Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/32QvFFHRmOY6C7QmZXbq5JpjmQw.roa
File: 32QvFFHRmOY6C7QmZXbq5JpjmQw.roa (raw, json)
Hash identifier: gJS2yE8DFwatF3o8oXsedbXT61lDKoP4py+QVBeeSAE=
Subject key identifier: DF:64:2F:14:51:D1:98:E6:3A:0B:B4:26:65:76:EA:E4:9A:63:99:0C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A1ED9BA3DF1C50BCB8E93CB73FDE128E2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/32QvFFHRmOY6C7QmZXbq5JpjmQw.roa
Signing time: Tue 22 Aug 2023 20:05:00 +0000
ROA not before: Tue 22 Aug 2023 20:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
2001:67c:64:ffff:0:18a:1ed9:668/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1e:d9:ba:3d:f1:c5:0b:cb:8e:93:cb:73:fd:e1:28:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 22 20:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df642f1451d198e63a0bb4266576eae49a63990c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d8:b4:8b:42:82:2e:d4:8c:a6:21:88:be:33:
8e:de:75:26:fc:1c:5b:bf:a8:26:4f:f7:65:f5:68:
26:f3:35:e9:b2:8b:46:9d:e1:87:d3:9b:13:be:57:
75:4d:55:93:15:62:b5:4b:fc:db:8a:18:21:80:00:
b5:38:6f:4c:5f:1c:57:fb:6d:b8:de:ac:96:90:9a:
d3:18:58:30:f1:08:13:25:0f:79:e8:d5:da:4d:f4:
23:27:3d:bd:dc:dd:f3:c8:e4:19:3f:f5:a2:f2:03:
b6:1b:e9:66:75:42:7e:4c:2f:6d:1e:c5:a4:67:95:
63:ab:a0:91:d9:f0:26:55:10:f0:b9:88:3e:f2:01:
0d:8e:41:ff:3e:0b:a6:c9:13:68:93:eb:14:40:cf:
c2:70:6f:07:f7:6e:09:be:8b:a3:a6:54:35:d4:41:
b3:a0:4c:84:a0:f8:9f:08:7f:8f:e8:8f:15:c8:4e:
10:68:ae:c6:e3:c7:8b:4a:fa:ca:44:aa:7e:41:e8:
0e:9f:77:c8:e9:61:d5:d9:12:f6:40:90:42:1e:a9:
33:39:59:b9:17:e1:6b:19:52:8e:64:93:c1:9c:f9:
ad:56:ee:e8:c8:cf:2a:06:b2:16:0b:bc:04:ea:3c:
5b:72:27:cf:ad:31:9d:db:99:6e:d7:81:59:72:92:
13:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:64:2F:14:51:D1:98:E6:3A:0B:B4:26:65:76:EA:E4:9A:63:99:0C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/32QvFFHRmOY6C7QmZXbq5JpjmQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:dd:fa:40:3e:1c:31:42:7f:29:cf:c3:e8:13:41:1a:39:67:
e1:3d:8b:6d:a5:c0:65:47:c3:77:07:87:8c:23:65:82:95:19:
55:52:6a:30:ac:3f:9d:27:97:fd:46:7c:bb:c5:59:4f:e5:02:
f0:6f:23:83:a7:79:38:64:e5:5b:42:2a:65:e6:af:63:0d:21:
51:ab:c4:52:96:68:24:fd:8b:1f:39:02:f3:88:df:b5:9e:bc:
4e:c7:f6:a2:f3:ff:ca:86:0f:da:2e:44:31:38:1a:12:77:cb:
64:1f:81:13:78:0e:60:18:7c:3b:9e:6c:71:62:1c:d3:fc:45:
46:11:7c:94:11:29:fb:05:a1:b0:dd:b6:a4:0b:ea:5b:ac:62:
a4:3f:34:85:75:48:f6:a3:d2:d1:c2:fd:63:18:0d:b5:8e:a6:
d3:be:71:b6:63:dd:66:a2:90:3d:1f:df:a8:28:b8:02:c9:ab:
ed:02:33:b6:4e:f3:9d:ac:03:09:2e:a3:be:dc:3c:b4:86:80:
8d:a8:bf:a6:62:91:a7:9e:d2:29:21:53:29:df:01:70:d9:2d:
78:a2:dd:44:6a:68:3c:f3:48:b6:47:79:13:67:83:b5:a3:7a:
f9:78:8e:ca:00:3b:54:ed:e4:1d:09:15:f7:7b:ab:6e:3d:78:
ce:72:fe:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoe2bo98cULy46Ty3P94SjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIyMjAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjY0MmYxNDUxZDE5OGU2M2EwYmI0MjY2NTc2ZWFlNDlhNjM5OTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNi0i0KCLtSMpiGIvjOO3nUm/Bxb
v6gmT/dl9Wgm8zXpsotGneGH05sTvld1TVWTFWK1S/zbihghgAC1OG9MXxxX+224
3qyWkJrTGFgw8QgTJQ956NXaTfQjJz293N3zyOQZP/Wi8gO2G+lmdUJ+TC9tHsWk
Z5Vjq6CR2fAmVRDwuYg+8gENjkH/PgumyRNok+sUQM/CcG8H924JvoujplQ11EGz
oEyEoPifCH+P6I8VyE4QaK7G48eLSvrKRKp+QegOn3fI6WHV2RL2QJBCHqkzOVm5
F+FrGVKOZJPBnPmtVu7oyM8qBrIWC7wE6jxbcifPrTGd25lu14FZcpITYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN9kLxRR0ZjmOgu0JmV26uSaY5kMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMzJRdkZGSFJtT1k2QzdRbVpYYnE1SnBqbVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACzd+kA+HDFCfynPw+gT
QRo5Z+E9i22lwGVHw3cHh4wjZYKVGVVSajCsP50nl/1GfLvFWU/lAvBvI4OneThk
5VtCKmXmr2MNIVGrxFKWaCT9ix85AvOI37WevE7H9qLz/8qGD9ouRDE4GhJ3y2Qf
gRN4DmAYfDuebHFiHNP8RUYRfJQRKfsFobDdtqQL6lusYqQ/NIV1SPaj0tHC/WMY
DbWOptO+cbZj3WaikD0f36gouALJq+0CM7ZO852sAwkuo77cPLSGgI2ov6Zikaee
0ikhUynfAXDZLXii3URqaDzzSLZHeRNng7Wjevl4jsoAO1Tt5B0JFfd7q249eM5y
/nE=
-----END CERTIFICATE-----
Generated at Fri May 2 09:19:07 2025 by rpki-client