Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/29svpLqkn7SJsfvIYCPVMRUeIQA.roa
File: 29svpLqkn7SJsfvIYCPVMRUeIQA.roa (raw, json)
Hash identifier: OoE4ud+Jm44ttbhhLfIyNDkXNuxpS2VKlpLfSfELP8I=
Subject key identifier: DB:DB:2F:A4:BA:A4:9F:B4:89:B1:FB:C8:60:23:D5:31:15:1E:21:00
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188962D03F71C0F2FC26EAB97C85F97AC18
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/29svpLqkn7SJsfvIYCPVMRUeIQA.roa
Signing time: Wed 07 Jun 2023 14:05:12 +0000
ROA not before: Wed 07 Jun 2023 14:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:188:962c:41b6/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:96:2d:03:f7:1c:0f:2f:c2:6e:ab:97:c8:5f:97:ac:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 7 14:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbdb2fa4baa49fb489b1fbc86023d531151e2100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8e:3e:9d:95:75:da:dd:72:a7:e2:0f:55:88:
47:a1:ea:a5:f1:44:71:44:00:86:92:b1:dc:7d:23:
ea:6d:61:0c:3b:e1:43:70:68:57:2f:24:f9:89:ad:
19:bc:75:ed:b8:16:9c:4a:d5:ea:5e:0d:55:78:8d:
8d:86:c3:66:f6:06:b9:5d:d1:d9:ae:67:45:60:bd:
08:83:25:be:12:28:e0:d6:60:47:a6:87:d1:a3:42:
8e:4b:70:3b:f8:e3:d9:a0:65:12:22:3d:02:40:a9:
e3:34:c5:d4:35:67:82:51:c3:3a:f1:cb:bc:70:0e:
25:2d:15:2a:0c:6c:3d:d1:2e:40:24:39:3e:87:b9:
a6:79:49:df:36:15:12:d8:fa:c1:f2:de:c5:1a:c1:
c9:bc:eb:ca:22:6f:34:b6:ab:ec:4c:f9:fa:e5:94:
9c:d0:a0:e7:4e:ca:40:49:62:b9:e6:c2:8e:33:0e:
ae:09:68:98:79:02:fa:76:24:64:22:76:f3:ee:77:
01:5f:a2:51:2a:f1:9e:eb:e9:10:1e:8d:07:3a:c3:
20:bb:4a:5f:de:99:43:97:fe:76:6b:bb:2a:a8:13:
12:75:87:0c:c7:9c:ec:63:34:28:83:0e:bd:fb:ef:
86:e6:ff:95:aa:9d:ff:a1:4b:3b:9f:59:a9:5c:36:
86:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:DB:2F:A4:BA:A4:9F:B4:89:B1:FB:C8:60:23:D5:31:15:1E:21:00
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/29svpLqkn7SJsfvIYCPVMRUeIQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:e3:ae:0a:d1:39:c3:ac:56:b9:4c:7a:31:b3:c6:df:64:5b:
08:d1:2e:52:4f:f5:97:1e:d7:53:60:d0:f4:53:b9:2b:db:95:
21:d2:97:b7:f6:d3:c4:54:60:c9:25:23:29:4d:72:c8:cd:5a:
ba:fa:15:b3:33:69:51:2f:b1:3d:bc:3f:1a:75:4f:f8:e3:ec:
d1:4e:ac:e4:0e:12:1c:69:8d:79:67:ef:e0:8f:8f:dc:b8:3c:
7a:5c:88:10:76:47:11:3c:3d:9a:51:62:96:72:4f:27:de:27:
b6:13:62:9f:0a:05:41:f3:a7:41:ae:e8:30:a1:2d:1c:ab:e4:
a1:75:2b:02:9f:8f:c3:90:1d:8e:25:e8:a5:85:61:c3:85:b0:
10:26:7a:25:a8:c9:91:fd:d2:64:34:8e:08:b5:e0:f6:62:61:
a3:c2:4f:c1:6d:94:e8:51:2e:fe:2b:02:d6:75:75:42:82:b9:
11:30:35:1e:61:92:37:69:69:83:50:83:92:f2:bb:8b:ac:f3:
da:85:cb:fe:52:9c:0b:d6:d1:45:8b:d9:c3:fe:a8:f7:0e:17:
53:64:6b:6e:d1:69:f7:ff:54:a7:1a:60:0e:24:4f:0d:38:ea:
9c:36:a4:4f:f0:fe:03:00:6d:5c:7e:32:1d:07:8c:7f:1d:76:
e4:e4:e5:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiWLQP3HA8vwm6rl8hfl6wYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjA3MTQwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmRiMmZhNGJhYTQ5ZmI0ODliMWZiYzg2MDIzZDUzMTE1MWUyMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAro4+nZV12t1yp+IPVYhHoeql8URx
RACGkrHcfSPqbWEMO+FDcGhXLyT5ia0ZvHXtuBacStXqXg1VeI2NhsNm9ga5XdHZ
rmdFYL0IgyW+Eijg1mBHpofRo0KOS3A7+OPZoGUSIj0CQKnjNMXUNWeCUcM68cu8
cA4lLRUqDGw90S5AJDk+h7mmeUnfNhUS2PrB8t7FGsHJvOvKIm80tqvsTPn65ZSc
0KDnTspASWK55sKOMw6uCWiYeQL6diRkInbz7ncBX6JRKvGe6+kQHo0HOsMgu0pf
3plDl/52a7sqqBMSdYcMx5zsYzQogw69+++G5v+Vqp3/oUs7n1mpXDaGnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNvbL6S6pJ+0ibH7yGAj1TEVHiEAMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMjlzdnBMcWtuN1NKc2Z2SVlDUFZNUlVlSVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKTjrgrROcOsVrlMejGz
xt9kWwjRLlJP9Zce11Ng0PRTuSvblSHSl7f208RUYMklIylNcsjNWrr6FbMzaVEv
sT28Pxp1T/jj7NFOrOQOEhxpjXln7+CPj9y4PHpciBB2RxE8PZpRYpZyTyfeJ7YT
Yp8KBUHzp0Gu6DChLRyr5KF1KwKfj8OQHY4l6KWFYcOFsBAmeiWoyZH90mQ0jgi1
4PZiYaPCT8FtlOhRLv4rAtZ1dUKCuREwNR5hkjdpaYNQg5Lyu4us89qFy/5SnAvW
0UWL2cP+qPcOF1Nka27Raff/VKcaYA4kTw046pw2pE/w/gMAbVx+Mh0HjH8dduTk
5fY=
-----END CERTIFICATE-----
Generated at Thu May 1 02:20:57 2025 by rpki-client