Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8zOkLsqHDUtdJK8iAVhMDigpmIM.roa
File: 8zOkLsqHDUtdJK8iAVhMDigpmIM.roa (raw, json)
Hash identifier: ezyv2hb2HuRG1L1GQlu2nuKiUVxuL6An/xIN13DMALk=
Subject key identifier: F3:33:A4:2E:CA:87:0D:4B:5D:24:AF:22:01:58:4C:0E:28:29:98:83
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3260CD55163A3CD7017AF6744AB9B810
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8zOkLsqHDUtdJK8iAVhMDigpmIM.roa
Signing time: Sat 26 Aug 2023 15:05:19 +0000
ROA not before: Sat 26 Aug 2023 15:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:3260:1c6b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:32:60:cd:55:16:3a:3c:d7:01:7a:f6:74:4a:b9:b8:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 26 15:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f333a42eca870d4b5d24af2201584c0e28299883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:30:a4:a0:04:96:23:5f:af:56:6a:b3:65:13:
38:82:8d:0e:c0:98:8c:9b:64:11:c3:68:55:d5:8c:
da:18:ec:f4:66:76:7a:0d:55:e3:a0:ce:49:1d:7d:
09:13:7b:f6:08:6a:54:2e:7e:c6:35:cb:54:31:c1:
70:45:23:96:42:34:84:4f:5d:be:57:b3:e3:4a:56:
d4:d2:c0:dc:d9:67:62:fe:e0:66:e9:2a:76:a3:f5:
39:ee:ad:ff:86:f1:40:e6:3b:a2:e6:ff:55:8d:de:
10:71:be:c4:7a:6b:c8:ab:1d:57:6b:f7:e4:56:f2:
f6:57:f8:85:c4:20:83:48:66:ea:2d:d7:16:3a:48:
17:79:6a:8d:15:43:e1:53:0c:69:1f:62:d1:65:20:
77:c1:31:c8:ac:b6:6f:a2:c5:e4:82:a7:e3:ea:84:
95:c1:09:20:5a:5b:09:6f:17:50:d9:ee:c3:24:4e:
f3:ea:c4:eb:69:55:1d:99:3e:e2:3d:54:8d:25:45:
ee:dd:72:8f:46:13:02:85:4f:9b:0c:5e:c3:c9:4f:
70:d3:49:2e:f9:3c:05:de:9d:9c:be:67:3d:bc:1b:
e2:5a:fd:12:26:f0:bd:1f:5f:99:b8:03:ed:9c:71:
a4:08:31:13:7b:ac:8b:b9:6b:66:57:dd:ac:3b:14:
88:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:33:A4:2E:CA:87:0D:4B:5D:24:AF:22:01:58:4C:0E:28:29:98:83
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/8zOkLsqHDUtdJK8iAVhMDigpmIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:8f:c1:72:c0:16:d5:5b:8a:22:cb:9f:d9:98:82:80:36:df:
eb:59:ee:fb:62:c1:3e:ec:ab:cd:63:f3:57:0c:8e:71:16:c3:
21:f9:72:75:60:d4:27:67:f8:7e:b8:99:88:7d:00:a1:25:94:
ab:96:0b:c5:7b:73:f5:f0:7a:e4:a0:94:5b:96:dc:eb:74:17:
b6:6e:77:bb:0f:12:bd:ac:b4:99:a2:b6:49:ae:ca:35:32:f7:
d5:62:53:c2:95:ba:de:a2:d2:45:8f:b4:5f:f1:1a:e0:79:3a:
7b:e2:a6:5a:f4:cd:c9:97:3f:2f:10:70:7d:85:61:94:1f:de:
a1:6a:95:7f:7e:26:51:ae:a6:40:d6:4f:c3:f4:46:d8:74:9d:
a5:1f:4a:f0:fc:3c:ff:85:1a:b3:16:3e:d3:b5:a3:cc:d2:3e:
8d:26:92:4b:c0:11:2d:b2:8b:28:f4:dd:ea:65:07:a9:bb:cd:
5d:48:e0:52:96:1d:0d:b6:c0:69:dd:af:a2:9b:6b:51:79:0d:
73:44:0d:06:63:00:7b:02:a0:f2:59:c4:4f:aa:bb:da:bd:f7:
14:b3:af:ff:11:a7:29:25:30:44:ac:9b:21:eb:68:af:a4:b1:
87:58:8e:d7:c8:e2:ea:12:ea:b2:03:a5:32:51:05:b5:e8:60:
36:7c:5b:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoyYM1VFjo81wF69nRKubgQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI2MTUwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzMzYTQyZWNhODcwZDRiNWQyNGFmMjIwMTU4NGMwZTI4Mjk5ODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jCkoASWI1+vVmqzZRM4go0OwJiM
m2QRw2hV1YzaGOz0ZnZ6DVXjoM5JHX0JE3v2CGpULn7GNctUMcFwRSOWQjSET12+
V7PjSlbU0sDc2Wdi/uBm6Sp2o/U57q3/hvFA5jui5v9Vjd4Qcb7EemvIqx1Xa/fk
VvL2V/iFxCCDSGbqLdcWOkgXeWqNFUPhUwxpH2LRZSB3wTHIrLZvosXkgqfj6oSV
wQkgWlsJbxdQ2e7DJE7z6sTraVUdmT7iPVSNJUXu3XKPRhMChU+bDF7DyU9w00ku
+TwF3p2cvmc9vBviWv0SJvC9H1+ZuAPtnHGkCDETe6yLuWtmV92sOxSIFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPMzpC7Khw1LXSSvIgFYTA4oKZiDMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOHpPa0xzcUhEVXRkSks4aUFWaE1EaWdwbUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFOPwXLAFtVbiiLLn9mY
goA23+tZ7vtiwT7sq81j81cMjnEWwyH5cnVg1Cdn+H64mYh9AKEllKuWC8V7c/Xw
euSglFuW3Ot0F7Zud7sPEr2stJmitkmuyjUy99ViU8KVut6i0kWPtF/xGuB5Onvi
plr0zcmXPy8QcH2FYZQf3qFqlX9+JlGupkDWT8P0Rth0naUfSvD8PP+FGrMWPtO1
o8zSPo0mkkvAES2yiyj03eplB6m7zV1I4FKWHQ22wGndr6Kba1F5DXNEDQZjAHsC
oPJZxE+qu9q99xSzr/8RpyklMESsmyHraK+ksYdYjtfI4uoS6rIDpTJRBbXoYDZ8
W8Y=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:37:04 2025 by rpki-client