Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4z_9q5iSSCNJbQhUMBeVnosizh4.roa
File: 4z_9q5iSSCNJbQhUMBeVnosizh4.roa (raw, json)
Hash identifier: 5KNiaylzjgahlVwqOjkt5L1lftsLwa0kxWZqPDqPGIM=
Subject key identifier: E3:3F:FD:AB:98:92:48:23:49:6D:08:54:30:17:95:9E:8B:22:CE:1E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A04AB87F2DB4E79042C95F1794A0504E8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4z_9q5iSSCNJbQhUMBeVnosizh4.roa
Signing time: Thu 17 Aug 2023 18:04:24 +0000
ROA not before: Thu 17 Aug 2023 18:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:18a:4ab:55ee/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:04:ab:87:f2:db:4e:79:04:2c:95:f1:79:4a:05:04:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 17 18:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e33ffdab98924823496d08543017959e8b22ce1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d9:89:77:b2:76:63:e5:2b:7a:e9:4e:68:23:
4e:0f:04:5b:1b:81:0f:3c:8e:a3:70:65:75:05:1d:
09:c8:fa:6a:49:1c:5d:0f:49:99:d3:07:72:57:55:
b5:a7:d9:0a:19:23:a5:ac:02:01:05:9a:d2:ae:a5:
ed:37:fe:76:5c:ed:9a:1d:ae:72:6d:15:ef:cb:d0:
6f:98:b9:63:23:a6:49:c0:8e:19:97:47:8d:ca:96:
f5:8f:c8:e4:53:4e:9c:05:34:08:25:bb:09:e1:94:
d1:af:ff:f1:34:b4:be:c6:af:6c:67:13:15:a8:f7:
dc:03:78:cd:cb:46:4f:c1:9d:3c:0f:1c:e4:80:ff:
d5:63:fd:ab:a4:7c:1a:7e:d5:aa:4a:54:6b:7e:5b:
b4:5a:f3:25:37:e3:e0:a1:37:17:28:f3:82:f0:3f:
b2:97:7f:a3:c9:0e:6d:bd:8b:cc:c4:54:74:56:da:
cc:58:56:35:9c:02:a2:d0:ec:c8:31:06:15:7f:7f:
ae:48:af:1f:88:b1:2b:6a:3b:a6:34:f2:30:92:ad:
b3:8c:33:1c:27:d7:89:a6:dc:41:e1:28:01:51:18:
fa:b4:32:f7:7c:7f:1f:65:79:99:3e:ab:32:70:01:
a7:79:a4:18:50:71:92:a8:22:8a:b2:02:e1:ba:90:
b4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:3F:FD:AB:98:92:48:23:49:6D:08:54:30:17:95:9E:8B:22:CE:1E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4z_9q5iSSCNJbQhUMBeVnosizh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:11:45:64:5a:75:ac:f9:09:fa:18:ab:0d:86:8b:5c:4d:b0:
1f:21:b8:43:f1:65:14:ac:0a:7a:4e:d9:94:36:70:63:4a:93:
45:0f:3d:67:dd:db:91:a8:bb:0d:30:51:d0:56:24:2e:07:71:
75:81:e0:39:f2:f4:66:45:71:bf:f7:6d:3b:4d:69:c9:ca:10:
d3:1f:3f:a5:d4:3d:c9:32:2b:fd:da:a3:ac:f7:29:ce:95:b3:
4e:56:aa:8c:2a:8f:7e:f8:2a:2b:7a:52:9d:d4:26:a2:6e:e3:
a0:9a:09:48:75:eb:49:49:79:7c:b8:ba:54:31:de:c9:3e:d3:
8d:99:6c:71:c6:ef:d8:7a:d4:c2:03:ed:c2:f1:fc:ad:73:ba:
20:a5:98:18:ab:bc:c7:b2:4c:84:67:a5:c2:e2:0b:99:43:04:
04:c5:7d:b3:86:2a:13:bf:c1:c9:0a:f3:a9:d6:cb:80:73:79:
d2:cb:6f:e2:d9:d4:34:95:92:e4:43:be:76:be:89:ad:7f:12:
9a:47:33:1b:d4:90:d0:0a:15:14:c0:23:57:47:0f:15:22:fa:
bc:7e:90:b3:6f:0b:0e:d6:19:8e:44:1f:fc:40:56:00:72:b5:
87:71:18:b9:d1:a5:d4:8f:a7:7c:bc:22:3f:e1:8b:06:eb:63:
7e:cf:6e:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoEq4fy2055BCyV8XlKBQToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE3MTgwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzNmZmRhYjk4OTI0ODIzNDk2ZDA4NTQzMDE3OTU5ZThiMjJjZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9mJd7J2Y+UreulOaCNODwRbG4EP
PI6jcGV1BR0JyPpqSRxdD0mZ0wdyV1W1p9kKGSOlrAIBBZrSrqXtN/52XO2aHa5y
bRXvy9BvmLljI6ZJwI4Zl0eNypb1j8jkU06cBTQIJbsJ4ZTRr//xNLS+xq9sZxMV
qPfcA3jNy0ZPwZ08DxzkgP/VY/2rpHwaftWqSlRrflu0WvMlN+PgoTcXKPOC8D+y
l3+jyQ5tvYvMxFR0VtrMWFY1nAKi0OzIMQYVf3+uSK8fiLErajumNPIwkq2zjDMc
J9eJptxB4SgBURj6tDL3fH8fZXmZPqsycAGneaQYUHGSqCKKsgLhupC0rwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOM//auYkkgjSW0IVDAXlZ6LIs4eMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNHpfOXE1aVNTQ05KYlFoVU1CZVZub3Npemg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIYRRWRadaz5CfoYqw2G
i1xNsB8huEPxZRSsCnpO2ZQ2cGNKk0UPPWfd25Gouw0wUdBWJC4HcXWB4Dny9GZF
cb/3bTtNacnKENMfP6XUPckyK/3ao6z3Kc6Vs05Wqowqj374Kit6Up3UJqJu46Ca
CUh160lJeXy4ulQx3sk+042ZbHHG79h61MID7cLx/K1zuiClmBirvMeyTIRnpcLi
C5lDBATFfbOGKhO/wckK86nWy4BzedLLb+LZ1DSVkuRDvna+ia1/EppHMxvUkNAK
FRTAI1dHDxUi+rx+kLNvCw7WGY5EH/xAVgBytYdxGLnRpdSPp3y8Ij/hiwbrY37P
bj4=
-----END CERTIFICATE-----
Generated at Thu May 1 04:41:55 2025 by rpki-client