Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3ZVQosApCoXrPqfv-IXzN5vsM08.roa
File: 3ZVQosApCoXrPqfv-IXzN5vsM08.roa (raw, json)
Hash identifier: QV6k1kB/ugsAMPdzTyho+/3TZjJZ6Gk6cUY5oy2eU3g=
Subject key identifier: DD:95:50:A2:C0:29:0A:85:EB:3E:A7:EF:F8:85:F3:37:9B:EC:33:4F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189FA6719B10F273DB6EE77F8C83281F0CC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3ZVQosApCoXrPqfv-IXzN5vsM08.roa
Signing time: Tue 15 Aug 2023 18:13:28 +0000
ROA not before: Tue 15 Aug 2023 18:13:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fa:67:19:b1:0f:27:3d:b6:ee:77:f8:c8:32:81:f0:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 15 18:13:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd9550a2c0290a85eb3ea7eff885f3379bec334f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d3:5b:55:7a:2c:50:f0:87:b3:b8:0a:0f:3a:
a5:56:53:68:7a:7d:e1:8c:a7:8c:17:8d:e2:5f:14:
e0:7d:3f:68:32:9d:19:72:d5:9e:32:3b:ca:4c:19:
9d:1e:23:c9:61:c5:ff:dd:e9:53:80:73:68:a9:5b:
7e:28:2e:9d:83:da:29:24:d6:ce:ec:da:13:ab:bb:
d1:bb:4a:0c:2b:9d:8e:b8:b9:92:1f:0a:0c:1a:f5:
7c:e0:23:5a:c2:fa:ec:c1:9a:c3:b0:ba:65:d5:40:
a1:6d:93:74:a2:00:5a:06:62:80:70:4d:7d:75:b6:
22:f4:81:e3:ed:f0:6b:f5:fc:94:05:6a:02:6f:99:
84:b6:a2:94:f2:57:c2:ec:e5:45:ef:43:e5:fb:58:
74:92:15:bc:02:41:e4:d8:6a:16:be:01:2d:85:a2:
6d:ba:08:66:16:55:e8:74:ba:e4:d3:a8:c8:9f:99:
2e:a8:a1:7b:87:87:c2:83:a2:14:1f:6b:44:e1:da:
f9:54:12:a4:31:6e:1a:e1:ca:16:9d:89:9c:2e:91:
f0:5d:72:c9:40:63:cf:b9:65:df:75:44:99:a9:42:
12:55:36:ed:ec:23:d1:e7:9f:51:4c:da:cc:bb:29:
9f:af:1b:77:d6:5a:3d:fb:e2:ce:c8:3d:9a:0c:e2:
f3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:95:50:A2:C0:29:0A:85:EB:3E:A7:EF:F8:85:F3:37:9B:EC:33:4F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3ZVQosApCoXrPqfv-IXzN5vsM08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:85:d4:d9:da:99:9b:49:2e:30:a4:0e:83:10:be:8f:e5:78:
d9:29:20:8c:fa:98:86:2e:2a:7b:3f:1c:58:57:09:af:a5:cc:
fb:3e:9f:a1:71:6a:02:64:b6:c6:b1:9f:c3:71:f3:24:2a:c7:
2b:16:73:fe:d9:bb:10:ca:fe:6c:e9:11:55:50:ac:2a:08:2b:
09:57:89:ec:5d:5f:5c:df:26:22:e5:a6:64:4b:1e:d3:33:94:
3c:48:e9:c0:99:f5:3b:fd:7a:c0:7a:20:a1:79:e7:e1:e5:3a:
6d:a4:10:f8:e4:94:ed:07:d9:5b:ea:a3:ae:72:58:64:a7:f9:
63:4e:34:a9:d6:31:3f:b5:6b:bc:eb:e1:71:14:0d:2c:ef:55:
bc:21:23:15:23:41:09:8c:c4:95:47:e3:5e:40:15:2b:ce:6d:
cc:ab:41:89:d0:fb:c5:fc:31:93:56:5f:28:83:bc:bf:55:b7:
32:fa:1b:36:1b:79:56:26:a8:2f:5d:c3:5b:fc:a7:4b:62:5d:
50:87:fd:ab:4d:c8:70:07:40:39:7a:9a:09:9d:0c:c6:4f:af:
f7:56:39:28:11:ab:6c:34:6f:02:b0:9a:2e:7f:a5:4f:9e:11:
34:6f:33:c9:58:09:3f:25:eb:e5:f1:dd:c8:ef:5e:e1:53:4c:
a5:c6:d3:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn6ZxmxDyc9tu53+MgygfDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE1MTgxMzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDk1NTBhMmMwMjkwYTg1ZWIzZWE3ZWZmODg1ZjMzNzliZWMzMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitNbVXosUPCHs7gKDzqlVlNoen3h
jKeMF43iXxTgfT9oMp0ZctWeMjvKTBmdHiPJYcX/3elTgHNoqVt+KC6dg9opJNbO
7NoTq7vRu0oMK52OuLmSHwoMGvV84CNawvrswZrDsLpl1UChbZN0ogBaBmKAcE19
dbYi9IHj7fBr9fyUBWoCb5mEtqKU8lfC7OVF70Pl+1h0khW8AkHk2GoWvgEthaJt
ughmFlXodLrk06jIn5kuqKF7h4fCg6IUH2tE4dr5VBKkMW4a4coWnYmcLpHwXXLJ
QGPPuWXfdUSZqUISVTbt7CPR559RTNrMuymfrxt31lo9++LOyD2aDOLzdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN2VUKLAKQqF6z6n7/iF8zeb7DNPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvM1pWUW9zQXBDb1hyUHFmdi1JWHpONXZzTTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHmF1NnamZtJLjCkDoMQ
vo/leNkpIIz6mIYuKns/HFhXCa+lzPs+n6FxagJktsaxn8Nx8yQqxysWc/7ZuxDK
/mzpEVVQrCoIKwlXiexdX1zfJiLlpmRLHtMzlDxI6cCZ9Tv9esB6IKF55+HlOm2k
EPjklO0H2Vvqo65yWGSn+WNONKnWMT+1a7zr4XEUDSzvVbwhIxUjQQmMxJVH415A
FSvObcyrQYnQ+8X8MZNWXyiDvL9VtzL6GzYbeVYmqC9dw1v8p0tiXVCH/atNyHAH
QDl6mgmdDMZPr/dWOSgRq2w0bwKwmi5/pU+eETRvM8lYCT8l6+Xx3cjvXuFTTKXG
03A=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:06 2025 by rpki-client