Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2eh_W7lmUEqfdwws_SUeOO_lwTY.roa
File: 2eh_W7lmUEqfdwws_SUeOO_lwTY.roa (raw, json)
Hash identifier: HJ0hmqoJ5aS5eETTwTOMXRYzB/1Vrzteh65ihxjxldA=
Subject key identifier: D9:E8:7F:5B:B9:66:50:4A:9F:77:0C:2C:FD:25:1E:38:EF:E5:C1:36
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018657F7088CFC8112F1A6A5E50E5BCC7AE7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2eh_W7lmUEqfdwws_SUeOO_lwTY.roa
Signing time: Thu 16 Feb 2023 02:04:12 +0000
ROA not before: Thu 16 Feb 2023 02:04:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:57f6:f6e6/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:57:f7:08:8c:fc:81:12:f1:a6:a5:e5:0e:5b:cc:7a:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 16 02:04:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9e87f5bb966504a9f770c2cfd251e38efe5c136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:80:43:04:ff:9a:0a:35:84:bd:fd:cb:3b:c2:
60:47:e0:8e:b7:7f:f1:39:c3:d6:5e:2a:14:a1:b6:
eb:68:2e:cb:f1:36:3a:06:35:8a:75:9b:7c:75:c7:
d4:a4:ab:69:71:a2:72:bc:df:bc:53:53:e3:86:71:
23:da:01:27:f7:56:96:6c:5f:7d:54:28:ea:e5:01:
a8:0d:76:57:4c:e7:2c:2f:45:a5:35:dc:c6:16:03:
f0:02:41:10:be:bc:cd:fb:d1:0f:86:9e:56:a8:f3:
43:3d:e9:78:2a:84:d5:61:6e:4a:24:aa:3c:17:a7:
80:05:5f:90:66:86:0b:3b:87:65:79:35:cb:8d:ac:
b0:33:3b:d1:1e:51:82:2f:2e:02:5b:47:7b:91:1f:
9f:46:62:0f:ed:42:c0:6e:c4:16:dd:1c:8f:e2:51:
38:7c:fd:aa:30:1c:11:5a:66:dc:07:1f:f4:27:e5:
c8:3e:29:5e:86:36:27:ff:89:de:ae:b1:39:1b:6d:
fe:eb:58:b8:b1:8e:7b:f1:99:98:a8:5c:81:8b:a0:
02:d7:7a:1b:24:a8:86:5f:6e:35:51:3f:34:23:89:
48:bb:f3:3f:b4:98:14:2d:6b:73:ec:35:44:79:b4:
6a:e2:73:4c:19:a5:96:1a:f2:7d:13:e4:54:34:a3:
3b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E8:7F:5B:B9:66:50:4A:9F:77:0C:2C:FD:25:1E:38:EF:E5:C1:36
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2eh_W7lmUEqfdwws_SUeOO_lwTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
54:72:a9:a8:b6:06:5b:b2:9e:34:0a:9c:26:6f:f0:4a:28:56:
13:b7:bf:f7:33:c3:ea:27:d4:b9:8c:50:e1:6e:5d:05:07:2a:
7d:87:3a:2c:ae:7c:03:9a:48:ff:7a:b7:99:ac:07:39:78:28:
ff:87:b6:9c:1f:e9:d4:24:83:51:ac:b8:ba:76:b5:03:13:c4:
06:cc:d6:40:cb:70:1a:90:1b:9e:04:95:b2:37:fb:b2:8e:bb:
ff:31:60:f3:a9:05:f9:e4:d2:e2:57:15:1b:51:58:1e:4d:fe:
46:c5:89:64:48:cc:94:a6:97:6b:24:97:b2:86:44:84:0c:96:
e3:74:ec:b1:f7:62:9c:b0:b9:5f:49:2b:1b:d8:0a:ce:e3:0a:
d0:97:69:ab:38:97:11:e6:5c:bc:84:7c:b1:b6:ea:16:e3:ee:
8c:de:93:a9:fb:29:0b:b2:27:5a:5c:11:ca:6f:77:82:f0:dc:
c4:18:2d:34:cf:80:17:1d:20:5f:39:7f:59:83:39:86:7d:2d:
5a:fd:3a:ff:4a:60:7c:51:82:9a:3f:a9:86:72:cb:cc:84:e2:
1e:77:d6:bf:4f:24:e9:3e:6c:67:a1:8a:bf:11:72:62:70:e6:
ca:c0:df:ca:46:7e:15:0d:b4:6c:8a:76:4e:78:da:d1:d2:06:
d2:44:ca:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZX9wiM/IES8aal5Q5bzHrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE2MDIwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWU4N2Y1YmI5NjY1MDRhOWY3NzBjMmNmZDI1MWUzOGVmZTVjMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74BDBP+aCjWEvf3LO8JgR+COt3/x
OcPWXioUobbraC7L8TY6BjWKdZt8dcfUpKtpcaJyvN+8U1PjhnEj2gEn91aWbF99
VCjq5QGoDXZXTOcsL0WlNdzGFgPwAkEQvrzN+9EPhp5WqPNDPel4KoTVYW5KJKo8
F6eABV+QZoYLO4dleTXLjaywMzvRHlGCLy4CW0d7kR+fRmIP7ULAbsQW3RyP4lE4
fP2qMBwRWmbcBx/0J+XIPilehjYn/4nerrE5G23+61i4sY578ZmYqFyBi6AC13ob
JKiGX241UT80I4lIu/M/tJgULWtz7DVEebRq4nNMGaWWGvJ9E+RUNKM7awIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNnof1u5ZlBKn3cMLP0lHjjv5cE2MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMmVoX1c3bG1VRXFmZHd3c19TVWVPT19sd1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFRyqai2BluynjQKnCZv
8EooVhO3v/czw+on1LmMUOFuXQUHKn2HOiyufAOaSP96t5msBzl4KP+Htpwf6dQk
g1GsuLp2tQMTxAbM1kDLcBqQG54ElbI3+7KOu/8xYPOpBfnk0uJXFRtRWB5N/kbF
iWRIzJSml2skl7KGRIQMluN07LH3YpywuV9JKxvYCs7jCtCXaas4lxHmXLyEfLG2
6hbj7ozek6n7KQuyJ1pcEcpvd4Lw3MQYLTTPgBcdIF85f1mDOYZ9LVr9Ov9KYHxR
gpo/qYZyy8yE4h531r9PJOk+bGehir8RcmJw5srA38pGfhUNtGyKdk542tHSBtJE
ysw=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:29:09 2025 by rpki-client