Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1kZd47P5dEH-PM35uDJv86TsjQk.roa
File: 1kZd47P5dEH-PM35uDJv86TsjQk.roa (raw, json)
Hash identifier: RF4eg76mOFlczImjlE+71jcPDxfZTbpI27lMikxIfhE=
Subject key identifier: D6:46:5D:E3:B3:F9:74:41:FE:3C:CD:F9:B8:32:6F:F3:A4:EC:8D:09
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867E5FDE9D0F89B002C474F12725376E89
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1kZd47P5dEH-PM35uDJv86TsjQk.roa
Signing time: Thu 23 Feb 2023 13:04:17 +0000
ROA not before: Thu 23 Feb 2023 13:04:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
2001:67c:64:ffff:0:186:7e5f:d45b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:5f:de:9d:0f:89:b0:02:c4:74:f1:27:25:37:6e:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 23 13:04:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6465de3b3f97441fe3ccdf9b8326ff3a4ec8d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b7:66:be:64:60:f7:d7:18:52:4c:37:53:23:
93:57:a4:c7:29:11:98:3c:f5:eb:14:ea:46:d9:ac:
18:23:05:fc:1c:42:1e:2e:7b:17:9a:8b:63:86:60:
bb:f4:a6:39:f9:d4:e2:08:bf:03:cb:e6:2a:22:52:
42:bd:7b:29:9b:28:13:fa:04:7f:ce:31:90:a2:d9:
f4:67:78:ac:96:7b:e2:b9:d5:97:53:08:dc:5d:bb:
ff:be:dd:f5:3d:b4:a6:a6:e3:08:fc:34:e7:68:41:
3c:9d:b2:27:33:87:d4:9f:25:ed:3a:aa:7b:35:aa:
9c:d4:db:88:1a:1a:e2:87:b5:3e:3f:8f:ec:06:f0:
c2:9a:62:e7:5b:ec:23:0d:58:6a:3f:ca:b4:d3:6b:
a6:8e:5d:80:59:58:4a:25:ea:e1:23:f8:af:f0:b5:
5b:35:ef:eb:5f:6c:99:03:4f:e1:78:40:84:6a:d2:
b0:95:ac:5c:8b:0c:3c:4e:c6:cf:8b:1b:c3:cc:6a:
30:cd:e8:54:64:e6:0a:ab:22:20:de:b6:04:34:cb:
d0:c0:bd:73:d1:8a:06:bb:7f:c9:7e:97:26:ea:5c:
d6:28:8a:6c:f2:b0:d1:26:9a:ad:3b:2a:bf:b2:1d:
e4:bd:5f:bb:67:63:15:ff:0f:30:b6:0e:a8:47:a3:
1c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:46:5D:E3:B3:F9:74:41:FE:3C:CD:F9:B8:32:6F:F3:A4:EC:8D:09
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1kZd47P5dEH-PM35uDJv86TsjQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:f6:5e:16:f4:f5:24:18:e5:3b:c0:f1:8f:89:c3:78:59:eb:
1a:10:92:ae:27:3b:9c:ae:e0:a9:79:e9:65:88:5a:19:80:09:
3a:a5:6b:d7:e7:72:7a:fc:e8:4a:bb:4d:ca:66:a3:90:e4:1b:
21:6d:88:74:54:95:e1:24:48:43:80:5b:6e:df:02:c0:8b:e8:
7c:e3:88:df:53:70:7a:b6:e2:c2:4a:0c:9f:aa:8d:a7:2c:52:
b2:41:d7:23:a7:be:62:82:d4:87:d0:4f:e1:ad:d4:19:18:61:
50:72:c2:99:ac:a5:a8:fa:2e:74:70:1c:70:19:d5:49:0e:bd:
e6:e9:d3:17:ba:b3:f2:6d:06:49:b6:40:fb:e0:62:47:90:7d:
57:6e:c1:ea:35:5d:e3:33:47:97:62:be:3b:7e:af:98:f1:01:
98:7e:21:ca:ec:31:4a:57:97:47:e3:4a:93:1f:4f:56:3c:46:
81:b4:18:74:1a:bc:90:fb:09:c6:f2:18:75:eb:ed:c1:79:6f:
9c:47:70:53:e3:5f:b1:d0:1f:91:ca:20:67:4f:95:dc:a3:05:
09:1f:00:66:52:4c:9f:04:6e:70:0f:1b:fc:f0:b8:15:e9:3d:
c6:96:d3:e8:fc:10:e8:ab:08:e8:b2:0c:b9:35:e3:80:bb:ce:
2e:33:75:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ+X96dD4mwAsR08SclN26JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIzMTMwNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQ2NWRlM2IzZjk3NDQxZmUzY2NkZjliODMyNmZmM2E0ZWM4ZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrdmvmRg99cYUkw3UyOTV6THKRGY
PPXrFOpG2awYIwX8HEIeLnsXmotjhmC79KY5+dTiCL8Dy+YqIlJCvXspmygT+gR/
zjGQotn0Z3islnviudWXUwjcXbv/vt31PbSmpuMI/DTnaEE8nbInM4fUnyXtOqp7
Naqc1NuIGhrih7U+P4/sBvDCmmLnW+wjDVhqP8q002umjl2AWVhKJerhI/iv8LVb
Ne/rX2yZA0/heECEatKwlaxciww8TsbPixvDzGowzehUZOYKqyIg3rYENMvQwL1z
0YoGu3/Jfpcm6lzWKIps8rDRJpqtOyq/sh3kvV+7Z2MV/w8wtg6oR6Mc4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNZGXeOz+XRB/jzN+bgyb/Ok7I0JMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMWtaZDQ3UDVkRUgtUE0zNXVESnY4NlRzalFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKb2Xhb09SQY5TvA8Y+J
w3hZ6xoQkq4nO5yu4Kl56WWIWhmACTqla9fncnr86Eq7Tcpmo5DkGyFtiHRUleEk
SEOAW27fAsCL6HzjiN9TcHq24sJKDJ+qjacsUrJB1yOnvmKC1IfQT+Gt1BkYYVBy
wpmspaj6LnRwHHAZ1UkOvebp0xe6s/JtBkm2QPvgYkeQfVduweo1XeMzR5divjt+
r5jxAZh+IcrsMUpXl0fjSpMfT1Y8RoG0GHQavJD7CcbyGHXr7cF5b5xHcFPjX7HQ
H5HKIGdPldyjBQkfAGZSTJ8EbnAPG/zwuBXpPcaW0+j8EOirCOiyDLk144C7zi4z
dUo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:42:13 2025 by rpki-client