Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7bWnJ8CKNaYShMFMcvPfpYayhFQ.roa
File: 7bWnJ8CKNaYShMFMcvPfpYayhFQ.roa (raw, json)
Hash identifier: shdyhmPjIz1R6goZBYtaHxFt6wsiUm990MgrO4D1vKs=
Subject key identifier: ED:B5:A7:27:C0:8A:35:A6:12:84:C1:4C:72:F3:DF:A5:86:B2:84:54
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A1A9F091BBCDC713021FC86D23CBAC59B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7bWnJ8CKNaYShMFMcvPfpYayhFQ.roa
Signing time: Tue 22 Aug 2023 00:22:24 +0000
ROA not before: Tue 22 Aug 2023 00:22:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1a:9f:09:1b:bc:dc:71:30:21:fc:86:d2:3c:ba:c5:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 22 00:22:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=edb5a727c08a35a61284c14c72f3dfa586b28454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:98:9c:45:36:f2:73:d6:17:2e:42:56:ea:db:
85:07:65:47:f1:98:20:c5:ae:c9:95:52:3a:00:6d:
d1:83:3a:a2:f5:63:99:d4:a5:f9:61:a7:2e:b5:25:
d4:ab:9d:f8:4d:ca:44:10:7a:cd:ee:0a:cb:4a:d1:
24:22:2f:f2:44:62:f1:8e:7f:23:a0:bd:af:8a:92:
6b:13:b4:b1:90:3a:95:9b:be:be:02:e1:3e:70:03:
ee:5e:ff:e6:00:95:b5:a3:7e:c6:72:cb:ca:b5:7f:
63:38:fa:1b:8f:3c:12:90:25:8a:cf:80:a6:16:0b:
25:dc:01:66:e0:8d:b6:0a:4a:68:ed:18:bc:56:63:
27:d1:69:f9:64:bf:f1:5a:ea:08:11:ac:dc:f4:90:
18:7f:d5:99:9f:b9:3c:d5:a1:bc:6a:7b:19:7d:17:
4e:bc:80:0e:78:fc:51:c5:fc:18:ff:32:ef:ce:ae:
d8:32:90:ce:93:7c:e7:32:ad:02:24:e0:95:d5:be:
eb:66:48:15:e0:fd:bc:ae:9f:1f:3e:53:43:32:1b:
3d:f9:67:f0:a9:d5:e0:cd:0a:b3:b5:8f:8b:6e:3a:
a0:5a:f9:c2:fa:80:8b:12:35:45:d1:8f:9d:10:a1:
91:2c:ec:12:07:d0:74:91:54:20:92:e0:77:ef:fd:
69:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B5:A7:27:C0:8A:35:A6:12:84:C1:4C:72:F3:DF:A5:86:B2:84:54
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7bWnJ8CKNaYShMFMcvPfpYayhFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:b4:8a:6a:2b:80:38:3d:e5:21:2c:d6:81:5c:37:13:a2:e4:
3c:60:fa:2b:3e:bd:26:75:9b:c3:cd:b8:bb:6c:81:25:9b:b4:
cd:73:12:92:48:65:65:c3:7c:fa:b5:e5:ad:be:60:50:24:23:
85:a8:71:b9:be:7d:11:c1:7f:7e:52:ba:1f:00:a9:4b:5f:c4:
ec:8e:5f:1b:63:31:0e:df:84:df:b7:51:fa:f9:a8:11:dc:1c:
8b:79:6c:8d:af:37:d8:2d:51:4c:98:84:e3:2a:02:3f:d0:68:
ae:0c:78:53:84:30:22:81:84:99:f9:e6:e4:94:cf:ca:71:74:
72:98:73:9a:01:37:c4:9c:bf:43:6f:db:27:4e:2a:fb:17:8a:
bd:c0:f8:9d:c2:b4:2e:7e:b2:b1:7f:be:e9:be:62:46:56:bc:
82:fa:ae:17:b7:68:fe:f4:39:08:85:1a:44:63:ad:15:e2:e8:
13:32:6d:04:ec:9c:c3:33:6d:29:04:e9:db:48:b4:6d:5a:a1:
68:cc:73:d7:2f:4d:72:7f:ad:92:db:bb:a1:43:f3:48:0f:e0:
c2:f1:8a:fb:64:97:c8:60:01:a5:78:b1:e8:a1:7c:f6:cb:4c:
18:c0:2b:b2:3b:16:d7:66:08:e2:32:71:a9:cd:55:68:75:db:
f1:75:06:9e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoanwkbvNxxMCH8htI8usWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIyMDAyMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGI1YTcyN2MwOGEzNWE2MTI4NGMxNGM3MmYzZGZhNTg2YjI4NDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpicRTbyc9YXLkJW6tuFB2VH8Zgg
xa7JlVI6AG3Rgzqi9WOZ1KX5YacutSXUq534TcpEEHrN7grLStEkIi/yRGLxjn8j
oL2vipJrE7SxkDqVm76+AuE+cAPuXv/mAJW1o37GcsvKtX9jOPobjzwSkCWKz4Cm
Fgsl3AFm4I22Ckpo7Ri8VmMn0Wn5ZL/xWuoIEazc9JAYf9WZn7k81aG8ansZfRdO
vIAOePxRxfwY/zLvzq7YMpDOk3znMq0CJOCV1b7rZkgV4P28rp8fPlNDMhs9+Wfw
qdXgzQqztY+LbjqgWvnC+oCLEjVF0Y+dEKGRLOwSB9B0kVQgkuB37/1pJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO21pyfAijWmEoTBTHLz36WGsoRUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvN2JXbko4Q0tOYVlTaE1GTWN2UGZwWWF5aEZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADu0imorgDg95SEs1oFc
NxOi5Dxg+is+vSZ1m8PNuLtsgSWbtM1zEpJIZWXDfPq15a2+YFAkI4Wocbm+fRHB
f35Suh8AqUtfxOyOXxtjMQ7fhN+3Ufr5qBHcHIt5bI2vN9gtUUyYhOMqAj/QaK4M
eFOEMCKBhJn55uSUz8pxdHKYc5oBN8Scv0Nv2ydOKvsXir3A+J3CtC5+srF/vum+
YkZWvIL6rhe3aP70OQiFGkRjrRXi6BMybQTsnMMzbSkE6dtItG1aoWjMc9cvTXJ/
rZLbu6FD80gP4MLxivtkl8hgAaV4seihfPbLTBjAK7I7FtdmCOIycanNVWh12/F1
Bp4=
-----END CERTIFICATE-----
Generated at Thu May 1 00:09:10 2025 by rpki-client