Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9De-KAkdIGPNDOJ1UfYYl7JDt84.roa
File: 9De-KAkdIGPNDOJ1UfYYl7JDt84.roa (raw, json)
Hash identifier: +QyPly4ui6WYLdmRxWZTJhkSJXVBgeSzjVyNRwD3d+U=
Subject key identifier: F4:37:BE:28:09:1D:20:63:CD:0C:E2:75:51:F6:18:97:B2:43:B7:CE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186AC14F7E779E518A5B9E797D4A856CB5B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9De-KAkdIGPNDOJ1UfYYl7JDt84.roa
Signing time: Sat 04 Mar 2023 10:05:00 +0000
ROA not before: Sat 04 Mar 2023 10:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:ac14:376a/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ac:14:f7:e7:79:e5:18:a5:b9:e7:97:d4:a8:56:cb:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 4 10:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f437be28091d2063cd0ce27551f61897b243b7ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:e6:d8:3a:91:4d:1a:5d:9a:aa:a3:62:fe:27:
2f:16:5a:c5:f5:33:86:34:75:32:0c:27:c9:f2:63:
be:80:5c:a5:70:ec:26:66:de:87:0c:e3:66:f5:fd:
27:bf:38:ff:03:e4:ea:82:81:06:f0:fd:8b:34:6c:
22:b6:ab:e8:c5:42:b8:15:6c:f6:25:c3:c9:13:dc:
da:12:b7:55:44:bd:c9:94:bf:66:32:08:42:ac:cf:
1c:46:e3:9e:b7:49:cb:24:82:63:ac:d2:03:b1:03:
ab:2f:7e:7a:5a:43:e0:e7:b6:be:9b:2d:02:f5:41:
26:28:ad:45:7c:67:22:7e:57:c5:a4:66:c3:3a:0c:
48:6b:b4:50:f5:27:9f:de:f1:2d:76:96:08:8c:0d:
c8:24:21:38:61:7b:ee:41:fe:0e:a2:cd:da:01:14:
7d:50:1d:80:c0:e2:1a:8b:61:6a:c3:a6:ab:2b:36:
2b:ee:f0:35:f2:74:c6:b5:6f:44:84:5f:ca:03:c2:
48:14:fc:09:a6:a8:77:05:f9:06:4e:cf:af:f9:8c:
b2:64:b2:e7:6e:b5:d3:b7:22:ac:73:07:65:87:8c:
4c:54:a1:f5:4f:4d:99:39:0d:9e:fd:67:71:d1:3a:
01:88:91:3d:47:bd:6b:85:95:ae:1f:98:da:4e:ee:
a5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:37:BE:28:09:1D:20:63:CD:0C:E2:75:51:F6:18:97:B2:43:B7:CE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9De-KAkdIGPNDOJ1UfYYl7JDt84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:b5:cf:8a:ea:79:7b:1a:2f:46:37:ac:e5:77:b9:02:f4:29:
f8:7f:c5:ac:db:e0:ab:79:41:18:44:43:cd:80:14:21:fb:af:
30:90:ae:d5:48:5c:32:f8:e7:ca:c6:de:f7:01:1e:61:35:e4:
01:86:37:9e:59:b7:9c:35:82:6d:94:bd:fa:5d:f5:7a:d6:61:
f3:85:80:c5:03:da:9b:91:10:4a:b9:e6:17:b8:e8:a1:54:4b:
8e:6d:af:bc:4e:0a:cc:21:4b:7b:35:ab:bf:45:93:03:0a:88:
9e:cf:67:8b:f1:d8:94:a7:e9:07:42:98:a4:45:06:52:76:27:
80:06:f7:9c:b8:5b:3b:4a:96:f9:84:e4:ea:a0:63:2a:6e:e1:
6e:9e:08:00:02:35:49:d9:3d:af:4d:f2:4d:4f:67:1d:8e:b4:
0c:df:b8:05:8e:ee:3b:1a:1a:f4:c2:bf:df:41:34:28:13:43:
37:de:eb:03:22:75:7b:50:bf:e7:f1:62:b2:e2:82:7a:b9:d3:
1b:24:3f:ed:3f:9f:cb:dc:e3:47:b4:37:47:aa:80:13:03:03:
c9:8d:be:2d:07:31:49:0c:29:36:89:13:73:ef:0d:28:7d:72:
6d:7f:a5:f8:78:9b:9a:41:7b:59:6c:a3:b9:d2:6d:e7:a3:85:
f2:6b:df:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYasFPfneeUYpbnnl9SoVstbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA0MTAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDM3YmUyODA5MWQyMDYzY2QwY2UyNzU1MWY2MTg5N2IyNDNiN2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ebYOpFNGl2aqqNi/icvFlrF9TOG
NHUyDCfJ8mO+gFylcOwmZt6HDONm9f0nvzj/A+TqgoEG8P2LNGwitqvoxUK4FWz2
JcPJE9zaErdVRL3JlL9mMghCrM8cRuOet0nLJIJjrNIDsQOrL356WkPg57a+my0C
9UEmKK1FfGciflfFpGbDOgxIa7RQ9Sef3vEtdpYIjA3IJCE4YXvuQf4Oos3aARR9
UB2AwOIai2Fqw6arKzYr7vA18nTGtW9EhF/KA8JIFPwJpqh3BfkGTs+v+YyyZLLn
brXTtyKscwdlh4xMVKH1T02ZOQ2e/Wdx0ToBiJE9R71rhZWuH5jaTu6lgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPQ3vigJHSBjzQzidVH2GJeyQ7fOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOURlLUtBa2RJR1BORE9KMVVmWVlsN0pEdDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF61z4rqeXsaL0Y3rOV3
uQL0Kfh/xazb4Kt5QRhEQ82AFCH7rzCQrtVIXDL458rG3vcBHmE15AGGN55Zt5w1
gm2Uvfpd9XrWYfOFgMUD2puREEq55he46KFUS45tr7xOCswhS3s1q79FkwMKiJ7P
Z4vx2JSn6QdCmKRFBlJ2J4AG95y4WztKlvmE5OqgYypu4W6eCAACNUnZPa9N8k1P
Zx2OtAzfuAWO7jsaGvTCv99BNCgTQzfe6wMidXtQv+fxYrLignq50xskP+0/n8vc
40e0N0eqgBMDA8mNvi0HMUkMKTaJE3PvDSh9cm1/pfh4m5pBe1lso7nSbeejhfJr
3xY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:02:36 2025 by rpki-client