Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7PQk2L79R8fX-qLKKdbQEPOZ7ls.roa
File: 7PQk2L79R8fX-qLKKdbQEPOZ7ls.roa (raw, json)
Hash identifier: X9K4sRDz7JARC3+DsWSBcngkf36ZQxq4E/wwm7TpYis=
Subject key identifier: EC:F4:24:D8:BE:FD:47:C7:D7:FA:A2:CA:29:D6:D0:10:F3:99:EE:5B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189EC35D7690ED5A02A6DF9B47445361912
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7PQk2L79R8fX-qLKKdbQEPOZ7ls.roa
Signing time: Sun 13 Aug 2023 00:04:58 +0000
ROA not before: Sun 13 Aug 2023 00:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:189:ec35:c23e/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ec:35:d7:69:0e:d5:a0:2a:6d:f9:b4:74:45:36:19:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 13 00:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecf424d8befd47c7d7faa2ca29d6d010f399ee5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cc:54:83:cf:a8:95:ad:cb:9a:3d:11:62:4b:
7b:58:95:6f:dd:b7:8d:86:91:ba:e0:9d:96:6b:15:
59:4d:da:04:15:09:65:e9:d8:06:8f:61:72:2e:6a:
3e:42:56:70:ab:49:fd:cc:dd:d4:b0:d0:00:f2:be:
06:ec:a6:38:05:78:91:70:a5:76:53:91:2c:d9:b3:
94:75:1c:db:25:38:45:cf:24:a7:49:74:f6:ef:24:
47:37:c9:c3:3e:04:12:de:19:ec:6e:b9:ec:64:2c:
94:62:ff:a8:95:b6:be:d9:61:14:bc:3e:b1:a3:a2:
be:d0:1d:0b:66:c9:18:02:bc:6c:2b:88:8b:45:45:
e9:9b:a2:a6:c0:c6:4d:e1:e7:4b:76:d7:f5:93:d9:
c9:1e:aa:95:d6:18:a9:b0:2c:d5:21:55:0e:15:09:
ea:d9:e5:2d:24:b3:3a:1e:9c:3e:dd:58:fd:8c:fa:
ee:b4:ef:9f:94:6e:85:4a:fa:3e:4b:af:3e:aa:d7:
1b:58:4b:04:13:ec:6b:94:29:e8:28:e8:1d:30:67:
3a:16:c2:a8:b4:ce:10:5a:fe:20:a1:8f:01:a9:74:
74:10:c8:12:e6:a4:63:28:67:a9:07:08:2a:74:dd:
53:21:bd:2c:32:79:db:30:30:7c:36:2e:60:d0:9f:
fb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:F4:24:D8:BE:FD:47:C7:D7:FA:A2:CA:29:D6:D0:10:F3:99:EE:5B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7PQk2L79R8fX-qLKKdbQEPOZ7ls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
17:b4:a9:2a:e8:52:31:2b:b1:7a:99:0a:ff:b0:96:5b:6c:52:
74:e6:5f:1d:d7:eb:07:4c:6d:31:df:1c:5f:43:92:23:5e:99:
40:d1:03:8e:6c:ca:50:6f:5b:b2:77:34:04:b5:2c:05:25:0d:
9e:8b:c6:97:ec:e2:4b:b7:b8:8e:cb:c0:92:c0:49:a1:0d:ef:
40:8c:7c:eb:e6:52:36:50:15:82:e2:44:1a:fe:27:0d:09:7f:
c6:cc:7d:6a:46:76:5e:e7:4f:bc:e1:3d:34:2f:3f:52:62:97:
c3:5c:c5:4f:a0:a0:84:59:7b:2b:dc:3b:ca:91:9f:c0:2f:38:
cc:8b:fa:6b:fb:7b:5f:b1:e3:bf:b7:de:7a:28:e6:16:08:17:
35:a2:98:e2:41:46:6a:3c:5c:bd:73:46:15:04:8c:d4:a6:6a:
6c:c7:9f:e4:76:99:14:39:5f:81:98:45:80:84:00:e9:d6:03:
b6:e7:30:ae:fa:55:b5:60:15:17:c3:5c:e8:2b:bd:90:27:3e:
ab:a1:e0:1c:ac:89:d8:3e:e7:3f:a3:c6:be:96:ff:8e:69:9f:
8d:30:19:24:f5:ad:18:89:01:7d:37:97:53:bf:0b:e4:06:f2:
47:87:26:9a:53:77:ac:c9:d1:45:2a:81:9e:1d:00:54:7b:e6:
d4:78:2f:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnsNddpDtWgKm35tHRFNhkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEzMDAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2Y0MjRkOGJlZmQ0N2M3ZDdmYWEyY2EyOWQ2ZDAxMGYzOTllZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisxUg8+ola3Lmj0RYkt7WJVv3beN
hpG64J2WaxVZTdoEFQll6dgGj2FyLmo+QlZwq0n9zN3UsNAA8r4G7KY4BXiRcKV2
U5Es2bOUdRzbJThFzySnSXT27yRHN8nDPgQS3hnsbrnsZCyUYv+olba+2WEUvD6x
o6K+0B0LZskYArxsK4iLRUXpm6KmwMZN4edLdtf1k9nJHqqV1hipsCzVIVUOFQnq
2eUtJLM6Hpw+3Vj9jPrutO+flG6FSvo+S68+qtcbWEsEE+xrlCnoKOgdMGc6FsKo
tM4QWv4goY8BqXR0EMgS5qRjKGepBwgqdN1TIb0sMnnbMDB8Ni5g0J/7sQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOz0JNi+/UfH1/qiyinW0BDzme5bMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvN1BRazJMNzlSOGZYLXFMS0tkYlFFUE9aN2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABe0qSroUjErsXqZCv+w
lltsUnTmXx3X6wdMbTHfHF9DkiNemUDRA45sylBvW7J3NAS1LAUlDZ6Lxpfs4ku3
uI7LwJLASaEN70CMfOvmUjZQFYLiRBr+Jw0Jf8bMfWpGdl7nT7zhPTQvP1Jil8Nc
xU+goIRZeyvcO8qRn8AvOMyL+mv7e1+x47+33noo5hYIFzWimOJBRmo8XL1zRhUE
jNSmamzHn+R2mRQ5X4GYRYCEAOnWA7bnMK76VbVgFRfDXOgrvZAnPquh4Bysidg+
5z+jxr6W/45pn40wGST1rRiJAX03l1O/C+QG8keHJppTd6zJ0UUqgZ4dAFR75tR4
L4Q=
-----END CERTIFICATE-----
Generated at Fri May 2 01:14:43 2025 by rpki-client