Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CegtVwO56pcHsCAdzwxvXLO8qoc.roa
File: CegtVwO56pcHsCAdzwxvXLO8qoc.roa (raw, json)
Hash identifier: fUqg+ZLhyCbd6lalCPC8FxLPPoqX7unv8d0NE1f61C8=
Subject key identifier: 09:E8:2D:57:03:B9:EA:97:07:B0:20:1D:CF:0C:6F:5C:B3:BC:AA:87
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189C86A5273166CF34620EB948CFC9FB19A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CegtVwO56pcHsCAdzwxvXLO8qoc.roa
Signing time: Sun 06 Aug 2023 01:15:58 +0000
ROA not before: Sun 06 Aug 2023 01:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c8:6a:52:73:16:6c:f3:46:20:eb:94:8c:fc:9f:b1:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 6 01:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09e82d5703b9ea9707b0201dcf0c6f5cb3bcaa87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e8:78:77:ba:72:45:12:f9:b2:de:b7:53:1f:
a6:db:38:b3:4f:65:36:de:16:c2:92:88:bf:ad:d3:
cf:d3:a7:21:58:24:c8:7b:53:87:8d:a1:fc:53:0f:
45:13:a8:79:0c:b5:d3:36:99:f3:5b:ab:47:e4:f1:
8a:b8:04:a9:cc:fe:6b:47:22:c6:d1:7d:14:3b:99:
b1:92:52:04:a2:d9:c2:4c:44:23:da:3a:41:6f:9d:
12:d4:c6:de:9f:95:df:e0:42:ba:ab:59:d7:17:2c:
f0:81:36:d5:77:3a:e9:74:7f:57:5c:dc:82:3e:7d:
03:d4:ef:72:60:41:c3:bb:86:80:a8:98:5f:1c:6b:
02:c7:a9:49:7c:d9:9f:c5:32:b1:25:6f:ca:f7:58:
2f:d4:8a:92:8f:c3:e1:5b:12:9c:f5:a9:30:11:4b:
97:0e:23:06:54:5c:9c:a1:d7:24:92:3d:31:c2:21:
19:0d:98:6d:bd:23:89:bd:77:1e:c2:e5:4e:a3:cd:
d4:59:fe:2d:ec:08:b8:ab:86:9b:aa:17:63:95:79:
1f:b9:fc:4a:b5:92:e8:9c:6d:bc:4b:88:a6:c8:11:
98:cc:49:c1:9d:d4:bd:3e:54:68:4f:a2:53:9a:5b:
57:80:53:08:8b:07:13:97:15:00:30:88:0e:e9:75:
5e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E8:2D:57:03:B9:EA:97:07:B0:20:1D:CF:0C:6F:5C:B3:BC:AA:87
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CegtVwO56pcHsCAdzwxvXLO8qoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:cb:54:8b:2a:94:3d:63:cf:4e:d4:27:c2:19:32:15:e8:63:
c9:f3:5d:05:9f:58:26:ad:7a:6e:62:c8:1c:0e:6b:e6:2e:62:
9d:a4:36:01:57:2a:65:d0:1a:73:b2:ff:de:93:97:22:db:82:
6c:42:d1:5d:c5:d6:64:5c:ba:2c:3d:92:08:78:d0:25:28:84:
e2:aa:15:67:ee:2a:a9:6e:b2:45:c3:0d:7d:0c:c7:73:b1:ea:
6e:c8:03:e9:08:9c:b0:99:e3:26:ed:07:55:0a:02:ca:d7:42:
ad:5b:e2:1c:bb:39:09:76:ba:35:ca:1c:4d:ff:20:2c:3c:43:
7d:57:36:df:f0:08:bc:9e:42:97:0f:8a:b2:5a:2f:30:a0:98:
c0:c0:e5:c8:a2:4f:cb:93:de:56:68:00:22:ab:32:ca:f6:be:
70:81:dd:d8:d0:48:c8:a2:d3:60:55:bb:b1:d5:12:f7:89:c0:
4c:c3:4f:ce:ac:02:20:a0:0a:b2:cf:22:83:32:0c:ed:a6:7e:
60:51:47:05:f0:74:da:36:bf:fc:e5:ee:ff:6b:8f:80:34:96:
cf:70:d7:14:5b:7c:5d:1f:3a:31:0f:61:86:fa:18:ae:cc:0c:
eb:25:2f:3e:b1:2a:cd:9e:c8:dd:f5:63:db:22:bb:1e:2c:0c:
ac:65:1b:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnIalJzFmzzRiDrlIz8n7GaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA2MDExNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWU4MmQ1NzAzYjllYTk3MDdiMDIwMWRjZjBjNmY1Y2IzYmNhYTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuh4d7pyRRL5st63Ux+m2zizT2U2
3hbCkoi/rdPP06chWCTIe1OHjaH8Uw9FE6h5DLXTNpnzW6tH5PGKuASpzP5rRyLG
0X0UO5mxklIEotnCTEQj2jpBb50S1Mben5Xf4EK6q1nXFyzwgTbVdzrpdH9XXNyC
Pn0D1O9yYEHDu4aAqJhfHGsCx6lJfNmfxTKxJW/K91gv1IqSj8PhWxKc9akwEUuX
DiMGVFycodckkj0xwiEZDZhtvSOJvXcewuVOo83UWf4t7Ai4q4abqhdjlXkfufxK
tZLonG28S4imyBGYzEnBndS9PlRoT6JTmltXgFMIiwcTlxUAMIgO6XVexQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAnoLVcDueqXB7AgHc8Mb1yzvKqHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQ2VndFZ3TzU2cGNIc0NBZHp3eHZYTE84cW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIPLVIsqlD1jz07UJ8IZ
MhXoY8nzXQWfWCatem5iyBwOa+YuYp2kNgFXKmXQGnOy/96TlyLbgmxC0V3F1mRc
uiw9kgh40CUohOKqFWfuKqluskXDDX0Mx3Ox6m7IA+kInLCZ4ybtB1UKAsrXQq1b
4hy7OQl2ujXKHE3/ICw8Q31XNt/wCLyeQpcPirJaLzCgmMDA5ciiT8uT3lZoACKr
Msr2vnCB3djQSMii02BVu7HVEveJwEzDT86sAiCgCrLPIoMyDO2mfmBRRwXwdNo2
v/zl7v9rj4A0ls9w1xRbfF0fOjEPYYb6GK7MDOslLz6xKs2eyN31Y9siux4sDKxl
G3E=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:01:34 2025 by rpki-client