Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MroYXu0agt9aRh-uDfNSRFTKgMc.roa
File: MroYXu0agt9aRh-uDfNSRFTKgMc.roa (raw, json)
Hash identifier: Hqz3sunioThb6KHqp6p9w3KljnPhScD7U7Ws+fSKVKs=
Subject key identifier: 32:BA:18:5E:ED:1A:82:DF:5A:46:1F:AE:0D:F3:52:44:54:CA:80:C7
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C62E07444E5F26B4817995E17930B61E5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MroYXu0agt9aRh-uDfNSRFTKgMc.roa
Signing time: Wed 13 Dec 2023 11:12:06 +0000
ROA not before: Wed 13 Dec 2023 11:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:62:e0:74:44:e5:f2:6b:48:17:99:5e:17:93:0b:61:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 13 11:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32ba185eed1a82df5a461fae0df3524454ca80c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2c:1b:8d:76:86:41:7a:62:ab:4d:df:6f:34:
52:bf:74:ec:8a:83:cf:41:26:92:0d:39:37:a6:c4:
f3:e6:73:3f:cf:25:38:90:87:08:8c:ab:90:c5:a6:
d2:b8:f8:cb:8e:d6:84:7e:0a:11:cc:c5:15:a3:7e:
17:c7:e8:6e:a6:d0:bb:84:a0:44:c1:5d:f9:e8:6d:
44:f2:5b:c5:3f:c0:9a:42:25:a6:ea:eb:2b:3e:c8:
ad:43:b6:e1:4f:fd:22:60:68:fc:a7:c9:e3:92:9a:
06:a4:83:2d:c8:37:28:7a:32:0c:9b:dd:b2:5e:0e:
a4:d6:b0:71:e1:37:90:34:f2:35:08:63:51:aa:f3:
6f:67:e1:6a:a4:4e:e7:06:67:ae:17:da:4a:3d:85:
4f:55:73:77:ca:46:af:59:79:95:7a:28:96:4c:05:
e2:d2:05:dc:5c:d4:d7:c4:9c:06:46:a9:4c:05:c4:
ca:81:97:ca:6a:32:a5:c2:c7:bc:91:dd:99:c4:d3:
80:e7:06:d3:13:56:6f:c9:80:d5:a3:75:52:c0:43:
72:d2:09:21:82:89:0d:8a:3e:db:66:5f:c6:b4:4c:
25:b3:2a:5a:10:8a:01:b7:87:f7:15:14:a2:97:44:
5f:cf:67:3a:6a:26:a8:a8:e2:67:be:e9:10:2d:74:
c7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:BA:18:5E:ED:1A:82:DF:5A:46:1F:AE:0D:F3:52:44:54:CA:80:C7
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MroYXu0agt9aRh-uDfNSRFTKgMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c8:75:d0:6a:06:dd:09:19:29:f4:5d:90:59:43:88:b7:d6:f2:
0d:71:85:bd:77:fe:f5:14:6d:4e:05:8f:d3:8a:9a:47:5a:1b:
94:cd:24:d6:78:86:14:69:61:d9:96:d5:84:b4:10:9a:7e:8b:
b4:7a:e2:a7:e7:73:a6:31:98:bd:6b:35:a8:15:7c:af:ab:8f:
69:5e:56:52:01:89:69:e6:c3:ea:1a:3d:af:ca:f4:7c:85:61:
c6:2c:e4:8d:2f:31:57:1d:76:ac:28:69:3d:70:de:bb:0c:73:
ae:13:bf:14:b8:e2:01:67:bd:fc:bc:84:ee:da:ee:fa:eb:73:
e9:b1:ee:aa:be:05:ba:8f:a4:90:46:7d:a6:25:11:b2:81:5d:
1b:5e:e2:e6:85:5f:8c:33:17:95:69:9b:a9:81:43:d6:7d:4e:
03:bc:e5:1a:f4:76:33:12:43:06:43:30:11:2e:62:53:40:6e:
9c:21:c9:f2:e9:7a:7f:23:e0:4d:cf:e1:7e:ad:7c:3c:d7:86:
7a:3b:70:0c:77:ae:a0:bd:17:40:94:08:94:cf:79:7f:c4:c8:
c2:50:10:15:d3:4b:54:cd:d1:53:8b:f9:94:51:09:c6:a9:89:
d7:c0:0a:ab:ae:3b:e5:b2:21:b5:d3:64:60:77:71:ae:85:c1:
be:5c:c6:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxi4HRE5fJrSBeZXheTC2HlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEzMTExMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmJhMTg1ZWVkMWE4MmRmNWE0NjFmYWUwZGYzNTI0NDU0Y2E4MGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCwbjXaGQXpiq03fbzRSv3TsioPP
QSaSDTk3psTz5nM/zyU4kIcIjKuQxabSuPjLjtaEfgoRzMUVo34Xx+huptC7hKBE
wV356G1E8lvFP8CaQiWm6usrPsitQ7bhT/0iYGj8p8njkpoGpIMtyDcoejIMm92y
Xg6k1rBx4TeQNPI1CGNRqvNvZ+FqpE7nBmeuF9pKPYVPVXN3ykavWXmVeiiWTAXi
0gXcXNTXxJwGRqlMBcTKgZfKajKlwse8kd2ZxNOA5wbTE1ZvyYDVo3VSwENy0gkh
gokNij7bZl/GtEwlsypaEIoBt4f3FRSil0Rfz2c6aiaoqOJnvukQLXTHmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDK6GF7tGoLfWkYfrg3zUkRUyoDHMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTXJvWVh1MGFndDlhUmgtdURmTlNSRlRLZ01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMh10GoG3QkZKfRdkFlD
iLfW8g1xhb13/vUUbU4Fj9OKmkdaG5TNJNZ4hhRpYdmW1YS0EJp+i7R64qfnc6Yx
mL1rNagVfK+rj2leVlIBiWnmw+oaPa/K9HyFYcYs5I0vMVcddqwoaT1w3rsMc64T
vxS44gFnvfy8hO7a7vrrc+mx7qq+BbqPpJBGfaYlEbKBXRte4uaFX4wzF5Vpm6mB
Q9Z9TgO85Rr0djMSQwZDMBEuYlNAbpwhyfLpen8j4E3P4X6tfDzXhno7cAx3rqC9
F0CUCJTPeX/EyMJQEBXTS1TN0VOL+ZRRCcapidfACquuO+WyIbXTZGB3ca6Fwb5c
xks=
-----END CERTIFICATE-----
Generated at Wed May 14 01:27:27 2025 by rpki-client