Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/6vpb1ZF4QRj-Kf6ezO9s67mlLoE.roa
File: 6vpb1ZF4QRj-Kf6ezO9s67mlLoE.roa (raw, json)
Hash identifier: Gh4/2Y5qUg8otEYxPv37o27VNbPgj2h5Z5CKVf5ub7A=
Subject key identifier: EA:FA:5B:D5:91:78:41:18:FE:29:FE:9E:CC:EF:6C:EB:B9:A5:2E:81
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018759431949E65C91B1BB4636F07D2EFF84
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/6vpb1ZF4QRj-Kf6ezO9s67mlLoE.roa
Signing time: Fri 07 Apr 2023 01:09:42 +0000
ROA not before: Fri 07 Apr 2023 01:09:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:59:43:19:49:e6:5c:91:b1:bb:46:36:f0:7d:2e:ff:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 7 01:09:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eafa5bd591784118fe29fe9eccef6cebb9a52e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:4b:0e:2c:5f:57:ab:02:b6:ec:90:87:f2:80:
14:06:bc:66:60:d4:72:31:6a:2b:90:29:61:d6:aa:
ee:f9:20:57:02:9e:b1:4c:2b:c5:24:84:00:1d:56:
76:9b:66:23:a4:e9:82:57:d9:27:49:15:18:54:30:
e3:1e:c4:d2:f1:9c:e1:e9:aa:88:44:b4:04:a7:60:
75:aa:49:fb:32:f6:bc:a2:42:a3:e2:f4:ae:df:7d:
12:fc:2a:90:76:47:a3:c8:26:3c:0f:97:47:05:d7:
c5:c2:c7:69:25:94:a1:60:aa:7e:4e:92:5e:08:81:
ce:f3:c0:47:91:6f:32:39:dd:f2:c4:e2:0e:88:41:
e7:72:bd:f8:80:7f:0a:e2:a8:c7:db:da:fa:e0:67:
37:62:2d:cc:da:fa:b4:74:b2:dc:a8:6e:a9:1e:7e:
4b:0a:90:be:ef:08:02:60:2f:03:67:db:6c:7d:21:
e1:57:c5:02:49:cd:28:e6:79:ff:b0:4f:48:64:3d:
c2:1e:8b:ea:35:7d:8b:2d:f8:17:34:84:d5:2d:da:
22:4f:b9:bd:cd:37:a7:0c:ce:fa:fc:ca:2c:04:6f:
4f:68:c6:28:3c:de:39:cd:30:6b:62:44:78:5a:51:
49:d3:94:42:76:e5:be:55:00:38:ad:b1:92:fd:c3:
7e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:FA:5B:D5:91:78:41:18:FE:29:FE:9E:CC:EF:6C:EB:B9:A5:2E:81
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/6vpb1ZF4QRj-Kf6ezO9s67mlLoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:e9:e4:c2:44:fb:aa:c7:15:87:e7:e6:c3:c8:b3:54:ea:ad:
5c:c9:a6:63:98:84:9a:b0:45:42:4b:f5:32:96:ad:c5:96:bd:
dc:26:a4:10:a8:1a:0a:de:4b:50:33:ec:42:03:89:36:ff:aa:
fc:be:a6:94:c5:97:31:9b:f7:b6:e1:e4:eb:1a:0f:10:f9:ec:
2a:f5:2e:9e:01:13:1a:c6:75:09:ae:ff:08:51:f0:60:b9:82:
5f:78:61:ea:4a:fe:6d:41:8e:30:8c:78:e8:4d:60:90:6a:4a:
f8:84:0f:6d:3f:d4:8a:ed:ae:61:3e:56:28:23:41:c0:55:fb:
49:e1:91:cc:25:aa:ab:8a:28:b9:45:87:44:f6:25:ee:f4:84:
cc:e4:64:04:d5:0c:74:64:ae:18:19:45:e6:3a:b6:ef:12:88:
a3:ef:41:eb:dc:34:38:0c:66:db:77:7b:81:6b:5c:e7:33:9a:
24:05:ff:da:bc:9c:da:58:a0:d4:47:99:4c:1d:dd:b0:ef:06:
b1:e3:38:4b:c1:fe:f7:77:b1:aa:be:b6:fc:08:5a:b9:b1:92:
dc:b4:05:5f:61:2d:41:02:4a:86:43:1c:e9:6c:3c:15:89:6a:
96:f8:88:17:73:0d:bc:d6:94:83:d3:1a:df:f2:4d:b5:63:41:
7f:ec:fc:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdZQxlJ5lyRsbtGNvB9Lv+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDA3MDEwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWZhNWJkNTkxNzg0MTE4ZmUyOWZlOWVjY2VmNmNlYmI5YTUyZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgksOLF9XqwK27JCH8oAUBrxmYNRy
MWorkClh1qru+SBXAp6xTCvFJIQAHVZ2m2YjpOmCV9knSRUYVDDjHsTS8Zzh6aqI
RLQEp2B1qkn7Mva8okKj4vSu330S/CqQdkejyCY8D5dHBdfFwsdpJZShYKp+TpJe
CIHO88BHkW8yOd3yxOIOiEHncr34gH8K4qjH29r64Gc3Yi3M2vq0dLLcqG6pHn5L
CpC+7wgCYC8DZ9tsfSHhV8UCSc0o5nn/sE9IZD3CHovqNX2LLfgXNITVLdoiT7m9
zTenDM76/MosBG9PaMYoPN45zTBrYkR4WlFJ05RCduW+VQA4rbGS/cN+hwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOr6W9WReEEY/in+nszvbOu5pS6BMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNnZwYjFaRjRRUmotS2Y2ZXpPOXM2N21sTG9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGHp5MJE+6rHFYfn5sPI
s1TqrVzJpmOYhJqwRUJL9TKWrcWWvdwmpBCoGgreS1Az7EIDiTb/qvy+ppTFlzGb
97bh5OsaDxD57Cr1Lp4BExrGdQmu/whR8GC5gl94YepK/m1BjjCMeOhNYJBqSviE
D20/1IrtrmE+VigjQcBV+0nhkcwlqquKKLlFh0T2Je70hMzkZATVDHRkrhgZReY6
tu8SiKPvQevcNDgMZtt3e4FrXOczmiQF/9q8nNpYoNRHmUwd3bDvBrHjOEvB/vd3
saq+tvwIWrmxkty0BV9hLUECSoZDHOlsPBWJapb4iBdzDbzWlIPTGt/yTbVjQX/s
/Do=
-----END CERTIFICATE-----
Generated at Fri May 2 19:07:23 2025 by rpki-client