Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2bMgU2xcdQ81HXOCJQyJ05Lw0AY.roa
File: 2bMgU2xcdQ81HXOCJQyJ05Lw0AY.roa (raw, json)
Hash identifier: YucFcyX0aempXQvrT5O8dUQTGbJ1iztsx2S2E/SXyqA=
Subject key identifier: D9:B3:20:53:6C:5C:75:0F:35:1D:73:82:25:0C:89:D3:92:F0:D0:06
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A18A02B32D763151DE9D0A424AB345A9F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2bMgU2xcdQ81HXOCJQyJ05Lw0AY.roa
Signing time: Mon 21 Aug 2023 15:04:24 +0000
ROA not before: Mon 21 Aug 2023 15:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:18a:18a0:21f6/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:a0:2b:32:d7:63:15:1d:e9:d0:a4:24:ab:34:5a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 21 15:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9b320536c5c750f351d7382250c89d392f0d006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:47:fd:7d:0b:9b:f0:fb:76:5f:64:23:c1:3c:
36:6c:21:16:8f:f8:a2:f2:59:c9:22:7d:14:de:58:
1e:64:26:2b:22:e3:b6:07:7e:42:f3:39:e1:e0:ee:
12:03:57:ab:9c:4b:2d:a8:51:7d:13:6d:b8:d7:c7:
33:15:39:d9:9f:7d:f4:f6:c7:dc:c1:97:16:dd:f7:
03:c9:62:db:c3:12:23:9c:89:72:8b:40:9b:c4:42:
58:49:68:7d:01:46:00:2d:c6:63:73:46:75:ab:7a:
2e:8d:86:d4:27:81:6d:7b:8f:a6:97:7f:15:f0:79:
14:8e:ef:4d:ac:ef:3a:0a:97:a5:83:03:c8:b9:2c:
0b:e5:1f:8f:1a:dd:dc:10:db:f3:40:01:dd:86:7c:
7e:e2:a8:5e:a3:86:de:c2:28:48:27:d0:a8:eb:6a:
b4:e3:02:94:dd:25:49:7d:93:a2:2b:7e:70:da:1d:
9a:a3:84:aa:f7:c2:5d:63:75:5b:1b:66:76:14:1a:
b0:0a:bc:4f:d9:91:c7:db:db:0f:4e:9d:0d:d9:fc:
ff:0e:c5:c4:28:0c:b9:b5:74:17:24:c2:a3:dd:78:
ba:72:e9:bb:58:67:c6:a3:c9:38:3c:f1:7d:f7:ed:
02:e5:c3:2f:13:09:ca:15:10:be:3c:3f:94:5c:a5:
10:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B3:20:53:6C:5C:75:0F:35:1D:73:82:25:0C:89:D3:92:F0:D0:06
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2bMgU2xcdQ81HXOCJQyJ05Lw0AY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:4b:00:02:02:e3:fe:9a:96:da:72:be:cb:fe:09:8f:f8:fb:
d9:83:89:9d:91:bc:3c:0b:8f:70:53:0c:2d:82:f9:bf:74:55:
eb:d9:27:f8:9b:52:b8:9c:59:3e:76:2e:1d:39:f4:8e:ae:96:
9a:58:5d:11:ef:0f:3b:1b:1f:d6:fb:28:82:2b:6d:06:83:fc:
cf:34:43:e7:89:88:78:85:81:20:1a:c5:4a:37:76:1a:57:9b:
e0:04:3e:df:85:ff:94:f8:0d:73:a8:d3:a0:9d:af:a8:21:e3:
f4:0b:8e:3b:83:a8:7f:66:f0:23:3e:13:ba:f0:78:bb:fc:44:
07:e6:95:2f:43:94:3e:7b:21:1c:3f:21:06:8e:fd:64:48:99:
7f:f9:8e:b5:d2:70:0d:bb:b4:77:e5:01:4e:d3:c2:9c:fd:c2:
fe:53:0c:16:17:21:54:ba:e0:ce:17:4f:5c:29:86:2c:46:9e:
bb:b4:07:40:5a:f6:a8:7a:60:3c:52:65:ba:b4:5c:9d:f9:d0:
65:f4:b1:17:9e:2d:35:a3:6c:e9:c9:30:9d:ab:aa:43:e3:a7:
1b:12:3d:1b:53:cb:24:57:cf:3f:38:64:6e:f9:87:12:1b:4c:
22:28:25:54:98:af:7b:77:47:89:f2:e2:9f:39:68:64:58:14:
f5:d8:32:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoYoCsy12MVHenQpCSrNFqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIxMTUwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWIzMjA1MzZjNWM3NTBmMzUxZDczODIyNTBjODlkMzkyZjBkMDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUf9fQub8Pt2X2QjwTw2bCEWj/ii
8lnJIn0U3lgeZCYrIuO2B35C8znh4O4SA1ernEstqFF9E22418czFTnZn3309sfc
wZcW3fcDyWLbwxIjnIlyi0CbxEJYSWh9AUYALcZjc0Z1q3oujYbUJ4Fte4+ml38V
8HkUju9NrO86CpelgwPIuSwL5R+PGt3cENvzQAHdhnx+4qheo4bewihIJ9Co62q0
4wKU3SVJfZOiK35w2h2ao4Sq98JdY3VbG2Z2FBqwCrxP2ZHH29sPTp0N2fz/DsXE
KAy5tXQXJMKj3Xi6cum7WGfGo8k4PPF99+0C5cMvEwnKFRC+PD+UXKUQ4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNmzIFNsXHUPNR1zgiUMidOS8NAGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMmJNZ1UyeGNkUTgxSFhPQ0pReUowNUx3MEFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKVLAAIC4/6altpyvsv+
CY/4+9mDiZ2RvDwLj3BTDC2C+b90VevZJ/ibUricWT52Lh059I6ulppYXRHvDzsb
H9b7KIIrbQaD/M80Q+eJiHiFgSAaxUo3dhpXm+AEPt+F/5T4DXOo06Cdr6gh4/QL
jjuDqH9m8CM+E7rweLv8RAfmlS9DlD57IRw/IQaO/WRImX/5jrXScA27tHflAU7T
wpz9wv5TDBYXIVS64M4XT1wphixGnru0B0Ba9qh6YDxSZbq0XJ350GX0sReeLTWj
bOnJMJ2rqkPjpxsSPRtTyyRXzz84ZG75hxIbTCIoJVSYr3t3R4ny4p85aGRYFPXY
MlQ=
-----END CERTIFICATE-----
Generated at Thu May 1 03:34:15 2025 by rpki-client