Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/43A1XK6rbeNUapyUxLv8zbbZqFQ.roa
File: 43A1XK6rbeNUapyUxLv8zbbZqFQ.roa (raw, json)
Hash identifier: kBYcJ1g0dh3okc3HMTWAWeEaeGxRGx3g4SDx69RSeKI=
Subject key identifier: E3:70:35:5C:AE:AB:6D:E3:54:6A:9C:94:C4:BB:FC:CD:B6:D9:A8:54
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188ACF5D6903B300550F2FC7A4F3EFF6253
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/43A1XK6rbeNUapyUxLv8zbbZqFQ.roa
Signing time: Mon 12 Jun 2023 00:16:12 +0000
ROA not before: Mon 12 Jun 2023 00:16:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ac:f5:d6:90:3b:30:05:50:f2:fc:7a:4f:3e:ff:62:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 12 00:16:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e370355caeab6de3546a9c94c4bbfccdb6d9a854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d9:30:87:8e:4e:99:de:b8:e0:27:59:c5:8a:
e1:f3:e3:c7:a9:c7:1d:b0:c3:f0:bb:c7:5d:ac:95:
f0:9e:6b:82:35:86:6a:21:50:8f:a1:8e:29:65:03:
0e:6b:f1:21:ea:8c:d8:67:1c:27:43:27:d1:ae:c8:
d6:65:06:c9:75:06:c9:ab:97:b9:cf:35:ab:4a:b7:
22:f5:2e:5f:f7:b9:4b:97:8e:3a:4e:72:ed:21:4b:
fc:7a:7e:27:57:9f:1c:d3:ac:45:e0:a0:8e:12:cd:
b5:ce:3a:7d:ba:ce:e8:5e:c6:a1:67:be:f9:1f:f2:
92:4c:d5:8c:37:22:e1:5d:99:68:90:b4:19:97:14:
40:25:d0:83:e9:50:57:c6:d4:f9:0b:07:6d:32:29:
83:5e:91:60:96:eb:9a:ba:72:cc:3c:ea:cb:7c:9d:
e2:1a:1e:90:da:de:db:33:3d:86:40:2a:a4:8e:e6:
d4:35:f6:3a:9b:24:9b:d1:ef:e9:7e:b5:6c:37:28:
3f:3c:d2:6e:d8:0d:8f:3b:df:98:b6:f0:00:54:ac:
df:85:1f:1b:cb:d4:0a:e8:70:88:db:aa:1b:b3:c5:
80:74:01:9c:49:11:fc:cd:88:50:a3:fa:1b:eb:f1:
bf:1b:a6:52:1b:a6:56:82:ce:95:94:dc:36:52:be:
23:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:70:35:5C:AE:AB:6D:E3:54:6A:9C:94:C4:BB:FC:CD:B6:D9:A8:54
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/43A1XK6rbeNUapyUxLv8zbbZqFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:cf:bf:53:2b:8c:0a:02:8f:d6:fc:40:1c:e8:46:51:5f:3e:
18:d7:41:b8:d7:b5:02:95:a4:b3:78:70:b8:c6:90:27:5b:17:
1e:d2:22:41:4f:4d:ef:08:5c:58:e0:37:6d:71:38:d7:be:e1:
22:96:1d:46:f4:c6:1b:d2:04:c2:c2:ea:52:6b:26:21:a2:b7:
5d:a1:f1:23:98:0d:43:2d:00:c1:8e:bb:f2:d0:c3:bd:1c:87:
96:2c:3a:6f:54:b3:64:57:d3:7c:bf:a7:c0:ab:11:19:f8:f1:
98:93:d3:bb:ff:af:57:3b:82:84:e0:27:1d:94:75:06:b7:61:
7a:34:da:81:6e:07:7e:a1:7c:05:72:52:bb:d8:ca:7d:71:8b:
f4:a6:4c:c2:2f:83:a5:ae:26:e6:56:b7:32:7a:55:24:31:88:
5f:ed:0a:58:6e:88:e3:c4:ac:5b:76:ce:e8:06:90:d7:49:ce:
fc:07:7d:dc:4d:ca:49:97:85:3b:7e:f1:85:0d:d7:5f:4c:2a:
73:93:eb:53:1f:3e:1d:b3:85:4a:e5:1c:99:cd:4f:d2:fa:24:
02:d6:d1:d1:3a:03:c5:51:0c:0b:b2:0f:bd:ec:80:ab:4a:2c:
57:52:b9:f9:7f:43:59:d5:ff:f8:56:05:af:2a:a5:5b:5c:3f:
9b:0b:81:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYis9daQOzAFUPL8ek8+/2JTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjEyMDAxNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzcwMzU1Y2FlYWI2ZGUzNTQ2YTljOTRjNGJiZmNjZGI2ZDlhODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttkwh45Omd644CdZxYrh8+PHqccd
sMPwu8ddrJXwnmuCNYZqIVCPoY4pZQMOa/Eh6ozYZxwnQyfRrsjWZQbJdQbJq5e5
zzWrSrci9S5f97lLl446TnLtIUv8en4nV58c06xF4KCOEs21zjp9us7oXsahZ775
H/KSTNWMNyLhXZlokLQZlxRAJdCD6VBXxtT5CwdtMimDXpFgluuaunLMPOrLfJ3i
Gh6Q2t7bMz2GQCqkjubUNfY6mySb0e/pfrVsNyg/PNJu2A2PO9+YtvAAVKzfhR8b
y9QK6HCI26obs8WAdAGcSRH8zYhQo/ob6/G/G6ZSG6ZWgs6VlNw2Ur4jNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFONwNVyuq23jVGqclMS7/M222ahUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNDNBMVhLNnJiZU5VYXB5VXhMdjh6YmJacUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJPPv1MrjAoCj9b8QBzo
RlFfPhjXQbjXtQKVpLN4cLjGkCdbFx7SIkFPTe8IXFjgN21xONe+4SKWHUb0xhvS
BMLC6lJrJiGit12h8SOYDUMtAMGOu/LQw70ch5YsOm9Us2RX03y/p8CrERn48ZiT
07v/r1c7goTgJx2UdQa3YXo02oFuB36hfAVyUrvYyn1xi/SmTMIvg6WuJuZWtzJ6
VSQxiF/tClhuiOPErFt2zugGkNdJzvwHfdxNykmXhTt+8YUN119MKnOT61MfPh2z
hUrlHJnNT9L6JALW0dE6A8VRDAuyD73sgKtKLFdSufl/Q1nV//hWBa8qpVtcP5sL
gc0=
-----END CERTIFICATE-----
Generated at Thu May 1 14:27:29 2025 by rpki-client