Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9kT6nkS_aOBkSg0MWGCc_N-VtFE.roa
File: 9kT6nkS_aOBkSg0MWGCc_N-VtFE.roa (raw, json)
Hash identifier: zKor0VwzPtk/V/0k0+b1/12DrSz3ZumkP+y4Mku0DOg=
Subject key identifier: F6:44:FA:9E:44:BF:68:E0:64:4A:0D:0C:58:60:9C:FC:DF:95:B4:51
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189EFADE7102E9A72ECEDCE4B635732D0E6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9kT6nkS_aOBkSg0MWGCc_N-VtFE.roa
Signing time: Sun 13 Aug 2023 16:14:58 +0000
ROA not before: Sun 13 Aug 2023 16:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ef:ad:e7:10:2e:9a:72:ec:ed:ce:4b:63:57:32:d0:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 13 16:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f644fa9e44bf68e0644a0d0c58609cfcdf95b451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b6:ce:3b:1a:76:81:36:b4:d5:6b:e0:65:eb:
c2:d7:3b:61:53:8b:72:87:8d:49:da:fa:f8:2d:c5:
cf:f2:03:07:6b:66:3a:86:17:44:7b:4e:23:16:1f:
84:69:4d:f0:70:d3:61:8a:7c:66:4c:44:92:fe:0b:
88:c2:02:79:2d:15:dc:43:c1:d6:07:7b:7c:5d:b1:
88:45:70:a7:58:36:e6:04:c6:60:3c:6c:9f:c5:66:
86:b7:e0:41:22:81:ac:61:09:18:99:a9:aa:88:9e:
99:5e:6b:dc:cc:9c:22:49:d5:e4:e1:44:05:c8:b3:
55:1c:e1:9e:1a:3e:85:8c:f5:e5:56:5e:45:cd:8f:
d0:9a:71:38:67:d0:b9:c0:72:28:e8:7d:92:f2:21:
b1:81:89:c7:2e:06:e3:3c:02:25:14:93:0d:bf:ad:
06:bd:7f:b7:e3:e2:ee:89:2e:96:6c:02:b7:6a:e9:
bb:4d:da:19:3d:e0:d8:5a:60:b6:85:f9:a9:13:fe:
f3:30:86:bd:9f:31:b6:3a:40:b5:16:be:ee:fb:f1:
a2:77:6e:01:80:7d:af:93:a4:5f:b1:d9:11:8a:31:
e8:4a:46:ae:61:da:9b:49:85:37:1e:82:2a:b1:52:
29:bd:e4:a3:f7:08:8c:5a:58:cd:98:5d:51:cc:d1:
90:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:44:FA:9E:44:BF:68:E0:64:4A:0D:0C:58:60:9C:FC:DF:95:B4:51
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9kT6nkS_aOBkSg0MWGCc_N-VtFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:be:eb:46:16:6a:c1:a1:00:cc:64:b3:ad:6c:10:d1:51:76:
46:7a:47:95:0e:0e:5b:67:40:7e:7f:1b:23:f0:3f:4c:6b:49:
01:e8:09:86:ba:07:a7:fe:1c:d1:84:5d:1f:10:58:c2:75:db:
b9:1c:39:9e:bf:b3:b0:a7:a6:d6:15:61:bd:90:b6:52:4e:0a:
93:38:f5:bf:82:1a:6c:73:19:60:10:6f:d5:5e:b0:39:48:91:
b4:dd:67:9e:68:d9:2c:4d:bc:cd:6a:50:77:20:e8:22:5e:d5:
9d:5f:26:df:45:48:d4:0e:e5:d9:ef:80:ae:e8:a2:54:67:9b:
44:15:39:02:ce:68:68:af:30:6c:3f:30:42:6e:30:35:51:e3:
77:72:7c:fc:44:90:8d:fe:0a:10:6d:f8:df:97:2e:9f:55:7f:
ba:34:9f:e9:30:1e:67:bc:d0:20:f1:18:28:ca:4f:6b:0b:c6:
62:c0:35:ea:e5:b1:f8:a0:f7:cc:62:73:3e:65:d6:4f:82:f7:
36:90:a4:74:1d:14:80:b7:6e:16:09:4f:66:f0:5f:f0:97:da:
ff:0b:38:07:83:60:bd:e2:8f:f6:b8:f6:90:1d:e4:36:ad:fd:
ab:5e:8b:a0:c9:20:54:00:20:ef:5d:4e:c7:b5:33:7e:08:02:
ce:07:86:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnvrecQLppy7O3OS2NXMtDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEzMTYxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjQ0ZmE5ZTQ0YmY2OGUwNjQ0YTBkMGM1ODYwOWNmY2RmOTViNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7bOOxp2gTa01WvgZevC1zthU4ty
h41J2vr4LcXP8gMHa2Y6hhdEe04jFh+EaU3wcNNhinxmTESS/guIwgJ5LRXcQ8HW
B3t8XbGIRXCnWDbmBMZgPGyfxWaGt+BBIoGsYQkYmamqiJ6ZXmvczJwiSdXk4UQF
yLNVHOGeGj6FjPXlVl5FzY/QmnE4Z9C5wHIo6H2S8iGxgYnHLgbjPAIlFJMNv60G
vX+34+LuiS6WbAK3aum7TdoZPeDYWmC2hfmpE/7zMIa9nzG2OkC1Fr7u+/Gid24B
gH2vk6RfsdkRijHoSkauYdqbSYU3HoIqsVIpveSj9wiMWljNmF1RzNGQkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPZE+p5Ev2jgZEoNDFhgnPzflbRRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOWtUNm5rU19hT0JrU2cwTVdHQ2NfTi1WdEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAS+60YWasGhAMxks61s
ENFRdkZ6R5UODltnQH5/GyPwP0xrSQHoCYa6B6f+HNGEXR8QWMJ127kcOZ6/s7Cn
ptYVYb2QtlJOCpM49b+CGmxzGWAQb9VesDlIkbTdZ55o2SxNvM1qUHcg6CJe1Z1f
Jt9FSNQO5dnvgK7oolRnm0QVOQLOaGivMGw/MEJuMDVR43dyfPxEkI3+ChBt+N+X
Lp9Vf7o0n+kwHme80CDxGCjKT2sLxmLANerlsfig98xicz5l1k+C9zaQpHQdFIC3
bhYJT2bwX/CX2v8LOAeDYL3ij/a49pAd5Dat/atei6DJIFQAIO9dTse1M34IAs4H
hkk=
-----END CERTIFICATE-----
Generated at Thu May 1 04:29:19 2025 by rpki-client