Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/15pV70QU9WKgQ-QIU1YnAZXwCdo.roa
File: 15pV70QU9WKgQ-QIU1YnAZXwCdo.roa (raw, json)
Hash identifier: PyMgzdtUQPrqI35WEZ2Tbk/ojQyg4YzUqXIL0X/vhPg=
Subject key identifier: D7:9A:55:EF:44:14:F5:62:A0:43:E4:08:53:56:27:01:95:F0:09:DA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018691B097DDC2ECCEF14C3A14220833BE81
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/15pV70QU9WKgQ-QIU1YnAZXwCdo.roa
Signing time: Mon 27 Feb 2023 07:05:14 +0000
ROA not before: Mon 27 Feb 2023 07:05:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:91af:b489/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:91:b0:97:dd:c2:ec:ce:f1:4c:3a:14:22:08:33:be:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 27 07:05:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d79a55ef4414f562a043e4085356270195f009da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:de:e3:8d:e3:95:13:32:58:4e:eb:28:87:9c:
16:6e:7e:5c:b5:e3:6d:55:ab:8e:90:b8:51:c0:dd:
cb:56:ca:82:f4:91:b9:37:2c:2a:06:f2:0e:3f:a6:
36:e6:a5:44:ab:76:40:0a:4c:f8:1f:f5:c3:d2:9b:
08:8f:8e:01:3f:a9:2b:be:57:3b:5f:f4:00:ee:b0:
93:ce:b7:78:01:c2:7d:eb:10:49:2f:8b:d1:79:32:
51:41:eb:7e:1c:ee:69:3c:2b:1d:fa:b5:50:40:d2:
ae:02:99:10:a4:2b:ba:90:45:3b:c8:26:1d:47:c3:
cd:40:f7:11:06:b5:42:3a:36:ee:fa:3e:c2:d1:7e:
e4:df:f1:a8:b0:bb:77:0c:d3:ea:11:e7:de:b8:87:
6d:cc:61:0e:39:8d:4a:10:8c:3a:bb:6a:28:a7:f6:
a4:ab:22:d5:ad:db:73:b2:b6:be:4b:3c:f9:2f:41:
81:78:1b:41:45:64:d4:6a:2e:03:dc:7e:65:73:62:
95:02:d7:89:b2:7d:34:56:d5:c7:79:c6:da:9d:ff:
7b:c0:bf:2b:61:78:db:24:21:b5:de:0c:dc:72:9d:
d4:3f:73:19:23:67:6d:61:05:7e:64:13:fa:38:f8:
83:ed:34:6e:61:79:ee:5a:35:30:a6:5e:4e:f9:97:
ad:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9A:55:EF:44:14:F5:62:A0:43:E4:08:53:56:27:01:95:F0:09:DA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/15pV70QU9WKgQ-QIU1YnAZXwCdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:b5:51:53:9d:05:12:96:09:b5:6c:07:57:79:b0:90:a9:d7:
07:0f:0b:f8:88:5d:be:6e:50:62:8f:06:de:97:e6:91:6c:76:
25:96:6e:cb:39:02:c2:36:50:7b:5c:4f:a0:a0:30:4d:86:b7:
e8:22:1c:cd:34:64:c1:33:57:a4:e8:60:2f:1b:67:4c:60:94:
db:92:50:88:e4:0d:26:a3:f3:68:aa:80:31:a2:61:36:da:24:
05:04:de:7f:cb:ae:53:8a:ec:08:4a:78:c9:93:95:51:83:77:
ec:2c:92:44:dd:4a:e4:d7:8f:67:15:85:5f:c4:c3:2d:73:98:
ed:81:d4:76:c1:bb:58:56:10:fe:a7:68:d4:5c:5b:42:94:25:
fd:8f:31:a3:8f:ee:33:37:8f:c6:35:a3:a4:24:b1:16:b5:17:
74:20:14:2f:d5:8c:d3:1d:df:63:b5:11:21:0a:d5:5f:f7:d2:
9b:38:2b:c0:3f:5e:2b:65:f9:d0:72:82:98:20:5e:89:44:df:
ce:39:83:ea:e3:46:ac:51:47:72:18:ce:07:bf:2e:58:58:f9:
73:b9:fb:69:85:e4:8a:82:09:a6:74:ed:c9:1d:5c:dd:a7:06:
5e:1c:ac:ab:55:53:88:b4:77:58:f6:4c:54:42:8a:db:ce:79:
0e:f7:75:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaRsJfdwuzO8Uw6FCIIM76BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI3MDcwNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzlhNTVlZjQ0MTRmNTYyYTA0M2U0MDg1MzU2MjcwMTk1ZjAwOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArt7jjeOVEzJYTusoh5wWbn5cteNt
VauOkLhRwN3LVsqC9JG5NywqBvIOP6Y25qVEq3ZACkz4H/XD0psIj44BP6krvlc7
X/QA7rCTzrd4AcJ96xBJL4vReTJRQet+HO5pPCsd+rVQQNKuApkQpCu6kEU7yCYd
R8PNQPcRBrVCOjbu+j7C0X7k3/GosLt3DNPqEefeuIdtzGEOOY1KEIw6u2oop/ak
qyLVrdtzsra+Szz5L0GBeBtBRWTUai4D3H5lc2KVAteJsn00VtXHecbanf97wL8r
YXjbJCG13gzccp3UP3MZI2dtYQV+ZBP6OPiD7TRuYXnuWjUwpl5O+ZetVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNeaVe9EFPVioEPkCFNWJwGV8AnaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMTVwVjcwUVU5V0tnUS1RSVUxWW5BWlh3Q2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJO1UVOdBRKWCbVsB1d5
sJCp1wcPC/iIXb5uUGKPBt6X5pFsdiWWbss5AsI2UHtcT6CgME2Gt+giHM00ZMEz
V6ToYC8bZ0xglNuSUIjkDSaj82iqgDGiYTbaJAUE3n/LrlOK7AhKeMmTlVGDd+ws
kkTdSuTXj2cVhV/Ewy1zmO2B1HbBu1hWEP6naNRcW0KUJf2PMaOP7jM3j8Y1o6Qk
sRa1F3QgFC/VjNMd32O1ESEK1V/30ps4K8A/Xitl+dBygpggXolE3845g+rjRqxR
R3IYzge/LlhY+XO5+2mF5IqCCaZ07ckdXN2nBl4crKtVU4i0d1j2TFRCitvOeQ73
dZc=
-----END CERTIFICATE-----
Generated at Thu May 1 14:27:10 2025 by rpki-client