Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/33VbI1ZHJmiR7fccz2xvMvGy4Jo.roa
File: 33VbI1ZHJmiR7fccz2xvMvGy4Jo.roa (raw, json)
Hash identifier: 7TNRP88Y+nBs5VXeXjcLHpNeuv9WqWS+4EPiTrdya8o=
Subject key identifier: DF:75:5B:23:56:47:26:68:91:ED:F7:1C:CF:6C:6F:32:F1:B2:E0:9A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189A2697298FA432EFF2E290969AB86130E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/33VbI1ZHJmiR7fccz2xvMvGy4Jo.roa
Signing time: Sat 29 Jul 2023 16:09:26 +0000
ROA not before: Sat 29 Jul 2023 16:09:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a2:69:72:98:fa:43:2e:ff:2e:29:09:69:ab:86:13:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 29 16:09:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df755b235647266891edf71ccf6c6f32f1b2e09a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2a:9b:ea:1b:b7:51:9c:9b:2b:f0:0c:e3:07:
8a:14:9c:1c:0a:d0:30:60:79:bc:79:2d:ba:01:84:
90:36:d6:70:d9:04:50:a7:40:09:58:6e:c4:09:45:
cb:ec:59:ab:bd:dd:d3:b2:45:56:62:76:9f:c4:93:
c3:2f:d7:32:d6:3b:b5:24:77:41:d8:c2:0a:f4:27:
5c:fa:3f:60:92:08:3a:5f:8c:29:c2:44:5c:eb:2c:
a1:c2:18:ca:3a:84:ed:ec:89:15:c2:aa:51:1c:9e:
50:38:b4:f7:1e:ee:90:73:b8:77:68:73:4f:57:dd:
65:be:87:05:20:59:c4:4e:fa:2e:76:31:7a:5d:98:
f1:78:da:a4:51:e3:20:a6:45:5d:10:23:48:69:9e:
d5:5c:cf:6b:c5:ea:a7:66:f1:df:a7:e4:ae:7b:0a:
9d:01:47:d3:b5:cb:4c:e7:b7:81:d8:a3:a9:d4:50:
f8:4f:d8:c0:3e:bd:b0:78:aa:71:be:8d:ab:86:47:
55:75:ff:9c:e5:e0:ef:cb:ab:06:0e:2d:e4:cd:3e:
3a:c7:3f:36:3f:04:10:a5:86:3d:75:f7:04:f4:93:
08:2b:8c:87:53:30:cc:df:06:1e:ed:4b:64:de:45:
d1:6d:ca:3e:66:48:65:0e:9b:45:b5:30:2b:30:ed:
20:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:75:5B:23:56:47:26:68:91:ED:F7:1C:CF:6C:6F:32:F1:B2:E0:9A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/33VbI1ZHJmiR7fccz2xvMvGy4Jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:79:33:46:af:30:6b:78:5d:e2:29:a1:c3:d8:50:d3:1f:57:
3b:37:e8:77:50:71:d4:65:42:ac:6a:65:87:ce:1f:00:9b:27:
fc:81:65:dc:2f:63:a6:13:3a:40:19:31:34:ed:02:57:00:a3:
ea:28:bf:45:8e:f3:cf:4f:b8:8f:24:ad:a6:ec:ba:e0:47:1f:
3b:20:26:bc:c8:b8:6b:b7:e3:43:22:db:1e:74:90:6f:5b:09:
c9:83:b1:1c:71:f5:4e:dd:56:0d:a6:80:fe:d0:c1:80:b0:34:
e7:8a:b1:cd:04:49:f1:9a:5e:ab:90:ce:51:51:c9:7d:f0:c1:
af:4e:1f:a4:68:ca:1d:01:66:65:cd:b5:50:25:25:24:e8:f5:
a8:7d:17:4c:4b:79:30:20:d3:c0:e7:d1:3e:0e:1b:2d:93:7c:
71:78:94:fc:45:ff:85:5a:1e:0e:72:42:e6:51:9a:4a:39:b4:
63:0f:0d:3b:e2:7c:88:31:4d:4b:42:c7:a3:4d:eb:fa:8e:73:
7d:5b:1e:29:43:a3:8c:3e:d9:8a:90:03:2f:69:d3:c4:b2:2f:
7f:f8:3a:d2:0e:31:3e:c6:66:fe:01:e9:37:49:d2:79:4f:f7:
30:e6:94:50:27:7c:c4:5b:a4:7c:57:e2:6b:be:51:8c:1d:5e:
7b:b4:c2:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmiaXKY+kMu/y4pCWmrhhMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI5MTYwOTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjc1NWIyMzU2NDcyNjY4OTFlZGY3MWNjZjZjNmYzMmYxYjJlMDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSqb6hu3UZybK/AM4weKFJwcCtAw
YHm8eS26AYSQNtZw2QRQp0AJWG7ECUXL7Fmrvd3TskVWYnafxJPDL9cy1ju1JHdB
2MIK9Cdc+j9gkgg6X4wpwkRc6yyhwhjKOoTt7IkVwqpRHJ5QOLT3Hu6Qc7h3aHNP
V91lvocFIFnETvoudjF6XZjxeNqkUeMgpkVdECNIaZ7VXM9rxeqnZvHfp+Suewqd
AUfTtctM57eB2KOp1FD4T9jAPr2weKpxvo2rhkdVdf+c5eDvy6sGDi3kzT46xz82
PwQQpYY9dfcE9JMIK4yHUzDM3wYe7Utk3kXRbco+ZkhlDptFtTArMO0ghwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN91WyNWRyZoke33HM9sbzLxsuCaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMzNWYkkxWkhKbWlSN2ZjY3oyeHZNdkd5NEpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIl5M0avMGt4XeIpocPY
UNMfVzs36HdQcdRlQqxqZYfOHwCbJ/yBZdwvY6YTOkAZMTTtAlcAo+oov0WO889P
uI8krabsuuBHHzsgJrzIuGu340Mi2x50kG9bCcmDsRxx9U7dVg2mgP7QwYCwNOeK
sc0ESfGaXquQzlFRyX3wwa9OH6Royh0BZmXNtVAlJSTo9ah9F0xLeTAg08Dn0T4O
Gy2TfHF4lPxF/4VaHg5yQuZRmko5tGMPDTvifIgxTUtCx6NN6/qOc31bHilDo4w+
2YqQAy9p08SyL3/4OtIOMT7GZv4B6TdJ0nlP9zDmlFAnfMRbpHxX4mu+UYwdXnu0
wok=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:11 2025 by rpki-client