Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AfoaYbDLjRY6m4UDU7p77FCw-O0.roa
File: AfoaYbDLjRY6m4UDU7p77FCw-O0.roa (raw, json)
Hash identifier: t53XXF1Y4aiOl7aKc+MuiFXkfYUBxPmLpXRYxniDgEM=
Subject key identifier: 01:FA:1A:61:B0:CB:8D:16:3A:9B:85:03:53:BA:7B:EC:50:B0:F8:ED
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 861887CC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AfoaYbDLjRY6m4UDU7p77FCw-O0.roa
Signing time: Sat 21 May 2022 16:10:29 +0000
ROA not before: Sat 21 May 2022 16:10:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:ddb5:bc5/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:e0ec:efe1/128 maxlen: 128
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2249754572 (0x861887cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 21 16:10:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01fa1a61b0cb8d163a9b850353ba7bec50b0f8ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c3:d1:2c:c4:6c:cd:fc:88:09:7d:4a:8d:ba:
c4:c0:03:14:b2:2d:fb:98:a4:8a:9a:d2:7c:8c:59:
22:72:12:1d:56:f2:9d:bd:a0:1d:c5:62:74:a1:3b:
b1:6a:14:78:70:07:b8:53:6a:e0:c3:02:d0:02:41:
c3:d7:a5:34:f6:77:78:6a:5c:3a:03:f1:09:74:8e:
05:c4:b0:08:43:0a:d4:68:9f:5c:e4:b5:21:c0:d9:
67:32:2e:53:ff:61:96:49:b5:b2:6a:e0:72:a7:79:
38:3d:b9:2e:91:31:16:34:62:40:ca:e7:8d:39:a8:
21:63:0b:89:ba:db:ec:14:a4:e0:21:de:2e:25:42:
bf:85:63:e3:8e:db:66:92:87:4f:12:38:3a:6b:d6:
f3:46:a8:b6:54:e3:16:f3:0a:40:1e:d2:91:e7:c7:
54:c3:9f:b7:72:09:86:5c:89:a6:cf:71:f3:b2:4e:
82:89:49:aa:08:b1:1e:a1:7d:3d:7d:c9:c5:4a:0b:
ba:d3:6e:cd:f0:3d:18:cc:ca:ba:17:fa:9e:a7:e5:
8a:fa:fb:46:e5:17:74:36:30:d2:9d:c0:6d:d4:4e:
67:d7:91:ee:a6:b9:b9:92:c6:10:3c:98:4c:d5:d9:
9f:70:1b:f5:65:c6:48:de:53:39:50:3c:72:f5:12:
db:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:FA:1A:61:B0:CB:8D:16:3A:9B:85:03:53:BA:7B:EC:50:B0:F8:ED
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AfoaYbDLjRY6m4UDU7p77FCw-O0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:e4:d5:45:c3:6a:d7:3b:ec:7b:ca:74:d5:02:b8:46:50:4c:
28:1b:c5:97:ca:6d:98:bd:57:1c:4c:63:11:46:d8:e0:2f:49:
bd:b7:e0:34:3e:5d:dd:09:35:b7:ca:f0:1e:01:1b:8e:8f:7e:
30:63:22:c6:1d:11:9c:cf:d6:56:01:67:57:39:9f:2c:c9:49:
d9:e7:6c:27:a7:f1:18:f8:92:22:18:d3:64:56:6a:6c:be:e9:
68:89:1f:f4:df:72:f9:a8:0b:6c:19:89:62:dc:95:52:c4:b4:
c8:2b:98:42:b1:fc:a5:13:75:6c:0b:1c:ad:0f:1b:bb:23:b3:
88:cb:c9:ec:bf:17:0e:02:1a:a7:0c:9f:7e:b2:c7:12:0d:91:
68:e0:b4:4f:f4:ef:3a:7d:b6:38:70:27:7a:0f:82:65:dd:9f:
83:d6:09:57:0a:e7:4b:83:30:4b:f9:06:7d:32:69:f8:13:36:
c4:e2:6c:47:a6:4c:9b:d4:04:12:7c:41:7f:a2:a9:77:c6:88:
f3:35:5d:49:b0:76:ea:31:eb:78:f4:22:0f:a2:a2:e3:9a:49:
e9:bf:80:df:50:53:77:70:33:fa:ec:fa:6b:a0:14:ef:22:d8:
74:ef:77:2c:25:2a:1c:ab:8e:e6:8d:83:ca:5b:8f:8d:99:08:
85:4b:10:65
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIYYh8wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjExNjEwMjlaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDAxZmExYTYxYjBj
YjhkMTYzYTliODUwMzUzYmE3YmVjNTBiMGY4ZWQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVw9EsxGzN/IgJfUqNusTAAxSyLfuYpIqa0nyMWSJyEh1W
8p29oB3FYnShO7FqFHhwB7hTauDDAtACQcPXpTT2d3hqXDoD8Ql0jgXEsAhDCtRo
n1zktSHA2WcyLlP/YZZJtbJq4HKneTg9uS6RMRY0YkDK5405qCFjC4m62+wUpOAh
3i4lQr+FY+OO22aSh08SODpr1vNGqLZU4xbzCkAe0pHnx1TDn7dyCYZciabPcfOy
ToKJSaoIsR6hfT19ycVKC7rTbs3wPRjMyroX+p6n5Yr6+0blF3Q2MNKdwG3UTmfX
ke6mubmSxhA8mEzV2Z9wG/VlxkjeUzlQPHL1EtsrAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUAfoaYbDLjRY6m4UDU7p77FCw+O0wHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9BZm9hWWJETGpSWTZtNFVEVTdwNzdGQ3ctTzAucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAceTVRcNq1zvse8p01QK4RlBMKBvFl8ptmL1X
HExjEUbY4C9JvbfgND5d3Qk1t8rwHgEbjo9+MGMixh0RnM/WVgFnVzmfLMlJ2eds
J6fxGPiSIhjTZFZqbL7paIkf9N9y+agLbBmJYtyVUsS0yCuYQrH8pRN1bAscrQ8b
uyOziMvJ7L8XDgIapwyffrLHEg2RaOC0T/TvOn22OHAneg+CZd2fg9YJVwrnS4Mw
S/kGfTJp+BM2xOJsR6ZMm9QEEnxBf6Kpd8aI8zVdSbB26jHrePQiD6Ki45pJ6b+A
31BTd3Az+uz6a6AU7yLYdO93LCUqHKuO5o2DyluPjZkIhUsQZQ==
-----END CERTIFICATE-----
Generated at Thu May 1 17:08:59 2025 by rpki-client