Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-68f0KFkxFaxt4ydWCo_oBZZQ8w.roa
File: 1-68f0KFkxFaxt4ydWCo_oBZZQ8w.roa (raw, json)
Hash identifier: EyVxsAo3riQnGWx8SwgKGqJIsWNPzm2La9XyTTevj9Y=
Subject key identifier: FB:AF:1F:D0:A1:64:C4:56:B1:B7:8C:9D:58:2A:3F:A0:16:59:43:CC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018838D99989215A33032603E5B222D7E546
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-68f0KFkxFaxt4ydWCo_oBZZQ8w.roa
Signing time: Sat 20 May 2023 11:09:24 +0000
ROA not before: Sat 20 May 2023 11:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:38:d9:99:89:21:5a:33:03:26:03:e5:b2:22:d7:e5:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 20 11:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbaf1fd0a164c456b1b78c9d582a3fa0165943cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d3:f1:3f:3b:1d:03:5d:21:b4:82:16:5a:6c:
3b:a0:2d:c8:0b:ce:bc:32:23:e5:b4:69:07:88:cb:
dd:d4:4e:3d:ff:17:e0:af:99:4f:c2:a0:16:cd:2d:
1a:cc:3b:ce:18:6f:f5:11:18:c7:f3:c7:68:bd:aa:
e5:95:b2:48:95:8b:14:10:38:30:10:68:31:bd:80:
68:d8:ea:5e:fa:72:ac:2c:79:4c:23:a1:de:c2:30:
a1:77:66:12:98:3a:f0:dc:da:35:16:aa:de:5a:a8:
bd:64:95:01:8e:f2:c3:c9:80:c4:df:16:84:95:b1:
c0:06:2c:d7:68:30:c8:06:5a:cd:a2:dc:10:03:c2:
45:2b:52:04:cc:13:5f:dd:65:46:dc:17:12:4e:38:
a1:a7:11:4b:20:7a:03:d7:66:81:1e:5e:47:36:0c:
b3:23:fe:a2:01:c5:ff:d6:6a:21:ba:2c:c6:05:9d:
18:26:9c:c9:11:01:cc:18:2a:4c:7d:9c:b7:bf:f1:
7d:ec:fb:86:9a:63:4d:99:e0:3a:d3:5a:13:fc:7b:
a8:2a:c9:cf:f3:a7:7c:32:d0:3a:22:c0:66:15:ad:
65:b3:79:b0:07:bb:c5:2e:9e:c8:f4:a8:ee:6e:13:
c8:dc:1c:3b:4d:a6:0d:0b:59:33:a9:36:c3:1c:98:
bf:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:AF:1F:D0:A1:64:C4:56:B1:B7:8C:9D:58:2A:3F:A0:16:59:43:CC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-68f0KFkxFaxt4ydWCo_oBZZQ8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:ba:f0:25:30:da:cd:35:bd:13:a4:b9:df:18:7c:fa:58:42:
d5:47:cb:d4:d3:f0:42:63:d0:a8:53:9e:e1:80:a9:b2:77:88:
e7:fe:5a:7f:95:b0:2b:d9:9d:46:e4:f7:fd:39:1c:eb:e3:d9:
3c:76:17:e2:25:b0:17:13:77:a4:15:2c:7c:0d:e7:42:49:88:
a5:80:bc:0b:c9:9a:ec:ed:12:fa:eb:72:42:1f:c6:11:09:af:
17:f2:42:14:a1:51:c1:bd:ed:f1:24:04:0b:7b:3d:9e:93:28:
fd:e7:8a:25:41:2d:b0:bd:90:72:41:98:8b:16:3c:16:7e:5c:
c3:35:e6:67:b2:1e:a1:be:d2:db:bc:eb:3a:83:d9:16:57:7f:
75:5f:4f:0e:22:2b:58:cf:27:e0:b8:fc:96:16:f3:58:6f:05:
07:e9:1e:5a:27:8e:52:2f:5e:4d:5f:86:4f:e3:d3:f4:a2:e3:
8d:43:61:9d:38:6b:1a:9e:19:72:ef:45:3d:22:55:38:72:e3:
45:99:46:32:56:d7:47:7c:ad:ef:14:2f:97:7b:e6:93:4c:32:
03:27:df:c7:ce:a6:6d:93:3a:ec:26:09:be:5a:34:6c:f4:80:
85:70:6c:8e:57:dd:0a:93:30:84:0b:a2:80:16:52:37:1e:81:
fe:86:a3:40
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYg42ZmJIVozAyYD5bIi1+VGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTIwMTEwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmFmMWZkMGExNjRjNDU2YjFiNzhjOWQ1ODJhM2ZhMDE2NTk0M2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtPxPzsdA10htIIWWmw7oC3IC868
MiPltGkHiMvd1E49/xfgr5lPwqAWzS0azDvOGG/1ERjH88dovarllbJIlYsUEDgw
EGgxvYBo2Ope+nKsLHlMI6HewjChd2YSmDrw3No1FqreWqi9ZJUBjvLDyYDE3xaE
lbHABizXaDDIBlrNotwQA8JFK1IEzBNf3WVG3BcSTjihpxFLIHoD12aBHl5HNgyz
I/6iAcX/1mohuizGBZ0YJpzJEQHMGCpMfZy3v/F97PuGmmNNmeA601oT/HuoKsnP
86d8MtA6IsBmFa1ls3mwB7vFLp7I9KjubhPI3Bw7TaYNC1kzqTbDHJi/EQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPuvH9ChZMRWsbeMnVgqP6AWWUPMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMS02OGYwS0ZreEZheHQ0eWRXQ29fb0JaWlE4dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFh
Ni8xL2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQA5uvAlMNrNNb0TpLnf
GHz6WELVR8vU0/BCY9CoU57hgKmyd4jn/lp/lbAr2Z1G5Pf9ORzr49k8dhfiJbAX
E3ekFSx8DedCSYilgLwLyZrs7RL663JCH8YRCa8X8kIUoVHBve3xJAQLez2ekyj9
54olQS2wvZByQZiLFjwWflzDNeZnsh6hvtLbvOs6g9kWV391X08OIitYzyfguPyW
FvNYbwUH6R5aJ45SL15NX4ZP49P0ouONQ2GdOGsanhly70U9IlU4cuNFmUYyVtdH
fK3vFC+Xe+aTTDIDJ9/HzqZtkzrsJgm+WjRs9ICFcGyOV90KkzCEC6KAFlI3HoH+
hqNA
-----END CERTIFICATE-----
Generated at Thu May 1 18:47:31 2025 by rpki-client