Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MZYHbZD1FvnFZ7gbIoZZVMfKne0.roa
File: MZYHbZD1FvnFZ7gbIoZZVMfKne0.roa (raw, json)
Hash identifier: bVqBD+6WhMnyfxnX/2+ByHk6HyVEwCco6ZaiQ1GD+DM=
Subject key identifier: 31:96:07:6D:90:F5:16:F9:C5:67:B8:1B:22:86:59:54:C7:CA:9D:ED
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6386D859ED726F5E06584F7CFE848417
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MZYHbZD1FvnFZ7gbIoZZVMfKne0.roa
Signing time: Tue 24 Oct 2023 21:11:03 +0000
ROA not before: Tue 24 Oct 2023 21:11:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:63:86:d8:59:ed:72:6f:5e:06:58:4f:7c:fe:84:84:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 24 21:11:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3196076d90f516f9c567b81b22865954c7ca9ded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1c:89:53:18:e6:af:aa:d2:c7:b4:76:be:f7:
52:ed:10:47:86:d9:dd:4d:a3:6c:fe:21:15:23:70:
a9:47:db:d9:07:af:70:11:65:f6:6a:28:b1:1f:7d:
62:16:32:34:c5:68:a9:59:be:85:5a:5c:f0:1a:1a:
1e:48:fb:5b:7d:6e:4d:35:bb:87:4c:d3:f0:fa:28:
1d:53:5c:a4:d8:f9:7c:5a:4a:70:6d:0e:3d:21:67:
de:61:e7:dc:5c:de:f9:62:f0:b7:cf:8c:0e:2f:26:
76:7d:6f:2d:0a:e8:75:fb:84:cc:62:87:3a:89:08:
2a:d4:c3:fe:1b:b2:f6:7d:c6:e8:05:08:ed:5d:fb:
63:b1:6c:03:8e:95:b4:15:74:75:62:fc:d6:63:b8:
2b:de:24:2e:f6:cc:3b:17:e5:c0:e3:d6:18:f3:c0:
a7:58:a9:34:9b:f1:71:ea:24:ee:d2:e1:76:b9:f8:
05:2e:9d:7f:2e:69:88:37:74:65:b4:d8:1b:4c:1e:
66:29:61:08:30:ea:2e:32:92:92:61:e1:60:f1:c8:
c4:c3:9f:e8:38:56:8b:c3:17:43:41:7b:cc:d2:cf:
f6:92:62:ca:32:aa:4b:90:f0:5c:0c:71:6d:97:25:
f2:c0:63:99:e7:98:cc:cd:cc:7a:2a:fa:c5:8f:e9:
69:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:96:07:6D:90:F5:16:F9:C5:67:B8:1B:22:86:59:54:C7:CA:9D:ED
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MZYHbZD1FvnFZ7gbIoZZVMfKne0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ad:e8:81:b2:f4:c8:87:12:34:a7:ee:23:23:5f:95:ee:91:d7:
52:98:04:bd:b3:e8:ae:d6:0d:65:da:68:7c:18:7f:71:ba:1f:
79:4e:cd:4b:35:41:1c:3c:60:7a:12:6f:26:7c:90:dc:e9:a1:
df:e9:f6:c9:60:ad:6f:a4:4b:a0:e2:6d:69:4a:5f:94:86:c6:
77:b4:03:5a:4f:2a:1e:27:5b:30:62:7c:cf:e4:a8:56:a8:47:
28:c0:80:59:d4:2f:7f:f4:ba:ce:16:e7:e1:78:37:bb:3e:e1:
0a:ac:67:2a:0c:33:ef:c2:6c:15:39:54:59:96:0a:9f:79:76:
52:13:3d:8c:1d:04:45:c9:a3:0b:84:d7:6c:f5:18:ca:f0:45:
36:a7:3d:45:3f:5e:d3:96:ab:ac:9f:56:2a:ef:ee:1c:76:40:
5a:d4:03:65:bd:a4:0e:8c:44:f6:2b:e5:6e:c0:f7:2b:e4:c9:
07:b6:34:22:2e:55:ff:1c:5a:3a:70:20:f3:01:6d:cb:65:33:
b0:bc:46:58:bd:91:18:85:7d:75:e3:ed:fb:18:f3:c3:23:a5:
61:6e:43:0d:01:3f:d2:b5:e5:63:eb:16:71:3d:0a:ca:12:86:
e3:ed:94:57:be:49:89:53:7d:69:79:3f:48:21:7c:5d:53:32:
3a:ed:58:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtjhthZ7XJvXgZYT3z+hIQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI0MjExMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTk2MDc2ZDkwZjUxNmY5YzU2N2I4MWIyMjg2NTk1NGM3Y2E5ZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRyJUxjmr6rSx7R2vvdS7RBHhtnd
TaNs/iEVI3CpR9vZB69wEWX2aiixH31iFjI0xWipWb6FWlzwGhoeSPtbfW5NNbuH
TNPw+igdU1yk2Pl8WkpwbQ49IWfeYefcXN75YvC3z4wOLyZ2fW8tCuh1+4TMYoc6
iQgq1MP+G7L2fcboBQjtXftjsWwDjpW0FXR1YvzWY7gr3iQu9sw7F+XA49YY88Cn
WKk0m/Fx6iTu0uF2ufgFLp1/LmmIN3RltNgbTB5mKWEIMOouMpKSYeFg8cjEw5/o
OFaLwxdDQXvM0s/2kmLKMqpLkPBcDHFtlyXywGOZ55jMzcx6KvrFj+lpfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDGWB22Q9Rb5xWe4GyKGWVTHyp3tMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTVpZSGJaRDFGdm5GWjdnYklvWlpWTWZLbmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK3ogbL0yIcSNKfuIyNf
le6R11KYBL2z6K7WDWXaaHwYf3G6H3lOzUs1QRw8YHoSbyZ8kNzpod/p9slgrW+k
S6DibWlKX5SGxne0A1pPKh4nWzBifM/kqFaoRyjAgFnUL3/0us4W5+F4N7s+4Qqs
ZyoMM+/CbBU5VFmWCp95dlITPYwdBEXJowuE12z1GMrwRTanPUU/XtOWq6yfVirv
7hx2QFrUA2W9pA6MRPYr5W7A9yvkyQe2NCIuVf8cWjpwIPMBbctlM7C8Rli9kRiF
fXXj7fsY88MjpWFuQw0BP9K15WPrFnE9CsoShuPtlFe+SYlTfWl5P0ghfF1TMjrt
WNE=
-----END CERTIFICATE-----
Generated at Sat May 10 21:40:54 2025 by rpki-client