Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4fo7FhsE_fQzugmJ3FV9dTP47jQ.roa
File: 4fo7FhsE_fQzugmJ3FV9dTP47jQ.roa (raw, json)
Hash identifier: xI5TnEMH05amO3jkpWht+70ybcMgP4QGDeI2XIdWDII=
Subject key identifier: E1:FA:3B:16:1B:04:FD:F4:33:BA:09:89:DC:55:7D:75:33:F8:EE:34
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A10123AC596173AE39A3A7E1951DD140C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4fo7FhsE_fQzugmJ3FV9dTP47jQ.roa
Signing time: Sat 19 Aug 2023 23:12:24 +0000
ROA not before: Sat 19 Aug 2023 23:12:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:10:12:3a:c5:96:17:3a:e3:9a:3a:7e:19:51:dd:14:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 19 23:12:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1fa3b161b04fdf433ba0989dc557d7533f8ee34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6d:aa:8b:df:0b:b7:b0:39:5c:ff:09:6f:99:
17:da:c1:07:9a:c5:6d:e7:ee:b0:35:6e:67:ec:98:
01:93:d1:94:7b:86:13:a0:8f:9b:53:b5:a4:e0:f8:
cb:34:f7:c8:9f:d2:46:fa:2a:87:16:f9:62:9b:c6:
0c:8b:88:b1:36:73:1c:95:9f:c5:a9:31:c6:d5:76:
3b:8c:2b:a6:c7:73:03:09:f3:22:ec:b6:96:58:72:
21:c0:e3:9e:ac:ad:0f:14:f1:ab:7a:4a:ad:d5:6f:
b2:5a:d7:83:58:53:6d:a7:4c:7e:be:c5:dc:3a:d6:
c9:07:db:8a:55:00:e8:d1:de:2a:21:43:a5:85:a2:
9c:4a:25:13:3f:03:a0:40:b0:84:67:2b:08:7b:e5:
8c:b4:c1:ae:55:66:ca:71:f6:9a:99:d3:ea:05:5e:
cb:9d:cb:3a:13:e6:0b:db:bb:cd:4e:cf:cf:d5:e6:
c8:ec:dd:67:b7:25:3b:41:8b:30:a6:bb:20:59:30:
91:12:7d:c2:b8:96:cb:bb:85:ab:13:d2:de:be:43:
87:ce:5c:e8:70:2b:d0:0b:06:84:96:73:9f:36:9d:
30:cf:8d:81:74:fa:48:86:9e:89:b3:b5:54:f4:98:
94:21:4f:80:41:77:65:7b:f0:f5:f8:71:71:65:1b:
57:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:FA:3B:16:1B:04:FD:F4:33:BA:09:89:DC:55:7D:75:33:F8:EE:34
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4fo7FhsE_fQzugmJ3FV9dTP47jQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:d7:17:4a:22:36:99:1a:12:cf:8a:0c:da:e3:bd:15:4a:a6:
ad:e7:6a:9e:bf:26:ce:0b:0d:af:32:a6:e3:a7:ae:42:34:d9:
91:0d:a3:4a:ef:18:42:c7:fa:f4:30:60:3e:1d:d2:12:9f:bb:
d1:6b:ae:cf:cc:b0:69:b6:df:8b:0e:06:a7:8b:29:4f:cc:a1:
02:ac:b7:a4:08:d7:e4:6c:d7:08:7e:a2:d8:ac:e7:c0:a9:58:
14:30:97:1a:a4:cc:63:58:9e:3e:98:3e:fe:ab:f6:f4:66:94:
e1:a7:cf:63:c9:5a:69:3c:4e:6e:83:62:b9:d4:98:72:35:2d:
c6:f4:67:ba:2b:ad:b2:1e:60:56:60:bf:4d:52:d7:1e:1b:f1:
7b:6d:d1:82:06:00:3f:72:2e:24:2b:ec:32:2d:7b:5f:bc:12:
08:57:e8:73:01:68:b0:21:d7:28:46:6e:74:ba:81:2c:4f:36:
be:66:81:e2:8a:13:a9:c6:ec:e5:17:93:ae:fb:64:87:92:b9:
be:c7:22:13:d4:39:bd:30:34:8d:06:ca:33:8c:77:ae:e6:d3:
9e:77:3b:65:bd:50:ce:89:a6:08:f6:d4:7f:4d:33:d9:06:10:
c3:bc:42:54:d8:9e:86:d4:20:b8:76:11:52:5c:5b:45:ae:58:
fb:1c:ac:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoQEjrFlhc645o6fhlR3RQMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE5MjMxMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWZhM2IxNjFiMDRmZGY0MzNiYTA5ODlkYzU1N2Q3NTMzZjhlZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW2qi98Lt7A5XP8Jb5kX2sEHmsVt
5+6wNW5n7JgBk9GUe4YToI+bU7Wk4PjLNPfIn9JG+iqHFvlim8YMi4ixNnMclZ/F
qTHG1XY7jCumx3MDCfMi7LaWWHIhwOOerK0PFPGrekqt1W+yWteDWFNtp0x+vsXc
OtbJB9uKVQDo0d4qIUOlhaKcSiUTPwOgQLCEZysIe+WMtMGuVWbKcfaamdPqBV7L
ncs6E+YL27vNTs/P1ebI7N1ntyU7QYswprsgWTCREn3CuJbLu4WrE9LevkOHzlzo
cCvQCwaElnOfNp0wz42BdPpIhp6Js7VU9JiUIU+AQXdle/D1+HFxZRtX7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOH6OxYbBP30M7oJidxVfXUz+O40MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNGZvN0Zoc0VfZlF6dWdtSjNGVjlkVFA0N2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHbXF0oiNpkaEs+KDNrj
vRVKpq3nap6/Js4LDa8ypuOnrkI02ZENo0rvGELH+vQwYD4d0hKfu9Frrs/MsGm2
34sOBqeLKU/MoQKst6QI1+Rs1wh+otis58CpWBQwlxqkzGNYnj6YPv6r9vRmlOGn
z2PJWmk8Tm6DYrnUmHI1Lcb0Z7orrbIeYFZgv01S1x4b8Xtt0YIGAD9yLiQr7DIt
e1+8EghX6HMBaLAh1yhGbnS6gSxPNr5mgeKKE6nG7OUXk677ZIeSub7HIhPUOb0w
NI0GyjOMd67m0553O2W9UM6Jpgj21H9NM9kGEMO8QlTYnobUILh2EVJcW0WuWPsc
rA0=
-----END CERTIFICATE-----
Generated at Thu May 1 11:12:55 2025 by rpki-client