Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9_GY_khggz9czP7MWYvbXAL6DMY.roa
File: 9_GY_khggz9czP7MWYvbXAL6DMY.roa (raw, json)
Hash identifier: 1ZI4S+oQsfDrtE5tf3vt6dZXWq3ks4o1jFHcxV3vY0E=
Subject key identifier: F7:F1:98:FE:48:60:83:3F:5C:CC:FE:CC:59:8B:DB:5C:02:FA:0C:C6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018586909FA705B46B497509CFBA7A4335AD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9_GY_khggz9czP7MWYvbXAL6DMY.roa
Signing time: Fri 06 Jan 2023 10:11:43 +0000
ROA not before: Fri 06 Jan 2023 10:11:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:86:90:9f:a7:05:b4:6b:49:75:09:cf:ba:7a:43:35:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 6 10:11:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7f198fe4860833f5cccfecc598bdb5c02fa0cc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:92:35:ec:fa:16:9e:b2:d3:01:e7:18:f6:27:
c2:45:ae:92:54:fc:bf:29:dd:16:63:5e:eb:2d:b1:
2e:2d:d7:80:28:e8:a0:0e:ae:be:f2:d5:1a:0d:0b:
e6:32:44:e1:d0:13:38:e7:15:d0:f6:d9:65:a0:74:
a6:b1:66:a5:1c:b7:b1:c9:48:a9:3a:5b:0e:b5:0a:
c9:d9:3f:c2:5b:3c:52:7d:25:c9:36:8b:82:ee:21:
73:81:cd:b3:85:42:8d:34:94:6c:5e:25:76:ac:87:
77:5f:66:4e:d7:62:4f:19:30:e6:3e:1b:9d:72:a3:
c5:b1:ba:29:0c:ad:ce:81:87:ab:a0:e9:2e:9c:93:
74:bb:08:b9:f8:a8:bb:33:d0:6b:a5:7d:ff:36:c2:
d1:39:a5:de:03:06:99:b9:87:25:ad:5e:2b:15:35:
3b:7a:e6:3a:e1:4b:32:6f:fc:40:36:b9:15:05:99:
e1:de:e7:ba:f0:07:a8:fe:f9:37:2c:7d:ab:30:3b:
89:b6:51:7e:28:cb:f3:85:e2:0a:59:1e:26:40:8a:
03:8b:5c:97:7b:ad:6a:dd:d5:6a:a8:10:c9:4f:e9:
02:62:09:e4:0f:ef:f2:9e:7e:fc:98:41:6c:8c:08:
08:91:83:cc:26:d4:10:22:a5:96:b5:5c:7b:7e:26:
45:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:F1:98:FE:48:60:83:3F:5C:CC:FE:CC:59:8B:DB:5C:02:FA:0C:C6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9_GY_khggz9czP7MWYvbXAL6DMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:ed:d1:ea:cf:50:7d:fd:a7:db:c9:dc:d4:ee:5d:07:3c:c0:
fa:a0:e9:2d:11:02:cb:9b:97:ff:20:9f:1a:2e:9b:97:56:43:
14:31:17:27:83:69:b0:87:ee:1e:6b:ea:b2:cb:27:f8:e7:dd:
4a:43:b7:75:b4:14:24:66:5b:83:78:24:b1:af:dc:72:59:38:
92:66:83:f0:03:df:08:f4:bb:9d:bb:fe:f2:79:4f:a3:59:a4:
59:87:ab:9a:93:0e:53:2d:21:31:81:0e:80:cd:8d:f9:67:e3:
48:3e:35:4b:b6:5e:73:4b:8e:f0:72:c0:99:31:f2:46:53:94:
18:32:19:c0:b5:0e:92:c7:22:5d:c0:5d:a1:af:42:94:5a:52:
d9:55:23:73:20:e2:91:79:3a:ec:c4:dc:d3:14:92:02:08:ef:
75:d5:3c:c4:2c:0f:3c:e5:0a:c0:82:ff:11:f9:a4:3a:e2:85:
fb:ea:59:47:1f:d1:ad:37:23:71:ce:0d:6b:3e:0c:33:e3:02:
4e:8b:5b:02:a9:f7:61:92:ef:55:68:b8:16:65:6f:95:8e:68:
a8:8a:62:f3:cc:a7:e9:f3:10:7d:f9:20:68:d8:9f:96:4f:8f:
0b:d3:0f:39:3b:d1:03:b5:41:d7:aa:ec:26:b2:d3:b3:10:05:
c3:a3:38:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWGkJ+nBbRrSXUJz7p6QzWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA2MTAxMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2YxOThmZTQ4NjA4MzNmNWNjY2ZlY2M1OThiZGI1YzAyZmEwY2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5I17PoWnrLTAecY9ifCRa6SVPy/
Kd0WY17rLbEuLdeAKOigDq6+8tUaDQvmMkTh0BM45xXQ9tlloHSmsWalHLexyUip
OlsOtQrJ2T/CWzxSfSXJNouC7iFzgc2zhUKNNJRsXiV2rId3X2ZO12JPGTDmPhud
cqPFsbopDK3OgYeroOkunJN0uwi5+Ki7M9BrpX3/NsLROaXeAwaZuYclrV4rFTU7
euY64Usyb/xANrkVBZnh3ue68Aeo/vk3LH2rMDuJtlF+KMvzheIKWR4mQIoDi1yX
e61q3dVqqBDJT+kCYgnkD+/ynn78mEFsjAgIkYPMJtQQIqWWtVx7fiZFMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPfxmP5IYIM/XMz+zFmL21wC+gzGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOV9HWV9raGdnejljelA3TVdZdmJYQUw2RE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACrt0erPUH39p9vJ3NTu
XQc8wPqg6S0RAsubl/8gnxoum5dWQxQxFyeDabCH7h5r6rLLJ/jn3UpDt3W0FCRm
W4N4JLGv3HJZOJJmg/AD3wj0u527/vJ5T6NZpFmHq5qTDlMtITGBDoDNjfln40g+
NUu2XnNLjvBywJkx8kZTlBgyGcC1DpLHIl3AXaGvQpRaUtlVI3Mg4pF5OuzE3NMU
kgII73XVPMQsDzzlCsCC/xH5pDrihfvqWUcf0a03I3HODWs+DDPjAk6LWwKp92GS
71VouBZlb5WOaKiKYvPMp+nzEH35IGjYn5ZPjwvTDzk70QO1Qdeq7Cay07MQBcOj
OLs=
-----END CERTIFICATE-----
Generated at Thu May 1 09:11:30 2025 by rpki-client