Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0n-Z1Hcis7XZWs-S6xyvtWvvZfg.roa
File: 0n-Z1Hcis7XZWs-S6xyvtWvvZfg.roa (raw, json)
Hash identifier: mT5myEYFE2PqDbQ2yJG7RJrGML/ImmF7PW5zmSyqOeQ=
Subject key identifier: D2:7F:99:D4:77:22:B3:B5:D9:5A:CF:92:EB:1C:AF:B5:6B:EF:65:F8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018491F4E33395A25A66DC201BB13D848DF8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0n-Z1Hcis7XZWs-S6xyvtWvvZfg.roa
Signing time: Sat 19 Nov 2022 22:14:16 +0000
ROA not before: Sat 19 Nov 2022 22:14:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:91:f4:e3:33:95:a2:5a:66:dc:20:1b:b1:3d:84:8d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 19 22:14:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d27f99d47722b3b5d95acf92eb1cafb56bef65f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:85:4d:f5:41:a3:a5:02:eb:9a:17:fd:61:0f:
c5:84:6f:96:81:93:52:57:0b:38:46:5c:1a:ec:5b:
5d:4b:7d:4e:39:54:29:08:78:45:2b:7f:c7:95:c1:
d1:1d:b3:8a:6c:2b:ee:b3:48:70:45:fb:4e:67:e0:
46:0b:b0:71:0b:6a:6e:f4:0b:9f:c7:08:41:97:cb:
df:8d:6f:c6:b8:c1:80:11:db:a2:5d:cc:a3:fb:a4:
f1:a5:94:bf:66:ed:9f:49:1c:d1:21:bc:7e:39:a0:
30:98:80:ac:6d:6b:27:f5:e2:1c:8b:ef:b2:49:4e:
cb:35:77:c0:c0:73:d7:28:d8:0c:b3:9e:45:77:58:
2b:08:db:6d:02:5a:23:bd:1d:f6:b0:55:cd:22:ce:
fb:43:f0:41:3f:da:58:7a:00:3e:91:4f:7f:62:7d:
1f:77:00:57:43:18:0b:76:ba:0f:fd:97:0a:cc:d6:
1d:6b:b4:c8:a7:29:a1:37:32:a8:b4:d6:48:e6:9b:
3a:72:f9:79:ce:80:08:9d:c4:88:13:16:10:e7:a5:
5f:29:c4:09:71:ea:2a:2a:bf:38:1c:d4:af:f6:f3:
48:ee:cf:d7:5a:3c:66:13:fb:96:cd:8e:06:43:23:
58:92:c0:06:de:dd:bb:bf:8a:50:84:7e:04:ea:d9:
e6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:7F:99:D4:77:22:B3:B5:D9:5A:CF:92:EB:1C:AF:B5:6B:EF:65:F8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0n-Z1Hcis7XZWs-S6xyvtWvvZfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:df:e2:3b:62:f7:5b:d4:f8:3b:4f:e4:e5:02:ed:bc:88:d5:
8a:e5:dc:35:1d:98:6b:9f:aa:0c:09:1b:45:9b:bc:98:eb:40:
dd:06:91:fc:87:e8:f5:07:ef:04:85:2d:c6:43:70:85:e5:b5:
46:35:28:e9:d4:27:8c:0d:9b:39:63:62:c4:ac:ae:83:ab:c4:
3a:6b:1d:7a:21:9b:65:18:99:00:fb:2a:bc:1e:f3:5e:fd:45:
08:d4:d7:52:bb:e0:35:ad:77:0d:ca:16:54:4c:8d:8f:d5:2c:
66:e5:de:02:ae:30:e6:9c:ba:7e:ef:73:c4:ee:40:49:b9:0c:
63:ce:41:1b:04:4f:82:e1:05:23:d6:f0:8b:81:fe:35:6a:83:
9d:a8:3b:01:91:62:7d:3d:20:89:53:6b:11:f5:07:6a:62:7d:
86:cc:31:97:63:82:dd:61:81:b4:da:ea:f2:e9:9c:43:56:23:
52:d9:14:99:57:7a:0c:5a:f1:c1:14:39:45:92:11:5e:ef:7e:
a6:5b:66:3c:82:a1:7f:72:5a:a8:c9:c2:69:59:49:bf:d7:3f:
77:1b:2e:eb:fb:3a:2b:95:e8:b1:54:b6:d0:65:ac:de:9a:0b:
16:f4:43:79:fb:2f:4e:f3:d9:2f:3f:7e:69:26:b5:4e:ed:2d:
b7:b5:ea:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYSR9OMzlaJaZtwgG7E9hI34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTE5MjIxNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjdmOTlkNDc3MjJiM2I1ZDk1YWNmOTJlYjFjYWZiNTZiZWY2NWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIVN9UGjpQLrmhf9YQ/FhG+WgZNS
Vws4Rlwa7FtdS31OOVQpCHhFK3/HlcHRHbOKbCvus0hwRftOZ+BGC7BxC2pu9Auf
xwhBl8vfjW/GuMGAEduiXcyj+6TxpZS/Zu2fSRzRIbx+OaAwmICsbWsn9eIci++y
SU7LNXfAwHPXKNgMs55Fd1grCNttAlojvR32sFXNIs77Q/BBP9pYegA+kU9/Yn0f
dwBXQxgLdroP/ZcKzNYda7TIpymhNzKotNZI5ps6cvl5zoAIncSIExYQ56VfKcQJ
ceoqKr84HNSv9vNI7s/XWjxmE/uWzY4GQyNYksAG3t27v4pQhH4E6tnmVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNJ/mdR3IrO12VrPkuscr7Vr72X4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMG4tWjFIY2lzN1haV3MtUzZ4eXZ0V3Z2WmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAETf4jti91vU+DtP5OUC
7byI1Yrl3DUdmGufqgwJG0WbvJjrQN0GkfyH6PUH7wSFLcZDcIXltUY1KOnUJ4wN
mzljYsSsroOrxDprHXohm2UYmQD7Krwe8179RQjU11K74DWtdw3KFlRMjY/VLGbl
3gKuMOacun7vc8TuQEm5DGPOQRsET4LhBSPW8IuB/jVqg52oOwGRYn09IIlTaxH1
B2pifYbMMZdjgt1hgbTa6vLpnENWI1LZFJlXegxa8cEUOUWSEV7vfqZbZjyCoX9y
WqjJwmlZSb/XP3cbLuv7OiuV6LFUttBlrN6aCxb0Q3n7L07z2S8/fmkmtU7tLbe1
6v4=
-----END CERTIFICATE-----
Generated at Thu May 1 02:58:46 2025 by rpki-client