Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7CLT1ALYwvwpM-QBuKGJSjF5lKU.roa
File: 7CLT1ALYwvwpM-QBuKGJSjF5lKU.roa (raw, json)
Hash identifier: 5sv1bPp8k7Iu7eaP1+VhXuEGtY+k7EP5v10uSMsxSvI=
Subject key identifier: EC:22:D3:D4:02:D8:C2:FC:29:33:E4:01:B8:A1:89:4A:31:79:94:A5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018679037DAE8FFF9AF52F6B38D30EC91384
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7CLT1ALYwvwpM-QBuKGJSjF5lKU.roa
Signing time: Wed 22 Feb 2023 12:05:17 +0000
ROA not before: Wed 22 Feb 2023 12:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:7902:cb3b/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:03:7d:ae:8f:ff:9a:f5:2f:6b:38:d3:0e:c9:13:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 12:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec22d3d402d8c2fc2933e401b8a1894a317994a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2c:2f:c7:dc:53:7c:02:a5:03:cb:af:94:dc:
3c:28:21:fa:86:0e:57:61:8c:7b:cd:be:35:6d:7a:
4e:f1:86:0a:d7:56:3b:ff:45:65:77:67:b0:2c:2b:
58:86:9a:c4:8c:21:86:2e:70:5c:4a:a3:b8:06:3d:
d0:aa:24:f2:45:02:50:b2:54:09:45:c0:65:93:1a:
b1:b0:c1:c5:1f:9f:2e:98:03:7a:c9:1d:bb:d6:7d:
63:65:7e:f0:55:a3:2d:87:91:43:d2:fc:9f:84:4f:
18:03:1d:71:df:38:49:be:e8:52:f3:e9:cb:81:c1:
41:53:65:f8:fe:49:34:a5:1f:61:1c:9a:50:23:ee:
79:76:1a:0c:ea:1f:ec:22:5a:96:3d:4b:75:ff:05:
9e:6c:d7:d9:86:06:56:f2:05:6f:9d:da:36:08:c7:
1d:07:b7:ac:58:44:ba:0f:35:34:5a:38:0b:da:45:
da:a7:a6:18:2f:0a:3c:d4:d0:39:5d:22:06:48:58:
b0:e4:8e:2a:cf:f8:0a:d8:c8:cc:4b:fc:3d:39:6b:
37:33:bd:64:61:40:84:22:13:67:8a:f6:61:57:2f:
c8:c4:6c:56:f2:b6:e2:d7:9e:aa:71:f7:40:2d:3c:
68:20:16:61:99:4e:66:6b:1f:43:73:87:22:e1:4f:
6f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:22:D3:D4:02:D8:C2:FC:29:33:E4:01:B8:A1:89:4A:31:79:94:A5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7CLT1ALYwvwpM-QBuKGJSjF5lKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:0d:6d:54:d1:28:bd:8f:5d:ad:97:26:98:78:38:eb:15:36:
19:3a:1e:a2:bb:e1:15:31:28:81:13:b2:b5:9f:a4:1d:ca:60:
cb:bf:a3:f3:16:22:e8:fc:2c:ac:e0:c2:4c:f9:ac:2c:8f:70:
42:ef:93:63:64:9a:0b:6b:06:7b:c1:55:00:29:0f:84:dc:e5:
c2:2b:ae:a3:8e:fd:33:91:cf:a1:7c:ce:d2:da:90:99:66:e1:
7a:59:7f:bf:91:13:44:0e:b2:24:4a:d4:5c:de:d9:1b:70:bc:
88:c0:1c:23:47:d3:dd:8d:df:b2:36:17:2b:d8:70:84:7c:20:
c3:ce:29:fd:06:c2:63:f9:01:40:d4:e1:32:6b:56:67:62:15:
ad:80:ad:1f:5b:d1:05:55:b5:a6:bf:2f:f8:ef:fb:9b:e6:5a:
22:5a:04:ba:54:37:59:96:4a:26:98:e4:90:bd:cd:98:be:79:
eb:8d:e8:21:08:f5:bb:0d:54:ae:0a:5d:cb:58:4b:2b:0c:e1:
00:59:2a:96:06:ec:c8:5e:57:c4:ee:f7:96:0f:00:2f:c1:77:
f0:21:bb:fd:4e:5a:f9:6c:15:db:a1:6b:80:bd:23:4b:0d:0a:
c1:2a:cd:5d:f4:8f:78:43:ed:b1:8a:45:a3:8c:ef:fd:35:c2:
24:f4:9a:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ5A32uj/+a9S9rONMOyROEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMTIwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzIyZDNkNDAyZDhjMmZjMjkzM2U0MDFiOGExODk0YTMxNzk5NGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtywvx9xTfAKlA8uvlNw8KCH6hg5X
YYx7zb41bXpO8YYK11Y7/0Vld2ewLCtYhprEjCGGLnBcSqO4Bj3QqiTyRQJQslQJ
RcBlkxqxsMHFH58umAN6yR271n1jZX7wVaMth5FD0vyfhE8YAx1x3zhJvuhS8+nL
gcFBU2X4/kk0pR9hHJpQI+55dhoM6h/sIlqWPUt1/wWebNfZhgZW8gVvndo2CMcd
B7esWES6DzU0WjgL2kXap6YYLwo81NA5XSIGSFiw5I4qz/gK2MjMS/w9OWs3M71k
YUCEIhNnivZhVy/IxGxW8rbi156qcfdALTxoIBZhmU5max9Dc4ci4U9v2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOwi09QC2ML8KTPkAbihiUoxeZSlMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvN0NMVDFBTFl3dndwTS1RQnVLR0pTakY1bEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJENbVTRKL2PXa2XJph4
OOsVNhk6HqK74RUxKIETsrWfpB3KYMu/o/MWIuj8LKzgwkz5rCyPcELvk2Nkmgtr
BnvBVQApD4Tc5cIrrqOO/TORz6F8ztLakJlm4XpZf7+RE0QOsiRK1Fze2RtwvIjA
HCNH092N37I2FyvYcIR8IMPOKf0GwmP5AUDU4TJrVmdiFa2ArR9b0QVVtaa/L/jv
+5vmWiJaBLpUN1mWSiaY5JC9zZi+eeuN6CEI9bsNVK4KXctYSysM4QBZKpYG7Mhe
V8Tu95YPAC/Bd/Ahu/1OWvlsFduha4C9I0sNCsEqzV30j3hD7bGKRaOM7/01wiT0
mp0=
-----END CERTIFICATE-----
Generated at Thu May 1 12:54:26 2025 by rpki-client