Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-a3znCgdAYWkAZro106xWxNZ6hM.roa
File: 1-a3znCgdAYWkAZro106xWxNZ6hM.roa (raw, json)
Hash identifier: cO6D4L9ytrPlb9uttLvj8l3IUes/Gw4le7O1SK0ucIA=
Subject key identifier: F9:AD:F3:9C:28:1D:01:85:A4:01:9A:E8:D7:4E:B1:5B:13:59:EA:13
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186AC8DD20FEFC6B175683334395A2779EB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-a3znCgdAYWkAZro106xWxNZ6hM.roa
Signing time: Sat 04 Mar 2023 12:17:00 +0000
ROA not before: Sat 04 Mar 2023 12:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ac:8d:d2:0f:ef:c6:b1:75:68:33:34:39:5a:27:79:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 4 12:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9adf39c281d0185a4019ae8d74eb15b1359ea13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3f:53:e0:d9:6f:fc:09:65:a6:02:cf:72:ba:
fa:79:53:80:7f:06:46:ba:59:a2:50:58:1f:7a:cb:
4a:1a:bd:96:1e:8a:a0:0b:cb:c9:32:ab:fb:f6:09:
6f:90:0a:e8:83:7d:b3:ab:32:30:51:c9:b8:1e:89:
a3:ed:42:a9:1d:68:8d:df:e7:2f:1e:71:d9:7f:00:
e8:fa:e8:fa:c2:4e:b1:d8:d9:64:07:be:54:d0:5c:
28:0f:46:d4:54:09:39:2c:c2:e2:48:f4:e7:ec:f1:
81:50:c2:0a:98:58:96:03:88:9f:32:bf:32:12:15:
8a:d0:c5:6e:1c:17:59:1a:08:74:5c:27:e4:ec:ee:
dc:63:0b:e9:f6:16:d9:e8:ed:07:61:71:be:03:63:
56:b4:52:38:95:41:43:f6:a4:d9:63:68:d8:ce:cb:
54:62:0c:28:cb:57:3a:fa:48:0c:b9:05:84:b8:60:
56:2a:66:4e:99:55:da:dd:6a:5e:af:eb:12:53:30:
ba:06:28:b9:c1:bf:c8:df:fc:5b:6a:e4:c3:5d:a2:
18:16:b5:3a:1d:70:40:40:e3:00:72:05:75:48:71:
75:c4:59:69:08:21:ac:2a:01:b6:34:8d:04:11:f2:
c0:0e:8a:09:db:da:fd:b3:e3:6b:b2:9b:2d:4e:22:
75:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AD:F3:9C:28:1D:01:85:A4:01:9A:E8:D7:4E:B1:5B:13:59:EA:13
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-a3znCgdAYWkAZro106xWxNZ6hM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
aa:44:ec:f2:9e:f4:ed:4f:48:b5:d1:2f:b3:06:19:ec:c7:1a:
95:10:9c:62:cb:c3:fc:6b:e0:ad:d6:98:44:10:4e:db:fc:e7:
8a:9d:91:97:70:85:99:24:70:db:ea:fd:51:58:9c:af:04:42:
e4:b2:0a:00:0d:21:f6:88:41:c3:58:d4:44:3b:97:65:b9:9b:
5c:cf:79:67:fe:b7:f6:d2:af:f4:6b:6b:d5:49:9a:ae:09:49:
89:cd:dc:38:1f:d6:90:c4:c8:e7:5e:6e:6f:21:32:4b:52:ea:
4c:29:8f:b3:cb:03:82:bf:c2:af:bc:bd:4e:ed:c3:70:0b:b9:
c7:95:d9:b2:0b:48:8a:c4:5a:73:2c:e0:d7:c8:c1:26:68:c0:
3e:a6:9d:0b:dc:36:ed:07:19:74:c3:06:4c:c8:7a:2f:d5:3a:
37:aa:fc:cb:49:bb:4d:80:fd:77:e0:6b:33:ce:41:9b:62:a8:
02:f5:fd:dd:3a:6e:22:af:83:a3:ef:25:3b:5e:8d:7c:00:37:
39:66:d2:9f:f1:e9:c9:6f:d2:5e:34:65:03:b0:9c:13:53:47:
06:8b:14:0d:06:8f:af:58:f9:91:82:b7:19:c6:f4:e5:44:55:
e2:16:49:63:4d:e1:5b:b1:f6:fe:4b:8d:3d:f5:31:c0:cd:67:
c9:01:b1:4f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYasjdIP78axdWgzNDlaJ3nrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA0MTIxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFkZjM5YzI4MWQwMTg1YTQwMTlhZThkNzRlYjE1YjEzNTllYTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD9T4Nlv/AllpgLPcrr6eVOAfwZG
ulmiUFgfestKGr2WHoqgC8vJMqv79glvkArog32zqzIwUcm4Homj7UKpHWiN3+cv
HnHZfwDo+uj6wk6x2NlkB75U0FwoD0bUVAk5LMLiSPTn7PGBUMIKmFiWA4ifMr8y
EhWK0MVuHBdZGgh0XCfk7O7cYwvp9hbZ6O0HYXG+A2NWtFI4lUFD9qTZY2jYzstU
Ygwoy1c6+kgMuQWEuGBWKmZOmVXa3Wper+sSUzC6Bii5wb/I3/xbauTDXaIYFrU6
HXBAQOMAcgV1SHF1xFlpCCGsKgG2NI0EEfLADooJ29r9s+NrspstTiJ1qwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPmt85woHQGFpAGa6NdOsVsTWeoTMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMS1hM3puQ2dkQVlXa0Facm8xMDZ4V3hOWjZoTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFh
Ni8xL2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCqROzynvTtT0i10S+z
BhnsxxqVEJxiy8P8a+Ct1phEEE7b/OeKnZGXcIWZJHDb6v1RWJyvBELksgoADSH2
iEHDWNREO5dluZtcz3ln/rf20q/0a2vVSZquCUmJzdw4H9aQxMjnXm5vITJLUupM
KY+zywOCv8KvvL1O7cNwC7nHldmyC0iKxFpzLODXyMEmaMA+pp0L3DbtBxl0wwZM
yHov1To3qvzLSbtNgP134GszzkGbYqgC9f3dOm4ir4Oj7yU7Xo18ADc5ZtKf8enJ
b9JeNGUDsJwTU0cGixQNBo+vWPmRgrcZxvTlRFXiFkljTeFbsfb+S4099THAzWfJ
AbFP
-----END CERTIFICATE-----
Generated at Thu May 1 22:17:05 2025 by rpki-client