Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f2196a-389e-4cce-8171-90ad0cadff79/1/mtkWTF2x7dpi1UkUxESAkMvYTiU.roa
File: mtkWTF2x7dpi1UkUxESAkMvYTiU.roa (raw, json)
Hash identifier: CokrIBMQ6tlLiHNYaGnfkurHO4hNvhQpwLfHYZpR/g8=
Subject key identifier: 9A:D9:16:4C:5D:B1:ED:DA:62:D5:49:14:C4:44:80:90:CB:D8:4E:25
Certificate issuer: /CN=c5f9f50ca1c34a3be610048d138af3c0753af92b
Certificate serial: 01951E0ED33D67FA0E84BA7B55D8CC4D357D
Authority key identifier: C5:F9:F5:0C:A1:C3:4A:3B:E6:10:04:8D:13:8A:F3:C0:75:3A:F9:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xfn1DKHDSjvmEASNE4rzwHU6-Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/f2196a-389e-4cce-8171-90ad0cadff79/1/mtkWTF2x7dpi1UkUxESAkMvYTiU.roa
Signing time: Wed 19 Feb 2025 11:54:02 +0000
ROA not before: Wed 19 Feb 2025 11:54:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 128.65.168.0/22 maxlen: 22
128.65.172.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1e:0e:d3:3d:67:fa:0e:84:ba:7b:55:d8:cc:4d:35:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5f9f50ca1c34a3be610048d138af3c0753af92b
Validity
Not Before: Feb 19 11:54:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ad9164c5db1edda62d54914c4448090cbd84e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b6:ed:5e:69:8b:be:9d:df:e3:62:48:42:d6:
42:50:3d:ba:8d:50:c6:59:55:84:30:92:bb:9f:4f:
00:92:90:5f:c2:8d:e4:dc:01:3e:c8:b5:d8:4c:5e:
6d:b8:e2:ef:9a:20:0d:ce:d9:47:b9:28:2a:32:53:
0c:ca:a9:de:ed:91:4d:5e:41:39:a5:bc:96:8d:9b:
35:75:3b:7d:0d:93:40:b9:fd:b4:a6:7f:da:56:bf:
3b:ad:9b:cb:63:d7:97:15:d6:ce:7a:d1:a1:a0:13:
84:ef:31:b2:17:8a:7e:39:fe:58:66:9d:3c:6e:b1:
bd:1a:75:74:85:52:5c:75:05:b3:9f:e8:32:5c:16:
c3:8a:e5:3d:86:d4:7f:20:73:c4:83:8a:d0:98:e3:
54:f6:1d:79:d9:54:aa:23:69:67:00:a9:9a:84:bc:
9b:03:9e:dc:c4:c2:54:70:6d:12:7a:0f:d6:6b:9e:
23:5b:25:70:39:ad:e6:bf:b0:52:25:28:96:7a:61:
e6:fb:42:4e:16:0a:c9:0d:b4:a3:91:93:91:7b:ed:
f1:42:3c:5c:91:0a:84:aa:5f:bb:04:ec:61:67:5c:
33:da:3d:de:fc:87:9c:e2:d2:5d:fc:40:93:af:52:
50:45:66:32:c3:3e:6d:b3:af:bd:b0:de:f5:fa:8f:
eb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D9:16:4C:5D:B1:ED:DA:62:D5:49:14:C4:44:80:90:CB:D8:4E:25
X509v3 Authority Key Identifier:
keyid:C5:F9:F5:0C:A1:C3:4A:3B:E6:10:04:8D:13:8A:F3:C0:75:3A:F9:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xfn1DKHDSjvmEASNE4rzwHU6-Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f2196a-389e-4cce-8171-90ad0cadff79/1/mtkWTF2x7dpi1UkUxESAkMvYTiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f2196a-389e-4cce-8171-90ad0cadff79/1/xfn1DKHDSjvmEASNE4rzwHU6-Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.168.0/21
Signature Algorithm: sha256WithRSAEncryption
92:44:32:83:1b:2b:9f:86:c9:e3:37:9d:94:50:8f:3c:28:ac:
d3:d8:ff:92:48:57:b0:9b:5d:8b:c2:ee:97:77:3a:fb:d1:bc:
df:45:76:21:0f:92:f6:c1:01:65:10:1b:3e:7e:f4:1c:45:f5:
e4:55:8b:1f:df:5d:2e:65:af:a8:72:d9:7b:9c:d7:50:fe:a7:
e2:d8:6c:fb:46:55:a8:73:75:fd:fc:87:bc:e7:53:b7:bc:11:
62:27:89:51:be:62:d5:26:e1:eb:12:a3:bc:7b:fe:7f:41:49:
5f:8f:f0:c8:bb:c1:29:3c:23:26:b8:e8:88:bf:7d:39:d6:6d:
e9:3c:b5:b5:3f:1b:74:b8:07:68:3d:d3:a2:c4:97:ee:b5:fb:
c0:e3:ac:a8:79:7c:96:a4:46:0c:5e:e8:09:f4:a6:bd:eb:63:
a2:27:71:25:6d:a7:68:47:89:ea:e5:f1:7e:2c:d2:5a:df:27:
3b:87:56:d1:51:2c:ce:6f:f3:f9:f2:3f:40:a9:56:3f:68:7b:
1b:8c:19:d2:06:5d:b9:ee:45:98:45:91:7d:7d:2a:1a:57:df:
f7:a8:a3:21:30:be:bb:07:bc:ca:45:b2:c9:b3:a6:5d:0d:94:
8b:d9:c4:0c:6d:64:45:1a:2d:9b:33:da:57:a3:5f:91:b9:c3:
6e:7d:18:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUeDtM9Z/oOhLp7VdjMTTV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZjlmNTBjYTFjMzRhM2JlNjEwMDQ4ZDEzOGFmM2MwNzUz
YWY5MmIwHhcNMjUwMjE5MTE1NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQ5MTY0YzVkYjFlZGRhNjJkNTQ5MTRjNDQ0ODA5MGNiZDg0ZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrbtXmmLvp3f42JIQtZCUD26jVDG
WVWEMJK7n08AkpBfwo3k3AE+yLXYTF5tuOLvmiANztlHuSgqMlMMyqne7ZFNXkE5
pbyWjZs1dTt9DZNAuf20pn/aVr87rZvLY9eXFdbOetGhoBOE7zGyF4p+Of5YZp08
brG9GnV0hVJcdQWzn+gyXBbDiuU9htR/IHPEg4rQmONU9h152VSqI2lnAKmahLyb
A57cxMJUcG0Seg/Wa54jWyVwOa3mv7BSJSiWemHm+0JOFgrJDbSjkZORe+3xQjxc
kQqEql+7BOxhZ1wz2j3e/Iec4tJd/ECTr1JQRWYywz5ts6+9sN71+o/rQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJrZFkxdse3aYtVJFMREgJDL2E4lMB8GA1UdIwQY
MBaAFMX59Qyhw0o75hAEjROK88B1OvkrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGZuMURLSERTanZtRUFTTkU0cnp3SFU2LVNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9mMjE5NmEtMzg5ZS00Y2NlLTgxNzEt
OTBhZDBjYWRmZjc5LzEvbXRrV1RGMng3ZHBpMVVrVXhFU0FrTXZZVGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9mMjE5NmEtMzg5ZS00Y2NlLTgxNzEtOTBhZDBjYWRmZjc5
LzEveGZuMURLSERTanZtRUFTTkU0cnp3SFU2LVNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDgEGoMA0G
CSqGSIb3DQEBCwUAA4IBAQCSRDKDGyufhsnjN52UUI88KKzT2P+SSFewm12Lwu6X
dzr70bzfRXYhD5L2wQFlEBs+fvQcRfXkVYsf310uZa+octl7nNdQ/qfi2Gz7RlWo
c3X9/Ie851O3vBFiJ4lRvmLVJuHrEqO8e/5/QUlfj/DIu8EpPCMmuOiIv3051m3p
PLW1Pxt0uAdoPdOixJfutfvA46yoeXyWpEYMXugJ9Ka962OiJ3ElbadoR4nq5fF+
LNJa3yc7h1bRUSzOb/P58j9AqVY/aHsbjBnSBl257kWYRZF9fSoaV9/3qKMhML67
B7zKRbLJs6ZdDZSL2cQMbWRFGi2bM9pXo1+RucNufRiv
-----END CERTIFICATE-----
Generated at Mon May 12 09:33:21 2025 by rpki-client