Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/A5dL31xNCrOX6P7HeX2aACRH4Kc.roa
File: A5dL31xNCrOX6P7HeX2aACRH4Kc.roa (raw, json)
Hash identifier: X7dcsm3wy36800wPIFT0btjW+BeY4SilrYlG4w7DrU4=
Subject key identifier: 03:97:4B:DF:5C:4D:0A:B3:97:E8:FE:C7:79:7D:9A:00:24:47:E0:A7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01887BCCFED6460CBEB7B1B07C4572897B1F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/A5dL31xNCrOX6P7HeX2aACRH4Kc.roa
Signing time: Fri 02 Jun 2023 11:10:12 +0000
ROA not before: Fri 02 Jun 2023 11:10:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7b:cc:fe:d6:46:0c:be:b7:b1:b0:7c:45:72:89:7b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 2 11:10:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03974bdf5c4d0ab397e8fec7797d9a002447e0a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3b:4a:09:e0:df:bb:5a:e2:91:01:b5:2a:52:
28:fd:00:79:56:26:d5:50:b0:c1:93:3c:2c:77:b3:
15:c6:5e:8b:dd:2e:d2:6d:51:09:09:f9:20:60:5f:
6d:54:4b:ad:d7:a8:50:2f:e1:9c:19:a1:60:b3:26:
91:5e:ba:86:15:7c:2b:47:bd:3c:5b:f3:3e:87:fe:
bc:a4:9a:9d:dc:25:2b:f2:4f:22:12:01:a2:c9:a3:
54:f3:24:52:d5:64:d7:c6:34:21:a5:ba:0b:4a:da:
24:6e:c9:d7:16:df:ea:0e:83:dc:e2:41:d7:c0:bd:
f1:2f:c0:ed:88:b4:86:7d:e8:1f:fa:75:32:c5:07:
ea:e3:aa:41:db:06:7d:cb:60:14:de:69:3a:d0:d4:
62:7a:e6:f2:38:56:65:e6:19:ea:00:5f:30:5b:4c:
50:fc:fc:d8:4d:e7:39:96:31:3a:e4:db:3a:c4:fc:
7c:7b:7a:d7:b9:e3:65:c9:5f:85:64:05:e3:a1:1f:
e1:66:16:42:e5:36:dc:00:09:de:f0:a2:8d:11:96:
47:07:01:69:36:00:5c:29:68:57:d1:48:05:48:9f:
1d:91:91:7d:5d:69:7c:63:fa:85:c0:cf:5d:73:75:
2f:91:64:a8:f7:b0:59:95:40:6f:95:0a:7a:34:ec:
9f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:97:4B:DF:5C:4D:0A:B3:97:E8:FE:C7:79:7D:9A:00:24:47:E0:A7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/A5dL31xNCrOX6P7HeX2aACRH4Kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:ad:8f:02:e7:8c:8e:05:5f:7e:c9:59:23:97:56:c3:fe:f5:
92:dc:20:30:7e:a7:12:6d:9c:90:b5:13:0c:83:ee:16:32:37:
b0:48:07:cb:cb:41:2c:c0:b0:96:72:58:eb:b5:11:5b:d9:65:
ab:66:37:6b:c8:44:22:00:0f:12:fc:9b:ee:18:dc:60:f0:c9:
33:ff:64:6e:75:ea:1c:13:3c:2d:12:3a:79:aa:08:16:f5:8f:
25:fa:ad:51:53:fa:62:f7:48:a5:87:50:37:16:13:0d:55:96:
fd:5c:a0:bf:c6:44:a8:db:fc:9c:71:41:c1:d5:ed:df:e5:ed:
da:fc:61:1a:b0:be:2f:51:e3:35:52:ed:50:db:ac:e4:09:d8:
8a:67:94:c5:40:4e:63:33:7e:33:f2:d4:bf:f4:3b:27:f3:e2:
d0:b7:aa:24:f1:b0:39:cb:d3:0d:2d:a7:4f:59:29:dc:b3:0e:
fc:bc:a1:69:76:32:0d:57:29:bc:c1:8d:b8:ae:71:ce:a8:04:
20:25:6c:f1:fa:64:54:e8:8b:0a:f8:de:74:10:0b:bd:0f:e0:
1b:65:71:d8:68:29:d7:59:b8:43:b4:62:af:5d:83:af:02:d1:
06:36:95:de:89:a9:16:c1:7e:83:87:e0:4a:ff:d4:41:ea:70:
52:17:25:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYh7zP7WRgy+t7GwfEVyiXsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjAyMTExMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzk3NGJkZjVjNGQwYWIzOTdlOGZlYzc3OTdkOWEwMDI0NDdlMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTtKCeDfu1rikQG1KlIo/QB5VibV
ULDBkzwsd7MVxl6L3S7SbVEJCfkgYF9tVEut16hQL+GcGaFgsyaRXrqGFXwrR708
W/M+h/68pJqd3CUr8k8iEgGiyaNU8yRS1WTXxjQhpboLStokbsnXFt/qDoPc4kHX
wL3xL8DtiLSGfegf+nUyxQfq46pB2wZ9y2AU3mk60NRieubyOFZl5hnqAF8wW0xQ
/PzYTec5ljE65Ns6xPx8e3rXueNlyV+FZAXjoR/hZhZC5TbcAAne8KKNEZZHBwFp
NgBcKWhX0UgFSJ8dkZF9XWl8Y/qFwM9dc3UvkWSo97BZlUBvlQp6NOyf5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAOXS99cTQqzl+j+x3l9mgAkR+CnMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQTVkTDMxeE5Dck9YNlA3SGVYMmFBQ1JINEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADWtjwLnjI4FX37JWSOX
VsP+9ZLcIDB+pxJtnJC1EwyD7hYyN7BIB8vLQSzAsJZyWOu1EVvZZatmN2vIRCIA
DxL8m+4Y3GDwyTP/ZG516hwTPC0SOnmqCBb1jyX6rVFT+mL3SKWHUDcWEw1Vlv1c
oL/GRKjb/JxxQcHV7d/l7dr8YRqwvi9R4zVS7VDbrOQJ2IpnlMVATmMzfjPy1L/0
Oyfz4tC3qiTxsDnL0w0tp09ZKdyzDvy8oWl2Mg1XKbzBjbiucc6oBCAlbPH6ZFTo
iwr43nQQC70P4BtlcdhoKddZuEO0Yq9dg68C0QY2ld6JqRbBfoOH4Er/1EHqcFIX
JZM=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:39:12 2025 by rpki-client