Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1mXmuY4PerUd5zVTlbgfe_y9FbQ.roa
File: 1mXmuY4PerUd5zVTlbgfe_y9FbQ.roa (raw, json)
Hash identifier: OHftARRP0g9ShsAILNP/1kJRlDuTCYB1RCGKnrbypCY=
Subject key identifier: D6:65:E6:B9:8E:0F:7A:B5:1D:E7:35:53:95:B8:1F:7B:FC:BD:15:B4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01899D0EE6BB2E1000FB06CDD5374BD49B72
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1mXmuY4PerUd5zVTlbgfe_y9FbQ.roa
Signing time: Fri 28 Jul 2023 15:12:26 +0000
ROA not before: Fri 28 Jul 2023 15:12:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9d:0e:e6:bb:2e:10:00:fb:06:cd:d5:37:4b:d4:9b:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 28 15:12:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d665e6b98e0f7ab51de7355395b81f7bfcbd15b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3d:94:3d:34:d6:73:2b:ef:f6:7d:a4:88:c5:
c8:cb:f2:77:cc:9d:12:6f:0d:79:02:58:e1:06:0b:
cb:19:d9:8b:11:b5:19:78:4b:a9:c7:de:26:d4:b3:
08:76:b1:a2:91:7f:c1:e8:68:34:48:a0:42:aa:a4:
b3:d9:32:f7:9d:27:75:82:05:7b:df:d0:96:80:8d:
5a:64:bc:ec:e6:fe:86:57:93:77:20:cd:01:be:b5:
b9:d8:51:da:10:c2:7f:b7:0b:08:1f:5d:df:00:bb:
fa:95:dd:0b:ee:b2:a3:e8:e2:78:1c:93:05:b1:8c:
5a:40:e7:0d:63:e3:55:28:81:b7:97:c9:24:19:4d:
1c:13:ec:24:5b:02:b6:66:7c:e1:6c:b9:28:9f:ed:
7e:81:da:13:c9:92:58:2a:50:35:a3:49:29:b1:f7:
f6:76:06:74:cb:28:dc:4f:58:b9:bd:82:e9:66:11:
bd:80:a9:08:40:ff:f1:4b:c7:ca:89:a4:b2:13:04:
48:09:e2:87:76:74:8a:67:37:8f:8c:17:31:12:bb:
5e:07:17:a5:71:b6:89:f9:62:38:0c:c7:d2:89:ca:
45:a2:af:c1:c8:a1:3b:23:0e:4d:53:2f:4c:c6:9c:
2e:d4:21:aa:70:f3:50:73:b3:33:33:04:e0:61:81:
e0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:65:E6:B9:8E:0F:7A:B5:1D:E7:35:53:95:B8:1F:7B:FC:BD:15:B4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1mXmuY4PerUd5zVTlbgfe_y9FbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:af:f8:31:09:2a:48:a2:6d:3c:15:37:b8:db:9e:75:e3:60:
ff:e0:b8:b2:83:a6:bd:9b:87:1a:41:c8:06:c6:87:bb:1a:df:
1e:46:95:7a:e1:a6:8f:3d:73:eb:89:de:94:8b:59:9c:74:4c:
9a:31:fd:f4:7a:38:f1:c3:24:f3:54:c5:3a:a1:b5:f5:e1:68:
8b:ec:2f:1b:44:ad:59:b9:42:e0:4b:a5:3e:65:3d:a3:3b:48:
5d:c2:b4:ce:2e:dc:e3:62:7a:bc:c8:67:cf:d7:2f:ee:fb:2e:
58:00:64:6f:e9:54:4f:9e:b7:9c:bb:78:d0:05:b5:47:dd:4b:
b6:67:bc:75:08:98:2e:17:30:83:c2:b3:d0:41:56:76:ac:45:
18:11:fb:9a:17:a6:a6:be:dc:3b:5a:c8:c8:8c:5f:3e:56:59:
8c:f0:ab:b1:4f:c2:94:14:1d:64:ff:d2:cb:c3:92:4c:23:ec:
59:6e:fb:e1:fe:08:06:b5:d8:b9:2e:98:fe:c4:e1:4b:79:da:
39:bc:d6:0b:16:c4:10:6a:75:d6:ce:3c:97:94:b0:82:97:ae:
54:32:15:3c:c4:35:1d:85:5e:13:e5:1c:fc:a5:a9:a3:85:dd:
a8:81:c4:fc:c6:de:96:ec:c0:f9:56:60:89:68:32:41:78:f5:
b5:a5:4a:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmdDua7LhAA+wbN1TdL1JtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI4MTUxMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjY1ZTZiOThlMGY3YWI1MWRlNzM1NTM5NWI4MWY3YmZjYmQxNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiD2UPTTWcyvv9n2kiMXIy/J3zJ0S
bw15AljhBgvLGdmLEbUZeEupx94m1LMIdrGikX/B6Gg0SKBCqqSz2TL3nSd1ggV7
39CWgI1aZLzs5v6GV5N3IM0BvrW52FHaEMJ/twsIH13fALv6ld0L7rKj6OJ4HJMF
sYxaQOcNY+NVKIG3l8kkGU0cE+wkWwK2ZnzhbLkon+1+gdoTyZJYKlA1o0kpsff2
dgZ0yyjcT1i5vYLpZhG9gKkIQP/xS8fKiaSyEwRICeKHdnSKZzePjBcxErteBxel
cbaJ+WI4DMfSicpFoq/ByKE7Iw5NUy9Mxpwu1CGqcPNQc7MzMwTgYYHgOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNZl5rmOD3q1Hec1U5W4H3v8vRW0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMW1YbXVZNFBlclVkNXpWVGxiZ2ZlX3k5RmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI+v+DEJKkiibTwVN7jb
nnXjYP/guLKDpr2bhxpByAbGh7sa3x5GlXrhpo89c+uJ3pSLWZx0TJox/fR6OPHD
JPNUxTqhtfXhaIvsLxtErVm5QuBLpT5lPaM7SF3CtM4u3ONierzIZ8/XL+77LlgA
ZG/pVE+et5y7eNAFtUfdS7ZnvHUImC4XMIPCs9BBVnasRRgR+5oXpqa+3DtayMiM
Xz5WWYzwq7FPwpQUHWT/0svDkkwj7Flu++H+CAa12LkumP7E4Ut52jm81gsWxBBq
ddbOPJeUsIKXrlQyFTzENR2FXhPlHPylqaOF3aiBxPzG3pbswPlWYIloMkF49bWl
SrM=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:29:06 2025 by rpki-client