Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AF7quSGib5HaLLWDEjNAf1bW3HM.roa
File: AF7quSGib5HaLLWDEjNAf1bW3HM.roa (raw, json)
Hash identifier: kGWtNbI5kaN7AaF2subVwccCIKRmdstc87WwJ3S0r6M=
Subject key identifier: 00:5E:EA:B9:21:A2:6F:91:DA:2C:B5:83:12:33:40:7F:56:D6:DC:73
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867B67111A8263C1B8B9F6FE2209951CD1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AF7quSGib5HaLLWDEjNAf1bW3HM.roa
Signing time: Wed 22 Feb 2023 23:13:17 +0000
ROA not before: Wed 22 Feb 2023 23:13:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7b:67:11:1a:82:63:c1:b8:b9:f6:fe:22:09:95:1c:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 23:13:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=005eeab921a26f91da2cb5831233407f56d6dc73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:bd:53:c8:73:b0:71:67:33:01:e0:62:75:71:
ca:96:51:2d:47:66:db:26:ff:fb:1a:ec:b4:b4:f4:
9c:e7:97:67:27:2e:9f:9e:27:92:45:fc:4e:c0:b3:
b8:e9:1b:36:e1:14:43:86:b4:f8:ef:98:85:4c:4d:
47:a0:d3:4d:b1:f3:ad:7d:e9:78:ce:8c:40:0a:0d:
ab:89:0a:f9:06:ea:9d:33:96:70:a3:6e:f5:23:82:
b7:b7:f1:46:6e:4e:d5:24:72:82:7c:fb:28:a8:ec:
0e:30:74:73:44:70:20:35:85:8c:c1:a1:38:5d:e5:
0a:d8:c0:d1:67:9f:cb:d1:14:fe:1b:6f:8b:4f:9c:
1d:69:d3:9e:cc:22:a5:86:a3:23:e3:1c:f1:aa:b2:
6b:0d:96:ac:9c:c5:e3:9c:e0:26:4b:e2:4b:85:1b:
4c:4c:97:44:21:c2:28:f7:dd:cb:c2:e9:cc:b4:e9:
d3:a9:3e:69:c2:34:db:2b:f3:5d:16:cd:5a:8b:22:
57:86:32:f0:25:28:9b:79:1e:78:54:fc:62:ce:bc:
b3:6c:66:da:2c:44:6d:ef:07:bf:46:ab:89:40:d7:
8c:9c:d3:3b:b4:7f:51:fe:d6:d5:05:29:75:32:a0:
cd:fb:7e:74:92:b0:a8:7b:77:3a:db:79:28:b4:ff:
33:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5E:EA:B9:21:A2:6F:91:DA:2C:B5:83:12:33:40:7F:56:D6:DC:73
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AF7quSGib5HaLLWDEjNAf1bW3HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:c1:fe:38:98:ea:2a:4a:0d:c6:fb:ef:f2:b1:54:a7:37:f5:
4b:d8:e2:55:96:db:f5:d2:5e:2c:7b:0f:a2:fc:ee:7b:b5:96:
8a:5b:f1:f5:ce:bd:8a:3d:a7:a7:48:ad:22:ca:ec:3a:e9:36:
1a:8f:1b:8e:ce:cc:d6:04:8a:41:c5:1c:1e:41:69:5d:44:f1:
7d:7d:8d:fd:bc:18:f0:c3:dc:da:01:82:15:af:7e:1c:f7:98:
29:63:22:e8:f0:74:2f:3b:fd:4c:46:02:e8:f3:e8:90:36:bc:
00:70:6b:7f:c8:64:04:78:e4:f6:63:55:bc:d3:f3:09:87:3e:
15:2d:76:80:f7:e1:fc:9d:c8:55:ba:a7:4f:8a:ea:a6:ed:b7:
95:df:ec:ee:e0:c6:7f:1b:19:e3:4f:19:80:d4:4a:b6:8c:6a:
9a:49:8f:58:3f:bd:2a:78:e3:43:17:a3:ca:ea:10:fc:c2:36:
b6:94:0a:ba:73:97:a5:dd:cd:74:48:f9:c7:00:99:68:6f:61:
e4:96:c4:a6:c0:e4:2e:0b:4c:56:fe:97:ec:5f:f5:9e:f2:ed:
88:54:05:f9:57:6b:55:10:2a:06:81:76:0b:f7:4f:01:8e:55:
6b:b1:7d:78:80:f2:3b:54:8c:12:f3:4c:ab:b0:a4:9f:0d:d9:
88:54:d6:ee
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ7ZxEagmPBuLn2/iIJlRzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMjMxMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDVlZWFiOTIxYTI2ZjkxZGEyY2I1ODMxMjMzNDA3ZjU2ZDZkYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAib1TyHOwcWczAeBidXHKllEtR2bb
Jv/7Guy0tPSc55dnJy6fnieSRfxOwLO46Rs24RRDhrT475iFTE1HoNNNsfOtfel4
zoxACg2riQr5BuqdM5Zwo271I4K3t/FGbk7VJHKCfPsoqOwOMHRzRHAgNYWMwaE4
XeUK2MDRZ5/L0RT+G2+LT5wdadOezCKlhqMj4xzxqrJrDZasnMXjnOAmS+JLhRtM
TJdEIcIo993LwunMtOnTqT5pwjTbK/NdFs1aiyJXhjLwJSibeR54VPxizryzbGba
LERt7we/RquJQNeMnNM7tH9R/tbVBSl1MqDN+350krCoe3c623kotP8zWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFABe6rkhom+R2iy1gxIzQH9W1txzMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQUY3cXVTR2liNUhhTExXREVqTkFmMWJXM0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAXB/jiY6ipKDcb77/Kx
VKc39UvY4lWW2/XSXix7D6L87nu1lopb8fXOvYo9p6dIrSLK7DrpNhqPG47OzNYE
ikHFHB5BaV1E8X19jf28GPDD3NoBghWvfhz3mCljIujwdC87/UxGAujz6JA2vABw
a3/IZAR45PZjVbzT8wmHPhUtdoD34fydyFW6p0+K6qbtt5Xf7O7gxn8bGeNPGYDU
SraMappJj1g/vSp440MXo8rqEPzCNraUCrpzl6XdzXRI+ccAmWhvYeSWxKbA5C4L
TFb+l+xf9Z7y7YhUBflXa1UQKgaBdgv3TwGOVWuxfXiA8jtUjBLzTKuwpJ8N2YhU
1u4=
-----END CERTIFICATE-----
Generated at Thu May 1 00:08:21 2025 by rpki-client