Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2c2L2w3lg0TV0dl314fYcrBScqs.roa
File: 2c2L2w3lg0TV0dl314fYcrBScqs.roa (raw, json)
Hash identifier: Lfs3OcHrjjVodEY+8bxS13aarSrSXox89uaq8Io5Db0=
Subject key identifier: D9:CD:8B:DB:0D:E5:83:44:D5:D1:D9:77:D7:87:D8:72:B0:52:72:AB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189F1CA0FF992F28CF3DC5D73779BD9A106
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2c2L2w3lg0TV0dl314fYcrBScqs.roa
Signing time: Mon 14 Aug 2023 02:04:58 +0000
ROA not before: Mon 14 Aug 2023 02:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:189:f1c9:e1a8/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f1:ca:0f:f9:92:f2:8c:f3:dc:5d:73:77:9b:d9:a1:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 14 02:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9cd8bdb0de58344d5d1d977d787d872b05272ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:96:3f:2a:4c:45:3b:66:70:04:08:3e:d0:7b:
c2:5a:9e:c9:3b:ae:0c:bf:04:a6:89:2d:35:36:88:
ca:10:be:07:47:fc:cc:88:5e:bd:6c:ad:79:fe:4e:
22:a2:fe:41:62:ec:e2:21:56:ac:0c:e9:b8:32:f3:
f2:ae:a3:49:e5:6b:7a:b3:68:93:bd:db:c4:78:f9:
58:af:b4:41:8e:85:fe:3f:a6:8e:9e:07:1c:02:bf:
c0:af:4b:00:3f:5f:92:35:65:11:4d:8c:e2:31:a0:
9b:9d:92:a6:60:35:0b:c2:89:91:cb:ae:d6:a2:2b:
7f:29:a5:c9:a1:a5:e3:32:ce:2e:06:39:1b:af:0c:
e0:bb:16:cc:62:7c:a0:e1:8b:ec:8b:fd:c3:35:3a:
50:fb:c8:66:a1:7c:cb:ee:8f:44:a7:e9:ad:97:78:
b7:ad:4d:81:00:32:fb:8d:3a:4c:71:fe:77:00:26:
f1:f2:1e:a4:11:01:d5:5c:eb:76:62:e3:bb:19:57:
43:bf:0d:7e:ad:91:50:d2:81:72:f7:65:1d:e9:4e:
77:66:6c:f9:2a:2b:df:e4:bd:2d:ae:ad:1d:a2:c8:
10:d7:18:64:b8:6f:45:76:84:c4:9b:92:26:f4:d3:
f6:7e:b4:f8:a2:8f:0d:d8:3f:57:71:2a:11:95:02:
14:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:CD:8B:DB:0D:E5:83:44:D5:D1:D9:77:D7:87:D8:72:B0:52:72:AB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2c2L2w3lg0TV0dl314fYcrBScqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:55:a1:60:98:3b:4c:1a:3f:d9:ea:d5:bd:3c:2a:52:0d:57:
21:de:da:c5:64:83:ce:1e:fb:41:88:79:9a:16:0c:01:c2:b2:
d6:99:13:d3:4c:87:d2:dc:37:43:95:3e:7f:c6:45:ff:4e:32:
12:20:d8:f1:a2:e0:a5:ef:14:58:ce:cc:f7:91:e5:a5:e4:11:
80:13:e9:b1:d2:64:ac:d5:42:5a:ed:45:7f:96:22:46:6c:73:
53:cd:64:53:ce:45:67:ad:85:60:d9:8e:a0:ca:2d:6e:30:33:
61:e0:d7:1c:26:d8:8c:28:31:c4:42:a5:37:10:a7:4d:a6:1a:
16:1f:ae:d7:cf:da:0e:3c:ba:42:28:76:f9:72:49:64:52:2a:
62:f7:6c:48:29:b6:40:3e:d3:f0:a4:fa:cb:81:fa:a2:1d:d2:
ae:76:d4:c0:75:5b:62:a0:3b:9c:1b:ac:65:ea:6d:da:87:ba:
81:b6:f9:fc:52:03:82:20:63:9b:48:74:c9:89:95:0e:3c:55:
29:a7:32:04:d7:42:01:10:d9:1b:8a:06:05:c3:35:94:d6:2d:
30:81:4c:10:6d:a3:e9:4c:d4:b6:87:16:1f:2d:bd:e9:8a:7d:
c8:eb:1b:67:50:db:1b:03:58:88:d7:a4:2d:e6:0d:e7:bb:7e:
8b:91:af:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnxyg/5kvKM89xdc3eb2aEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE0MDIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWNkOGJkYjBkZTU4MzQ0ZDVkMWQ5NzdkNzg3ZDg3MmIwNTI3MmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5Y/KkxFO2ZwBAg+0HvCWp7JO64M
vwSmiS01NojKEL4HR/zMiF69bK15/k4iov5BYuziIVasDOm4MvPyrqNJ5Wt6s2iT
vdvEePlYr7RBjoX+P6aOngccAr/Ar0sAP1+SNWURTYziMaCbnZKmYDULwomRy67W
oit/KaXJoaXjMs4uBjkbrwzguxbMYnyg4Yvsi/3DNTpQ+8hmoXzL7o9Ep+mtl3i3
rU2BADL7jTpMcf53ACbx8h6kEQHVXOt2YuO7GVdDvw1+rZFQ0oFy92Ud6U53Zmz5
Kivf5L0trq0dosgQ1xhkuG9FdoTEm5Im9NP2frT4oo8N2D9XcSoRlQIU6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNnNi9sN5YNE1dHZd9eH2HKwUnKrMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMmMyTDJ3M2xnMFRWMGRsMzE0ZlljckJTY3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABZVoWCYO0waP9nq1b08
KlINVyHe2sVkg84e+0GIeZoWDAHCstaZE9NMh9LcN0OVPn/GRf9OMhIg2PGi4KXv
FFjOzPeR5aXkEYAT6bHSZKzVQlrtRX+WIkZsc1PNZFPORWethWDZjqDKLW4wM2Hg
1xwm2IwoMcRCpTcQp02mGhYfrtfP2g48ukIodvlySWRSKmL3bEgptkA+0/Ck+suB
+qId0q521MB1W2KgO5wbrGXqbdqHuoG2+fxSA4IgY5tIdMmJlQ48VSmnMgTXQgEQ
2RuKBgXDNZTWLTCBTBBto+lM1LaHFh8tvemKfcjrG2dQ2xsDWIjXpC3mDee7fouR
ry0=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:39:39 2025 by rpki-client