Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0aDMwjoVyb9fTVfZ-8Zew2nf5Mk.roa
File: 0aDMwjoVyb9fTVfZ-8Zew2nf5Mk.roa (raw, json)
Hash identifier: nbogGY0kfHuMA/voVeCjJtrYGl4NSX9ZLnZ7QKG8KMc=
Subject key identifier: D1:A0:CC:C2:3A:15:C9:BF:5F:4D:57:D9:FB:C6:5E:C3:69:DF:E4:C9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01873729BB39938049B5FA0FC87195B97C05
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0aDMwjoVyb9fTVfZ-8Zew2nf5Mk.roa
Signing time: Fri 31 Mar 2023 10:14:54 +0000
ROA not before: Fri 31 Mar 2023 10:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:37:29:bb:39:93:80:49:b5:fa:0f:c8:71:95:b9:7c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 31 10:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1a0ccc23a15c9bf5f4d57d9fbc65ec369dfe4c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:11:b4:f3:48:bd:45:71:7a:fa:4b:b3:cc:c4:
53:92:29:cf:89:b1:ac:b9:92:cd:74:94:7c:e0:74:
e3:09:f0:07:9d:0a:01:90:74:cc:8a:47:de:c5:8a:
63:bd:13:8a:56:b0:0a:6e:b9:28:7e:46:d9:4b:8d:
21:7e:28:9a:03:f5:d6:2a:d7:b9:ab:9c:c9:c6:54:
0a:b1:0c:71:ed:04:35:85:f2:ad:d2:3d:72:e8:0b:
95:5b:00:b6:a3:9c:6c:f2:40:5f:9e:b8:34:a3:0a:
35:3b:09:75:e2:8e:51:fc:46:1a:b8:af:16:6b:1c:
63:0c:9a:68:ea:d7:87:17:f8:ed:c6:00:78:d0:fe:
21:0f:8b:0a:ad:69:7c:29:6a:6d:88:91:ba:48:d5:
b5:d3:37:9d:a8:5a:ed:d0:19:c9:00:7d:c4:58:34:
63:4d:f5:69:f9:20:19:84:8f:26:e8:b5:6c:b9:07:
6e:a2:6d:ad:10:77:b0:8c:4e:5b:95:0b:fb:65:e4:
25:cf:ae:da:db:65:1e:99:74:c4:66:af:39:7f:d9:
50:90:f5:fe:4b:e4:4c:8c:ec:93:ae:7c:4f:06:94:
f4:0e:6b:9c:e7:c7:8c:65:11:dd:9a:a2:52:92:5c:
14:7f:f4:61:f3:e7:a8:5d:84:5b:44:dc:f8:13:fb:
0f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A0:CC:C2:3A:15:C9:BF:5F:4D:57:D9:FB:C6:5E:C3:69:DF:E4:C9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0aDMwjoVyb9fTVfZ-8Zew2nf5Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ae:0d:d2:38:94:ac:23:5c:e4:08:94:69:82:69:8c:0a:2a:91:
d5:86:4f:53:2b:d8:03:f2:22:34:30:0a:b8:29:1e:d4:a8:f2:
b5:2c:9a:a9:0d:b1:8f:4c:26:1b:0d:e9:a1:f9:34:26:4d:13:
10:b5:c2:45:3a:2e:47:26:75:df:d4:63:8b:28:a1:09:8a:c0:
4b:45:6a:10:b8:9b:c5:9b:b3:3b:a8:ea:79:59:85:eb:af:fe:
89:71:86:13:3b:75:e6:73:72:fe:19:a9:53:97:9c:a9:51:27:
86:ac:0b:3d:1a:35:90:af:4a:db:0b:ec:64:e1:8d:39:62:5b:
d2:8f:f1:4b:9f:42:d0:2d:39:51:52:f3:52:5e:af:33:2a:bc:
41:31:93:0f:64:61:5e:2b:d2:fb:e6:7c:0f:f6:5f:4a:68:6e:
0d:da:18:ee:c0:6d:b8:46:c4:c3:b8:a2:c9:fb:aa:23:b3:93:
1b:10:c0:8c:ab:d0:4f:9f:99:42:d7:d8:8c:b7:43:5e:5a:29:
55:fb:0a:1c:90:f4:bf:1e:d3:58:05:7d:c1:6b:e3:1e:d1:bc:
82:2b:fb:21:5d:2b:5f:67:03:45:a3:9d:82:37:e5:2f:a9:ec:
f5:06:5d:bb:c7:54:b4:f0:47:d2:f7:6f:6f:94:ba:4c:7b:f0:
d1:ac:2a:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYc3Kbs5k4BJtfoPyHGVuXwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzMxMTAxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWEwY2NjMjNhMTVjOWJmNWY0ZDU3ZDlmYmM2NWVjMzY5ZGZlNGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRG080i9RXF6+kuzzMRTkinPibGs
uZLNdJR84HTjCfAHnQoBkHTMikfexYpjvROKVrAKbrkofkbZS40hfiiaA/XWKte5
q5zJxlQKsQxx7QQ1hfKt0j1y6AuVWwC2o5xs8kBfnrg0owo1Owl14o5R/EYauK8W
axxjDJpo6teHF/jtxgB40P4hD4sKrWl8KWptiJG6SNW10zedqFrt0BnJAH3EWDRj
TfVp+SAZhI8m6LVsuQduom2tEHewjE5blQv7ZeQlz67a22UemXTEZq85f9lQkPX+
S+RMjOyTrnxPBpT0Dmuc58eMZRHdmqJSklwUf/Rh8+eoXYRbRNz4E/sPCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNGgzMI6Fcm/X01X2fvGXsNp3+TJMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMGFETXdqb1Z5YjlmVFZmWi04WmV3Mm5mNU1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK4N0jiUrCNc5AiUaYJp
jAoqkdWGT1Mr2APyIjQwCrgpHtSo8rUsmqkNsY9MJhsN6aH5NCZNExC1wkU6Lkcm
dd/UY4sooQmKwEtFahC4m8Wbszuo6nlZheuv/olxhhM7deZzcv4ZqVOXnKlRJ4as
Cz0aNZCvStsL7GThjTliW9KP8UufQtAtOVFS81JerzMqvEExkw9kYV4r0vvmfA/2
X0pobg3aGO7AbbhGxMO4osn7qiOzkxsQwIyr0E+fmULX2Iy3Q15aKVX7ChyQ9L8e
01gFfcFr4x7RvIIr+yFdK19nA0WjnYI35S+p7PUGXbvHVLTwR9L3b2+Uukx78NGs
Kjg=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:24:52 2025 by rpki-client