Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8GxhYA2TPS00qQwA8yzslZlY50A.roa
File: 8GxhYA2TPS00qQwA8yzslZlY50A.roa (raw, json)
Hash identifier: PeH3/cOrcgLq1QtsAMXj4alZ5lW0mP/P46DiXRJXFes=
Subject key identifier: F0:6C:61:60:0D:93:3D:2D:34:A9:0C:00:F3:2C:EC:95:99:58:E7:40
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189FD29E3BFDB9D0059E766978F53B62F33
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8GxhYA2TPS00qQwA8yzslZlY50A.roa
Signing time: Wed 16 Aug 2023 07:05:28 +0000
ROA not before: Wed 16 Aug 2023 07:05:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:fd29:25be/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:29:e3:bf:db:9d:00:59:e7:66:97:8f:53:b6:2f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 16 07:05:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f06c61600d933d2d34a90c00f32cec959958e740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d4:ed:18:f9:79:62:19:e7:4e:34:97:b8:bc:
f6:1f:ff:7b:25:98:1e:2d:69:5b:5a:9a:bb:d8:21:
90:92:c8:1a:8f:11:ef:cd:3d:e9:03:cd:b9:1b:b3:
20:dc:8c:1a:2b:51:c3:51:6f:ac:9e:70:c1:63:c4:
19:36:bb:34:05:4c:97:13:dd:4e:2e:a4:9e:71:72:
3d:ae:81:99:ff:9a:0a:84:f4:89:59:ae:7e:24:44:
6f:5c:47:fe:ec:dc:01:d4:a4:84:f9:57:a7:21:24:
1d:7e:01:29:b6:2c:4b:87:2b:41:21:46:74:55:2e:
32:1a:1a:36:e4:bc:f5:82:b4:0d:a9:d5:ab:72:54:
f0:af:1c:ba:f9:c0:3f:9f:57:34:b7:17:c6:58:6b:
e9:2f:c0:b1:6f:ba:96:8a:e9:4a:e2:fe:35:cf:35:
de:19:e0:2d:87:30:ff:de:b0:3d:7a:8e:3c:57:e0:
23:cd:66:98:4a:4f:d7:24:19:12:1f:11:54:d3:ac:
1b:00:12:66:e0:87:ec:a5:26:bb:02:93:f9:5c:67:
d0:c9:2b:54:1d:aa:73:cd:8f:33:20:d8:d0:76:a3:
27:21:ea:e3:a7:68:6c:2c:f1:7e:52:fa:7d:53:03:
20:8e:02:62:0c:63:7e:68:84:ac:73:2a:12:23:f7:
33:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:6C:61:60:0D:93:3D:2D:34:A9:0C:00:F3:2C:EC:95:99:58:E7:40
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8GxhYA2TPS00qQwA8yzslZlY50A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:66:3d:e1:5b:b0:f1:64:49:ec:29:ed:e9:5d:42:a8:0b:1b:
19:a6:0b:c7:db:4a:a3:8f:c9:2f:8f:39:47:52:b2:b7:9c:46:
a1:69:03:f9:8c:97:b6:05:88:cb:55:51:04:38:9a:23:09:12:
97:fb:24:04:56:5c:d3:4a:bb:10:b9:92:b1:24:78:a2:9a:d9:
22:a3:7d:3c:0f:9c:11:0c:1e:34:ca:b1:df:12:31:66:c4:83:
c6:8c:58:fe:bd:ac:fb:4d:c5:c3:74:97:6d:3d:19:75:08:e8:
2f:c4:f8:37:8f:31:fb:6a:94:56:b4:e2:59:bb:99:f3:1d:6b:
5c:ff:0e:5b:75:c0:64:3f:9e:a3:63:3b:2d:fc:4d:cb:5a:b0:
41:25:81:01:d2:5b:15:dc:eb:e1:05:a4:29:fc:3b:ca:32:e8:
51:fa:43:c7:76:73:4c:3f:5e:93:df:56:70:dc:17:91:3f:1e:
84:1c:1c:71:10:3a:44:2d:d8:e8:36:68:38:2b:89:77:e0:d1:
45:46:37:5e:24:9c:21:3a:ea:c5:d9:15:ab:a8:8d:3d:32:b0:
a1:21:c8:e1:4c:b7:d0:76:6b:23:0e:e5:b7:0f:4f:31:6c:60:
75:75:80:f4:2d:0e:c1:ff:fd:57:56:68:3e:24:fa:d6:96:c2:
9b:25:da:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn9KeO/250AWedml49Tti8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE2MDcwNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDZjNjE2MDBkOTMzZDJkMzRhOTBjMDBmMzJjZWM5NTk5NThlNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtTtGPl5YhnnTjSXuLz2H/97JZge
LWlbWpq72CGQksgajxHvzT3pA825G7Mg3IwaK1HDUW+snnDBY8QZNrs0BUyXE91O
LqSecXI9roGZ/5oKhPSJWa5+JERvXEf+7NwB1KSE+VenISQdfgEptixLhytBIUZ0
VS4yGho25Lz1grQNqdWrclTwrxy6+cA/n1c0txfGWGvpL8Cxb7qWiulK4v41zzXe
GeAthzD/3rA9eo48V+AjzWaYSk/XJBkSHxFU06wbABJm4IfspSa7ApP5XGfQyStU
HapzzY8zINjQdqMnIerjp2hsLPF+Uvp9UwMgjgJiDGN+aISscyoSI/cz2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPBsYWANkz0tNKkMAPMs7JWZWOdAMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOEd4aFlBMlRQUzAwcVF3QTh5enNsWmxZNTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI1mPeFbsPFkSewp7eld
QqgLGxmmC8fbSqOPyS+POUdSsrecRqFpA/mMl7YFiMtVUQQ4miMJEpf7JARWXNNK
uxC5krEkeKKa2SKjfTwPnBEMHjTKsd8SMWbEg8aMWP69rPtNxcN0l209GXUI6C/E
+DePMftqlFa04lm7mfMda1z/Dlt1wGQ/nqNjOy38TctasEElgQHSWxXc6+EFpCn8
O8oy6FH6Q8d2c0w/XpPfVnDcF5E/HoQcHHEQOkQt2Og2aDgriXfg0UVGN14knCE6
6sXZFauojT0ysKEhyOFMt9B2ayMO5bcPTzFsYHV1gPQtDsH//VdWaD4k+taWwpsl
2ig=
-----END CERTIFICATE-----
Generated at Fri May 2 13:11:13 2025 by rpki-client