Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/6vQL0DUn0uY4YuH89Ic76jQsWOE.roa
File: 6vQL0DUn0uY4YuH89Ic76jQsWOE.roa (raw, json)
Hash identifier: meETqJXJdM8vBXtqmXCrbuREUBQs32E26XNJqvOJ9Pg=
Subject key identifier: EA:F4:0B:D0:35:27:D2:E6:38:62:E1:FC:F4:87:3B:EA:34:2C:58:E1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869ED1B6F4E02CD6B2103AFE6D505CEBBB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/6vQL0DUn0uY4YuH89Ic76jQsWOE.roa
Signing time: Wed 01 Mar 2023 20:16:29 +0000
ROA not before: Wed 01 Mar 2023 20:16:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9e:d1:b6:f4:e0:2c:d6:b2:10:3a:fe:6d:50:5c:eb:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 1 20:16:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eaf40bd03527d2e63862e1fcf4873bea342c58e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bc:bd:eb:66:97:9d:83:5e:57:78:34:7b:78:
0a:98:87:a3:54:f9:8a:75:27:6a:e3:4c:69:44:ae:
d4:3a:d3:98:9c:1c:88:d1:a8:15:8e:36:e4:cc:9b:
3a:c4:36:ef:5f:33:a9:8e:f1:fd:14:71:46:28:e2:
41:31:87:69:86:84:41:49:15:92:7a:19:15:0a:80:
25:63:b3:55:00:43:71:f8:1d:1e:90:0e:a2:0e:9e:
98:bb:c9:2e:3b:23:ba:78:6b:80:1a:e4:3a:46:40:
ba:50:3d:ff:16:d8:f0:ac:1a:f0:f1:37:2c:d3:29:
44:8a:28:84:1e:9c:34:a0:50:1f:69:d8:68:00:ba:
5c:69:f4:c1:8a:98:b0:b6:ca:a7:dd:30:7d:f5:d3:
52:65:6a:52:42:7e:6c:9c:9a:17:3e:64:75:16:0e:
72:33:9d:2a:ce:47:2d:e5:8a:21:13:65:10:d3:82:
d5:47:ee:40:d2:40:11:12:91:25:ae:80:db:5d:9a:
74:01:2c:b7:84:7f:6c:c6:f0:fe:ee:27:99:4a:09:
bd:5b:a2:fd:a1:d5:9a:79:69:4f:b3:5e:ec:6b:90:
05:de:da:76:0b:19:0c:37:48:d1:c8:e2:71:f4:d4:
d7:cf:40:55:64:bb:07:2d:c5:10:aa:9a:0e:f1:4d:
12:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:F4:0B:D0:35:27:D2:E6:38:62:E1:FC:F4:87:3B:EA:34:2C:58:E1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/6vQL0DUn0uY4YuH89Ic76jQsWOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:48:7a:f8:a8:3d:ac:cb:67:c2:f6:8d:61:ff:63:19:5a:f1:
1d:2a:f9:8d:4b:6f:a6:d9:91:ae:fb:28:fa:47:ad:fc:c5:ce:
6f:55:f6:cb:d8:c9:24:e7:7c:af:c6:4a:3a:84:84:c4:b3:e7:
a0:ee:38:75:93:b0:4b:15:c7:4b:77:9c:04:53:6b:b8:ce:56:
db:bb:72:05:cd:00:9f:da:04:a9:c1:89:60:53:67:84:c6:0a:
5d:77:50:9b:65:92:77:fa:bf:79:93:3d:52:4a:35:25:3e:cf:
ec:fb:67:aa:87:1c:f5:e6:61:fc:97:d5:ce:14:a2:35:81:bf:
14:3e:34:22:11:50:a2:8a:eb:bc:44:8a:c5:f3:b7:66:26:e9:
47:91:b5:08:70:9d:1e:47:5e:72:1e:d5:90:fe:c6:98:00:50:
1d:dd:d2:72:4a:15:51:00:74:46:95:e5:fb:ca:e6:25:d1:df:
31:a6:dd:89:ed:fc:84:65:2d:7e:37:a2:a4:06:5e:b2:aa:ad:
8b:12:bb:4a:e0:a6:3a:cc:b5:ba:8c:ad:01:ad:62:0d:b0:33:
a4:9b:9f:5f:a3:55:3b:50:66:17:ce:dc:60:94:35:1e:80:47:
4f:2e:08:f2:97:0a:13:93:3f:75:6e:34:33:c9:1d:86:55:b6:
e6:b1:7f:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYae0bb04CzWshA6/m1QXOu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAxMjAxNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWY0MGJkMDM1MjdkMmU2Mzg2MmUxZmNmNDg3M2JlYTM0MmM1OGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLy962aXnYNeV3g0e3gKmIejVPmK
dSdq40xpRK7UOtOYnByI0agVjjbkzJs6xDbvXzOpjvH9FHFGKOJBMYdphoRBSRWS
ehkVCoAlY7NVAENx+B0ekA6iDp6Yu8kuOyO6eGuAGuQ6RkC6UD3/FtjwrBrw8Tcs
0ylEiiiEHpw0oFAfadhoALpcafTBipiwtsqn3TB99dNSZWpSQn5snJoXPmR1Fg5y
M50qzkct5YohE2UQ04LVR+5A0kAREpElroDbXZp0ASy3hH9sxvD+7ieZSgm9W6L9
odWaeWlPs17sa5AF3tp2CxkMN0jRyOJx9NTXz0BVZLsHLcUQqpoO8U0SuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOr0C9A1J9LmOGLh/PSHO+o0LFjhMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNnZRTDBEVW4wdVk0WXVIODlJYzc2alFzV09FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEdIevioPazLZ8L2jWH/
Yxla8R0q+Y1Lb6bZka77KPpHrfzFzm9V9svYySTnfK/GSjqEhMSz56DuOHWTsEsV
x0t3nARTa7jOVtu7cgXNAJ/aBKnBiWBTZ4TGCl13UJtlknf6v3mTPVJKNSU+z+z7
Z6qHHPXmYfyX1c4UojWBvxQ+NCIRUKKK67xEisXzt2Ym6UeRtQhwnR5HXnIe1ZD+
xpgAUB3d0nJKFVEAdEaV5fvK5iXR3zGm3Ynt/IRlLX43oqQGXrKqrYsSu0rgpjrM
tbqMrQGtYg2wM6Sbn1+jVTtQZhfO3GCUNR6AR08uCPKXChOTP3VuNDPJHYZVtuax
f64=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:35:01 2025 by rpki-client