Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-jINEGeCsMbYzqpsLVwzZYY7oTQ.roa
File: 1-jINEGeCsMbYzqpsLVwzZYY7oTQ.roa (raw, json)
Hash identifier: eLd1oiO2gzPWiXCIxzxuhtz37/s10VV92BUXuyW60lI=
Subject key identifier: FA:32:0D:10:67:82:B0:C6:D8:CE:AA:6C:2D:5C:33:65:86:3B:A1:34
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018688B5CB8E81EEC08CE9C09B886BA32EAF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-jINEGeCsMbYzqpsLVwzZYY7oTQ.roa
Signing time: Sat 25 Feb 2023 13:14:20 +0000
ROA not before: Sat 25 Feb 2023 13:14:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:88:b5:cb:8e:81:ee:c0:8c:e9:c0:9b:88:6b:a3:2e:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 13:14:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa320d106782b0c6d8ceaa6c2d5c3365863ba134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d1:cc:b8:18:3a:f3:c1:9e:67:cf:53:9f:62:
d6:44:51:66:3e:1f:9b:9c:19:85:c1:9a:25:22:25:
49:ca:a1:67:1d:06:de:71:33:50:32:07:c5:2f:6b:
6e:3a:34:93:32:87:7d:3c:93:a1:af:6e:e3:5e:1f:
71:bc:5e:a2:09:61:6a:9c:10:96:f0:6d:68:b4:be:
d2:dc:c1:cb:cc:5a:83:46:b3:f5:de:96:1a:e1:19:
34:42:b2:1c:9b:96:c4:5b:23:64:98:b3:74:00:b9:
3d:f2:cd:83:92:21:a1:73:33:91:35:82:ae:e9:e2:
47:5a:1b:f8:3a:17:4c:75:50:67:b0:76:74:c0:a2:
9b:32:eb:58:be:f1:b9:42:75:9f:6c:97:31:f2:0c:
ff:00:2d:08:88:00:4c:af:d0:e7:da:55:b2:a0:9f:
f9:0c:55:40:c4:bb:86:c8:58:dd:fe:f0:6c:99:6d:
1c:25:69:ec:19:1e:30:b3:01:6f:4b:70:c6:da:93:
56:20:85:b5:58:12:35:e0:d7:39:ae:24:25:84:69:
80:49:ca:1f:ef:dc:72:27:12:bd:75:45:5b:85:5d:
df:22:ff:6f:cc:5f:ba:26:d4:6d:29:21:b5:90:47:
f4:4b:e0:d6:3e:b7:9f:3d:93:c8:a6:31:96:f1:93:
b0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:32:0D:10:67:82:B0:C6:D8:CE:AA:6C:2D:5C:33:65:86:3B:A1:34
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-jINEGeCsMbYzqpsLVwzZYY7oTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:b2:c3:c8:50:18:93:57:a5:e3:ed:b8:1a:8a:c1:cd:81:ae:
d9:8a:db:2f:24:d4:7c:53:bf:f5:4e:20:c5:f1:72:8e:c2:23:
cf:dd:cc:13:d7:f0:7f:ba:ce:df:3c:42:d3:a0:67:42:7a:19:
bc:4e:b3:32:02:02:ba:ac:30:54:50:63:49:4e:6a:3e:3d:c8:
31:72:6c:7d:30:1a:c4:87:9e:0f:a5:c1:86:ce:73:59:99:fd:
c7:75:fc:03:c8:3a:c0:13:8a:e7:fd:3b:88:0d:0e:93:56:e6:
5a:06:2a:97:e4:e1:17:1e:52:9d:a9:08:e9:a6:1b:b4:0e:09:
ea:31:1d:c2:16:16:ee:ca:d7:f1:a2:9a:4a:83:b0:3f:29:e6:
ec:0d:aa:52:81:de:a1:88:a0:ff:64:59:a8:88:00:44:cd:6d:
06:1f:c9:67:86:02:87:44:76:d6:d4:68:80:ad:36:48:f2:45:
e7:d4:86:61:6a:95:26:30:27:55:69:a8:7c:4f:de:2e:39:15:
63:10:aa:30:25:99:76:60:6e:74:f0:6c:5d:0a:75:4b:46:88:
9d:6a:0c:2a:cd:d1:36:38:11:87:a6:5f:88:c0:0a:a9:14:a6:
45:2c:66:ae:56:7e:55:bf:8e:66:3a:21:47:a3:ee:10:a8:df:
ae:78:7b:38
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYaItcuOge7AjOnAm4hroy6vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MTMxNDIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTMyMGQxMDY3ODJiMGM2ZDhjZWFhNmMyZDVjMzM2NTg2M2JhMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdHMuBg688GeZ89Tn2LWRFFmPh+b
nBmFwZolIiVJyqFnHQbecTNQMgfFL2tuOjSTMod9PJOhr27jXh9xvF6iCWFqnBCW
8G1otL7S3MHLzFqDRrP13pYa4Rk0QrIcm5bEWyNkmLN0ALk98s2DkiGhczORNYKu
6eJHWhv4OhdMdVBnsHZ0wKKbMutYvvG5QnWfbJcx8gz/AC0IiABMr9Dn2lWyoJ/5
DFVAxLuGyFjd/vBsmW0cJWnsGR4wswFvS3DG2pNWIIW1WBI14Nc5riQlhGmAScof
79xyJxK9dUVbhV3fIv9vzF+6JtRtKSG1kEf0S+DWPrefPZPIpjGW8ZOwkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPoyDRBngrDG2M6qbC1cM2WGO6E0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMS1qSU5FR2VDc01iWXpxcHNMVnd6WllZN29UUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFh
Ni8xL2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQBFssPIUBiTV6Xj7bga
isHNga7ZitsvJNR8U7/1TiDF8XKOwiPP3cwT1/B/us7fPELToGdCehm8TrMyAgK6
rDBUUGNJTmo+Pcgxcmx9MBrEh54PpcGGznNZmf3HdfwDyDrAE4rn/TuIDQ6TVuZa
BiqX5OEXHlKdqQjpphu0DgnqMR3CFhbuytfxoppKg7A/KebsDapSgd6hiKD/ZFmo
iABEzW0GH8lnhgKHRHbW1GiArTZI8kXn1IZhapUmMCdVaah8T94uORVjEKowJZl2
YG508GxdCnVLRoidagwqzdE2OBGHpl+IwAqpFKZFLGauVn5Vv45mOiFHo+4QqN+u
eHs4
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:59:25 2025 by rpki-client