Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mpV22eLNJd4Sk6lBv8AviBPjT0U.roa
File: mpV22eLNJd4Sk6lBv8AviBPjT0U.roa (raw, json)
Hash identifier: NdokrB5yOR+E74K7HUlRIdRd9IE/zyia3TliObByNiM=
Subject key identifier: 9A:95:76:D9:E2:CD:25:DE:12:93:A9:41:BF:C0:2F:88:13:E3:4F:45
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFC1E495D013D5A3F558B37489F28B750
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mpV22eLNJd4Sk6lBv8AviBPjT0U.roa
Signing time: Wed 04 Oct 2023 19:15:57 +0000
ROA not before: Wed 04 Oct 2023 19:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:1e:49:5d:01:3d:5a:3f:55:8b:37:48:9f:28:b7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 4 19:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a9576d9e2cd25de1293a941bfc02f8813e34f45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6d:01:90:5c:66:55:40:6d:b5:f6:8d:10:21:
54:74:d8:0f:e1:59:80:9f:d8:66:4c:a8:39:bd:f5:
2e:e2:05:84:5f:36:5d:67:b0:30:e9:59:89:ff:35:
1f:9e:92:ea:99:56:39:0a:25:c8:4c:10:eb:81:a3:
61:2d:11:d4:5c:cd:84:22:39:43:0d:ef:b5:ed:e0:
8a:79:5d:a4:5e:c3:be:f9:2b:52:4b:4f:a4:dc:19:
2c:bc:5d:f5:b5:76:38:72:aa:a3:c1:3b:6d:56:52:
64:a1:12:2e:53:56:f6:98:b4:2a:98:2c:ad:a1:da:
7e:26:72:5d:95:cc:af:2f:b9:6d:72:9f:89:f0:c8:
cc:c5:87:dc:ef:f5:b2:3a:5c:bc:ff:97:38:18:23:
ce:af:9c:d3:51:c5:32:92:48:bc:12:82:36:f8:78:
d9:a7:1f:e8:c2:db:c3:0d:03:56:b8:9f:09:c6:76:
ad:33:92:ed:c8:f2:1c:e3:23:a2:7e:90:90:b2:65:
44:07:98:05:ee:d8:3f:26:f7:cf:de:36:39:94:6f:
1f:90:9b:77:03:5d:93:4e:cf:b8:7b:12:ac:f9:8d:
f9:cb:c8:ff:63:4b:8e:23:6c:19:d0:af:9a:da:b6:
c4:13:99:db:98:e5:45:88:b9:a3:30:12:f1:9f:d8:
e6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:95:76:D9:E2:CD:25:DE:12:93:A9:41:BF:C0:2F:88:13:E3:4F:45
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mpV22eLNJd4Sk6lBv8AviBPjT0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d3:68:24:78:46:51:91:86:88:27:bf:2d:06:08:0b:a4:3a:18:
0b:59:b1:19:ed:ae:87:72:67:bb:ed:ab:c7:fe:4b:3c:53:36:
de:8a:b6:52:d6:ce:dd:19:a3:2e:25:af:81:5d:75:3c:1a:e8:
80:1c:86:ec:0a:8f:5f:40:05:b8:d1:f0:4b:f0:d1:6d:ef:b3:
45:bc:9e:fd:77:bd:9d:44:88:00:83:da:3a:38:1c:52:03:ee:
fd:41:00:9b:7a:de:88:86:e0:28:45:17:e3:29:d6:b6:54:08:
49:3e:d7:4b:e5:9c:33:49:64:33:e9:65:82:ec:2b:52:c8:2c:
b8:08:af:85:b2:b2:04:7a:f1:17:bd:80:07:aa:93:a2:01:35:
ff:4e:d1:eb:b2:2a:a7:5a:cf:a6:10:74:d5:1e:23:e0:ce:cb:
f8:92:e6:45:87:56:8c:67:9c:a6:df:a9:33:5b:e0:66:8e:21:
e1:c3:a7:a7:cf:13:39:26:05:0a:3f:95:d9:f1:fd:bf:a6:6a:
80:92:a2:ba:da:1e:d1:9a:d0:25:7c:ba:70:e7:29:55:0a:7f:
c6:3c:e9:55:9a:57:2e:db:47:3d:f8:7f:fe:a2:b1:d5:09:a8:
91:63:1a:e0:94:c1:e7:24:bd:ac:6a:55:3b:f5:6a:8c:7b:29:
e5:3a:8f:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr8HkldAT1aP1WLN0ifKLdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA0MTkxNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTk1NzZkOWUyY2QyNWRlMTI5M2E5NDFiZmMwMmY4ODEzZTM0ZjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnG0BkFxmVUBttfaNECFUdNgP4VmA
n9hmTKg5vfUu4gWEXzZdZ7Aw6VmJ/zUfnpLqmVY5CiXITBDrgaNhLRHUXM2EIjlD
De+17eCKeV2kXsO++StSS0+k3BksvF31tXY4cqqjwTttVlJkoRIuU1b2mLQqmCyt
odp+JnJdlcyvL7ltcp+J8MjMxYfc7/WyOly8/5c4GCPOr5zTUcUykki8EoI2+HjZ
px/owtvDDQNWuJ8JxnatM5LtyPIc4yOifpCQsmVEB5gF7tg/JvfP3jY5lG8fkJt3
A12TTs+4exKs+Y35y8j/Y0uOI2wZ0K+a2rbEE5nbmOVFiLmjMBLxn9jmrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJqVdtnizSXeEpOpQb/AL4gT409FMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbXBWMjJlTE5KZDRTazZsQnY4QXZpQlBqVDBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANNoJHhGUZGGiCe/LQYI
C6Q6GAtZsRntrodyZ7vtq8f+SzxTNt6KtlLWzt0Zoy4lr4FddTwa6IAchuwKj19A
BbjR8Evw0W3vs0W8nv13vZ1EiACD2jo4HFID7v1BAJt63oiG4ChFF+Mp1rZUCEk+
10vlnDNJZDPpZYLsK1LILLgIr4WysgR68Re9gAeqk6IBNf9O0euyKqdaz6YQdNUe
I+DOy/iS5kWHVoxnnKbfqTNb4GaOIeHDp6fPEzkmBQo/ldnx/b+maoCSorraHtGa
0CV8unDnKVUKf8Y86VWaVy7bRz34f/6isdUJqJFjGuCUweckvaxqVTv1aox7KeU6
j6A=
-----END CERTIFICATE-----
Generated at Sun May 11 09:29:15 2025 by rpki-client