Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4H4ZDfySLP21o2KpaMvip78hyOo.roa
File: 4H4ZDfySLP21o2KpaMvip78hyOo.roa (raw, json)
Hash identifier: mX9ykJfwdSZuhyysjCKjYbChlW2zgzkTfhEa0HsCukY=
Subject key identifier: E0:7E:19:0D:FC:92:2C:FD:B5:A3:62:A9:68:CB:E2:A7:BF:21:C8:EA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A07B4CF7C70035D463B9BF1078C4EAE30
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4H4ZDfySLP21o2KpaMvip78hyOo.roa
Signing time: Fri 18 Aug 2023 08:13:24 +0000
ROA not before: Fri 18 Aug 2023 08:13:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:07:b4:cf:7c:70:03:5d:46:3b:9b:f1:07:8c:4e:ae:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 18 08:13:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e07e190dfc922cfdb5a362a968cbe2a7bf21c8ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e2:36:84:40:45:a1:57:c5:3d:b2:09:74:e3:
a3:bf:b6:1b:4c:d9:1c:d6:ce:1e:28:f1:b2:a5:db:
e9:a2:ce:05:c6:7f:b5:3e:a7:7c:fd:55:95:35:01:
d0:f2:39:e1:7a:c4:4f:7d:92:d0:f3:01:e7:08:91:
9d:9d:43:8b:79:3c:a5:28:c1:dc:50:5c:1e:d2:f4:
a3:25:11:fd:33:f8:25:e7:70:14:8b:b9:cc:ec:c4:
9a:b9:5a:53:2a:26:28:91:05:54:18:6b:ee:c6:34:
e7:fb:a5:23:e3:73:e4:6c:13:d2:77:e7:7e:bc:17:
63:13:39:e4:f0:b5:86:2c:66:39:b9:de:ac:bc:da:
6d:f7:2d:9f:54:15:bf:09:29:e8:48:dd:4a:32:25:
12:3c:ea:5f:18:b7:ff:11:b2:4f:1b:df:63:16:ab:
a5:41:dc:b9:1c:c0:8b:34:58:e4:12:fe:3b:18:9f:
88:fa:38:0d:f3:3e:80:84:f1:78:50:b6:f5:d5:8c:
5f:2e:d9:d4:ae:68:2d:2b:32:e7:f7:78:5d:75:7f:
25:cd:57:b9:b3:c3:08:da:5a:72:b0:79:fb:f4:8c:
b1:bb:18:08:29:0c:ac:bc:dc:9d:d9:0e:44:ce:9b:
ab:64:fb:52:38:b0:0d:ee:6f:bb:db:a5:2d:cc:de:
59:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7E:19:0D:FC:92:2C:FD:B5:A3:62:A9:68:CB:E2:A7:BF:21:C8:EA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4H4ZDfySLP21o2KpaMvip78hyOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:6e:98:4d:2b:31:fe:e6:f9:d3:7c:ff:52:6a:a6:ee:8a:7d:
6f:a0:9a:a3:d3:ab:7c:47:22:a2:2e:7f:13:48:0a:94:63:ea:
7f:66:52:11:71:65:1f:fb:36:ba:9c:ae:2b:78:c3:b3:76:31:
98:9f:35:4f:01:b3:17:e5:41:6f:bb:ad:16:93:8a:85:78:b5:
d1:1b:a5:56:89:78:a3:fc:a2:af:7e:00:96:fc:6f:65:19:0b:
4a:f8:5b:e7:42:2c:f9:85:06:34:be:7d:fa:eb:db:0f:e8:3f:
3d:7c:dc:2f:1d:08:9d:f5:9c:ad:d2:66:33:fa:f4:14:5f:70:
25:2a:89:ec:b6:53:eb:07:77:44:d3:2d:12:55:df:e5:38:0c:
64:a3:34:74:d0:17:8b:1c:af:68:77:dd:91:9b:5a:c6:b6:a9:
c3:f0:62:84:25:10:b6:c6:c4:91:dc:77:fc:f5:c5:5f:22:4b:
41:57:fd:be:3e:fc:2b:42:78:b2:37:91:bb:5a:7b:90:e2:0c:
2f:a5:ae:ed:31:d1:fc:fc:ee:95:57:30:f7:49:32:39:cb:50:
22:23:c6:82:7c:68:e9:71:7d:26:1e:bd:7d:63:44:14:a1:d2:
4b:12:d4:00:48:b6:ad:59:b6:01:f7:68:6c:15:0d:13:2c:10:
9a:13:77:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoHtM98cANdRjub8QeMTq4wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE4MDgxMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDdlMTkwZGZjOTIyY2ZkYjVhMzYyYTk2OGNiZTJhN2JmMjFjOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+I2hEBFoVfFPbIJdOOjv7YbTNkc
1s4eKPGypdvpos4Fxn+1Pqd8/VWVNQHQ8jnhesRPfZLQ8wHnCJGdnUOLeTylKMHc
UFwe0vSjJRH9M/gl53AUi7nM7MSauVpTKiYokQVUGGvuxjTn+6Uj43PkbBPSd+d+
vBdjEznk8LWGLGY5ud6svNpt9y2fVBW/CSnoSN1KMiUSPOpfGLf/EbJPG99jFqul
Qdy5HMCLNFjkEv47GJ+I+jgN8z6AhPF4ULb11YxfLtnUrmgtKzLn93hddX8lzVe5
s8MI2lpysHn79IyxuxgIKQysvNyd2Q5EzpurZPtSOLAN7m+726UtzN5ZJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOB+GQ38kiz9taNiqWjL4qe/IcjqMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNEg0WkRmeVNMUDIxbzJLcGFNdmlwNzhoeU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHJumE0rMf7m+dN8/1Jq
pu6KfW+gmqPTq3xHIqIufxNICpRj6n9mUhFxZR/7Nrqcrit4w7N2MZifNU8Bsxfl
QW+7rRaTioV4tdEbpVaJeKP8oq9+AJb8b2UZC0r4W+dCLPmFBjS+ffrr2w/oPz18
3C8dCJ31nK3SZjP69BRfcCUqiey2U+sHd0TTLRJV3+U4DGSjNHTQF4scr2h33ZGb
Wsa2qcPwYoQlELbGxJHcd/z1xV8iS0FX/b4+/CtCeLI3kbtae5DiDC+lru0x0fz8
7pVXMPdJMjnLUCIjxoJ8aOlxfSYevX1jRBSh0ksS1ABItq1ZtgH3aGwVDRMsEJoT
d/A=
-----END CERTIFICATE-----
Generated at Thu May 1 07:10:55 2025 by rpki-client