Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7bKLDSpYt4Cms7FzoaGLLEg5JZY.roa
File: 7bKLDSpYt4Cms7FzoaGLLEg5JZY.roa (raw, json)
Hash identifier: qL74HWcKYbDtQjR53OzHyiHg3CO5pXiaSeuNN+NgBPo=
Subject key identifier: ED:B2:8B:0D:2A:58:B7:80:A6:B3:B1:73:A1:A1:8B:2C:48:39:25:96
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E3A09218153D51D10676512AFD3397C5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7bKLDSpYt4Cms7FzoaGLLEg5JZY.roa
Signing time: Fri 11 Aug 2023 08:04:58 +0000
ROA not before: Fri 11 Aug 2023 08:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:189:e3a0:1fbb/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:a0:92:18:15:3d:51:d1:06:76:51:2a:fd:33:97:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 11 08:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edb28b0d2a58b780a6b3b173a1a18b2c48392596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6f:ca:28:58:03:90:b4:5e:b6:ee:a8:6a:24:
85:3b:0a:65:e8:46:54:77:1e:2c:df:c5:c1:dd:05:
a4:38:33:ae:10:4e:fd:c8:ca:70:5c:c4:5d:35:92:
71:e8:d1:68:8e:2d:63:a9:58:a3:ec:9d:0d:0e:4d:
46:89:cb:c3:82:a2:b0:75:65:20:05:ee:f5:6e:71:
13:7f:3e:ab:14:d3:f1:e8:ee:cf:72:5b:1e:97:24:
5e:31:39:0b:71:ab:f1:07:bc:a7:0e:55:ba:d9:3c:
43:4a:cd:86:2b:1b:b4:58:e1:45:39:9b:94:49:9c:
5e:ba:b6:e8:f1:81:6f:7a:2e:0b:c1:67:89:63:01:
50:90:3c:6c:06:c7:dd:5b:f1:07:f5:59:b6:ab:8f:
5a:76:34:2b:74:c5:ee:ca:4e:ff:9b:fe:ac:50:33:
fa:f1:2d:71:c8:5e:8f:57:d5:d1:34:3f:9b:cf:81:
e7:61:3e:c5:37:9e:df:e3:25:59:d5:78:e9:f8:a5:
59:8d:87:9e:da:f8:da:3d:95:36:59:cb:2f:8d:2c:
82:b1:d7:4a:23:10:8a:dc:b9:e3:2f:1d:49:21:98:
e5:9c:8e:de:78:e9:ea:61:39:a4:af:5b:71:1e:fb:
b1:40:d3:81:e0:3a:27:9c:85:65:ef:ca:80:d4:ba:
01:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B2:8B:0D:2A:58:B7:80:A6:B3:B1:73:A1:A1:8B:2C:48:39:25:96
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7bKLDSpYt4Cms7FzoaGLLEg5JZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:75:7e:24:5c:70:fb:60:c6:a9:c3:40:82:8d:70:86:76:36:
a1:fc:ee:98:d6:ce:51:61:24:1d:ce:7f:05:f3:8c:a6:3a:b0:
e6:cf:a2:d7:9e:12:86:31:22:94:f6:16:e3:4b:da:b1:ab:fe:
c8:6d:ce:16:85:a0:1e:b4:0b:6c:64:0b:c8:30:d3:a2:3c:b3:
e4:f4:c9:93:c0:c2:67:ad:a9:1b:ec:6f:42:67:7b:0d:44:ab:
63:4e:fa:74:f0:59:84:dc:c4:ef:87:da:ac:d5:f1:bd:3f:e9:
67:7f:b8:e8:cd:b9:8c:c3:84:08:94:85:3f:1c:88:f3:ae:09:
a4:4a:5f:2a:71:36:f4:3d:2e:9e:2d:bd:b9:ed:e2:fc:d3:28:
3f:17:81:4e:58:ef:9f:02:09:61:b3:20:32:3c:7b:32:c5:7b:
bb:d1:9d:e2:3e:87:05:3e:dd:f2:fe:9b:29:a3:06:b8:ed:b4:
bc:04:e9:2d:32:76:a5:a0:55:96:37:ad:a2:79:75:ae:d2:98:
e6:7b:df:0c:4f:1b:cf:bd:66:e5:11:23:87:89:5f:ac:02:80:
82:fe:30:df:b9:65:d2:13:d2:98:cf:c0:d6:ba:6d:e4:c3:2a:
ab:9f:fc:24:da:9d:a1:14:8c:2d:44:9f:88:40:0b:ed:2d:90:
13:52:58:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnjoJIYFT1R0QZ2USr9M5fFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODExMDgwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGIyOGIwZDJhNThiNzgwYTZiM2IxNzNhMWExOGIyYzQ4MzkyNTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgW/KKFgDkLRetu6oaiSFOwpl6EZU
dx4s38XB3QWkODOuEE79yMpwXMRdNZJx6NFoji1jqVij7J0NDk1GicvDgqKwdWUg
Be71bnETfz6rFNPx6O7PclselyReMTkLcavxB7ynDlW62TxDSs2GKxu0WOFFOZuU
SZxeurbo8YFvei4LwWeJYwFQkDxsBsfdW/EH9Vm2q49adjQrdMXuyk7/m/6sUDP6
8S1xyF6PV9XRND+bz4HnYT7FN57f4yVZ1Xjp+KVZjYee2vjaPZU2WcsvjSyCsddK
IxCK3LnjLx1JIZjlnI7eeOnqYTmkr1txHvuxQNOB4DonnIVl78qA1LoBqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO2yiw0qWLeAprOxc6GhiyxIOSWWMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvN2JLTERTcFl0NENtczdGem9hR0xMRWc1SlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA91fiRccPtgxqnDQIKN
cIZ2NqH87pjWzlFhJB3OfwXzjKY6sObPoteeEoYxIpT2FuNL2rGr/shtzhaFoB60
C2xkC8gw06I8s+T0yZPAwmetqRvsb0Jnew1Eq2NO+nTwWYTcxO+H2qzV8b0/6Wd/
uOjNuYzDhAiUhT8ciPOuCaRKXypxNvQ9Lp4tvbnt4vzTKD8XgU5Y758CCWGzIDI8
ezLFe7vRneI+hwU+3fL+mymjBrjttLwE6S0ydqWgVZY3raJ5da7SmOZ73wxPG8+9
ZuURI4eJX6wCgIL+MN+5ZdIT0pjPwNa6beTDKquf/CTanaEUjC1En4hAC+0tkBNS
WDI=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:23:54 2025 by rpki-client