Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2zn1H-hcmPOXRl122GEBK7097TU.roa
File: 2zn1H-hcmPOXRl122GEBK7097TU.roa (raw, json)
Hash identifier: mRB1qJj8zrI33DxsWo/jDDDWp5WI1F+fhVNCV7yRrt8=
Subject key identifier: DB:39:F5:1F:E8:5C:98:F3:97:46:5D:76:D8:61:01:2B:BD:3D:ED:35
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186898931C9B306C38D26BDBB6A3994F3BA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2zn1H-hcmPOXRl122GEBK7097TU.roa
Signing time: Sat 25 Feb 2023 17:05:15 +0000
ROA not before: Sat 25 Feb 2023 17:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:8988:50ab/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:89:89:31:c9:b3:06:c3:8d:26:bd:bb:6a:39:94:f3:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 17:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db39f51fe85c98f397465d76d861012bbd3ded35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4c:df:6f:c5:11:d1:e4:bb:e3:92:73:ce:79:
a9:f6:da:8e:f8:6f:f0:68:6d:9e:64:20:2c:17:c0:
6d:92:0a:c9:3c:4d:ef:f3:fd:86:76:bc:1b:4d:d1:
25:82:2c:f6:ca:ae:52:6d:a9:b3:ad:95:4b:de:f8:
f0:12:f0:f6:0b:18:a0:6d:15:a2:2c:89:cf:37:b8:
15:f9:30:11:a6:dd:18:7e:0f:05:a9:a5:f0:2e:c0:
57:70:a0:2e:88:77:80:96:e8:f6:6c:1b:ec:e0:d3:
16:c1:2f:43:6a:1d:bb:fa:b3:5d:8e:b6:d0:19:46:
18:3e:72:d6:f5:9a:15:05:b5:86:69:47:09:66:09:
44:ad:9d:be:6a:38:5e:e6:04:e0:73:77:6c:d0:13:
ad:d0:65:57:12:9e:d1:6e:5e:6a:ca:a4:77:60:56:
75:a0:27:6c:f9:81:46:c4:a0:7f:a3:cc:a8:e8:2e:
1d:d6:52:b1:dc:e6:45:64:0a:cb:f2:c8:5e:f7:59:
ec:87:0e:fd:63:33:5d:fb:4b:fc:89:96:34:f1:78:
22:c0:19:db:e8:ef:58:3c:fc:76:96:aa:fe:f9:52:
d2:b1:5b:b5:8f:53:25:37:09:44:0e:ce:f4:53:af:
cf:4c:2a:90:77:dc:49:2e:5f:5f:d2:f9:d4:f9:72:
ad:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:39:F5:1F:E8:5C:98:F3:97:46:5D:76:D8:61:01:2B:BD:3D:ED:35
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2zn1H-hcmPOXRl122GEBK7097TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:e7:c4:4e:15:ba:17:b7:0f:70:e5:ea:6f:69:37:0c:20:7f:
4a:b2:e9:c0:a5:47:7a:86:40:fe:36:04:72:b3:38:61:9d:a1:
91:27:dd:74:24:c4:4f:57:89:53:b4:e7:5a:36:0e:82:b8:14:
9c:3f:6e:eb:50:b7:48:ea:1c:3e:fa:ba:fd:f7:4d:bf:77:9b:
bd:3e:44:c4:fe:39:58:33:82:cc:92:4d:be:9c:1c:b7:39:87:
df:7f:f6:36:5f:78:98:fd:0d:bd:ab:69:91:36:0a:c2:00:60:
df:64:e3:e5:0f:bf:67:24:58:28:6d:81:b3:30:29:a6:74:7a:
b3:8e:07:bc:fc:4d:4d:50:c8:78:15:2f:89:17:40:0c:df:d2:
29:b3:2f:4a:7d:3b:7d:76:51:22:5f:30:d8:34:2d:96:fa:56:
bd:60:55:5e:42:a2:fd:81:ae:22:d3:28:28:96:70:2d:43:e7:
a1:d2:47:64:22:60:24:31:b4:6d:2e:e6:56:37:7d:45:af:2e:
bd:4f:6e:82:0b:6d:ac:91:49:89:ee:dc:c4:4c:0b:6a:2c:47:
92:77:1d:18:b5:0e:39:9f:64:4f:aa:89:e4:58:88:1c:f4:76:
e2:34:86:58:87:8b:e3:d4:63:62:5d:20:64:ee:05:b1:d9:c1:
6a:4f:da:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaJiTHJswbDjSa9u2o5lPO6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MTcwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjM5ZjUxZmU4NWM5OGYzOTc0NjVkNzZkODYxMDEyYmJkM2RlZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0zfb8UR0eS745Jzznmp9tqO+G/w
aG2eZCAsF8BtkgrJPE3v8/2GdrwbTdElgiz2yq5SbamzrZVL3vjwEvD2CxigbRWi
LInPN7gV+TARpt0Yfg8FqaXwLsBXcKAuiHeAluj2bBvs4NMWwS9Dah27+rNdjrbQ
GUYYPnLW9ZoVBbWGaUcJZglErZ2+ajhe5gTgc3ds0BOt0GVXEp7Rbl5qyqR3YFZ1
oCds+YFGxKB/o8yo6C4d1lKx3OZFZArL8she91nshw79YzNd+0v8iZY08XgiwBnb
6O9YPPx2lqr++VLSsVu1j1MlNwlEDs70U6/PTCqQd9xJLl9f0vnU+XKtVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNs59R/oXJjzl0ZddthhASu9Pe01MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMnpuMUgtaGNtUE9YUmwxMjJHRUJLNzA5N1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHfnxE4Vuhe3D3Dl6m9p
Nwwgf0qy6cClR3qGQP42BHKzOGGdoZEn3XQkxE9XiVO051o2DoK4FJw/butQt0jq
HD76uv33Tb93m70+RMT+OVgzgsySTb6cHLc5h99/9jZfeJj9Db2raZE2CsIAYN9k
4+UPv2ckWChtgbMwKaZ0erOOB7z8TU1QyHgVL4kXQAzf0imzL0p9O312USJfMNg0
LZb6Vr1gVV5Cov2BriLTKCiWcC1D56HSR2QiYCQxtG0u5lY3fUWvLr1PboILbayR
SYnu3MRMC2osR5J3HRi1DjmfZE+qieRYiBz0duI0hliHi+PUY2JdIGTuBbHZwWpP
2uI=
-----END CERTIFICATE-----
Generated at Fri May 2 02:37:05 2025 by rpki-client