:4b:00:
94:74:c5:be:a9:f5:ee:0c:f2:21:e1:b3:28:27:db:
38:92:63:46:4b:cd:32:ba:b3:0d:9a:aa:0a:88:45:
dd:1a:75:cc:cd:07:6f:3a:4c:8e:e2:1e:c0:de:f5:
6f:f6:01:e7:81:b1:7f:94:43:77:74:0a:d4:d9:eb:
eb:27:ab:62:32:db:60:1d:d2:be:2b:34:c9:c6:fc:
32:a3:fa:87:a6:f0:f4:bb:dc:6f:bf:c3:f4:b6:90:
4d:e1:bd:e3:10:d6:bd:32:ec:fa:ee:89:03:ed:e5:
4c:3f:68:80:d6:e2:6c:72:e3:93:da:ef:62:d3:a3:
63:18:2e:82:fe:70:85:45:6c:f1:fc:13:9a:71:c5:
f3:98:52:66:9d:e9:d9:88:d7:e4:c0:32:4e:91:cd:
aa:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:BA:1A:23:EC:6F:C2:57:A0:C4:21:6F:B3:9A:CA:3D:D8:C9:7A:E3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mboaI-xvwlegxCFvs5rKPdjJeuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c2:15:52:7f:0c:bd:ab:06:a8:9d:5a:f0:95:a1:a4:17:56:9c:
b1:e9:de:38:60:40:75:36:b3:fa:13:04:45:56:bf:b3:cb:8c:
2d:58:b3:99:d3:99:1c:40:48:34:0d:81:e7:87:bd:2a:18:cf:
e6:69:35:94:ac:b2:57:5b:5a:1d:56:26:f5:08:b7:9c:8f:13:
69:34:f0:a1:c6:6a:c4:21:6b:57:0c:53:de:93:27:93:2b:f6:
7e:34:d9:c4:d0:bd:ae:44:2b:18:e5:06:b5:55:0a:63:9d:c0:
9c:1a:75:eb:08:58:cb:d1:5e:a0:a2:a0:00:18:49:cf:9e:33:
ab:8b:5d:02:43:b2:37:ab:df:25:ff:52:0d:93:fe:70:53:0b:
1b:b2:72:4b:46:64:a9:79:2e:ac:ee:7c:a8:59:71:d8:3a:f9:
18:72:fa:b0:e6:7c:12:8e:1c:c1:9a:eb:6c:0e:51:94:84:a6:
03:7a:53:e9:df:41:93:94:26:a9:b0:5e:ba:95:be:6a:cc:94:
26:ae:6e:49:22:be:64:6c:3c:de:85:b5:49:89:b6:08:5b:58:
81:79:82:12:27:90:dd:b8:3e:85:8d:ad:d4:93:1c:fe:fe:45:
ac:57:7b:c4:3e:77:7f:aa:f9:fc:9f:00:ab:a9:0c:7e:73:5a:
cc:3e:ff:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrG40NTxqsY1ZnDAngkuoN0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI0MTExMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWJhMWEyM2VjNmZjMjU3YTBjNDIxNmZiMzlhY2EzZGQ4Yzk3YWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuq2TRzi+cKVfS413S4UC/NiTgYZF
d0MjsSRiLzXDgN0WHtdjl1H3JlQRg2f2s9d0D3036EKx66XuT/ZQo84miFm7hF9U
HDJWC/1i/N1ZjB/JawIMC9IG8gCcE8iqAyAkrygwitkLSwCUdMW+qfXuDPIh4bMo
J9s4kmNGS80yurMNmqoKiEXdGnXMzQdvOkyO4h7A3vVv9gHngbF/lEN3dArU2evr
J6tiMttgHdK+KzTJxvwyo/qHpvD0u9xvv8P0tpBN4b3jENa9Muz67okD7eVMP2iA
1uJscuOT2u9i06NjGC6C/nCFRWzx/BOaccXzmFJmnenZiNfkwDJOkc2qGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJm6GiPsb8JXoMQhb7Oayj3YyXrjMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbWJvYUkteHZ3bGVneENGdnM1cktQZGpKZXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMIVUn8MvasGqJ1a8JWh
pBdWnLHp3jhgQHU2s/oTBEVWv7PLjC1Ys5nTmRxASDQNgeeHvSoYz+ZpNZSssldb
Wh1WJvUIt5yPE2k08KHGasQha1cMU96TJ5Mr9n402cTQva5EKxjlBrVVCmOdwJwa
desIWMvRXqCioAAYSc+eM6uLXQJDsjer3yX/Ug2T/nBTCxuycktGZKl5LqzufKhZ
cdg6+Rhy+rDmfBKOHMGa62wOUZSEpgN6U+nfQZOUJqmwXrqVvmrMlCaubkkivmRs
PN6FtUmJtghbWIF5ghInkN24PoWNrdSTHP7+RaxXe8Q+d3+q+fyfAKupDH5zWsw+
/8M=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:40:03 2025 by rpki-client