Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Cz5x3I7fk4XNpkPVEnqSa-S9-nc.roa
File: Cz5x3I7fk4XNpkPVEnqSa-S9-nc.roa (raw, json)
Hash identifier: z2iPB35aXBsh6zFzCPZOO6R8HokX+obqatjLx1tJ7Z4=
Subject key identifier: 0B:3E:71:DC:8E:DF:93:85:CD:A6:43:D5:12:7A:92:6B:E4:BD:FA:77
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01852DF0FD2ADABF8B2B2F1DA56A63DD1501
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Cz5x3I7fk4XNpkPVEnqSa-S9-nc.roa
Signing time: Tue 20 Dec 2022 05:10:46 +0000
ROA not before: Tue 20 Dec 2022 05:10:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2d:f0:fd:2a:da:bf:8b:2b:2f:1d:a5:6a:63:dd:15:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 20 05:10:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b3e71dc8edf9385cda643d5127a926be4bdfa77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cd:8f:0d:d2:b3:64:21:24:15:b4:24:d1:d2:
cc:71:ea:9c:07:c2:5f:f5:c1:21:d3:6e:2b:bc:eb:
73:b1:65:eb:39:9a:2a:09:f3:a9:cd:73:f4:7b:45:
6e:8b:4d:8c:d6:ec:96:b8:12:27:54:12:07:9e:4c:
46:66:ca:ee:db:75:4a:5b:6e:71:3d:f7:60:04:2b:
b7:4d:a7:84:36:d3:8f:70:c3:91:88:80:13:ac:c5:
2a:88:4f:61:d4:8e:c6:0d:6a:24:5d:b0:f3:44:5f:
dd:be:e9:b7:06:c2:d1:fa:1d:33:99:59:73:f3:2c:
9f:50:a1:78:43:90:e4:6b:81:8c:75:96:b2:ad:94:
94:ee:74:c9:c9:20:8a:c1:8e:dc:b9:b6:b5:ff:9d:
26:1d:2b:5e:11:a5:ec:92:f3:12:4b:43:33:2a:99:
d1:e8:c2:f5:ee:25:44:f3:11:80:90:d6:cb:2c:9e:
b8:d4:8f:ef:de:6d:39:28:fa:6b:c7:6c:76:73:4a:
c0:0f:d6:4b:43:07:dc:f5:0b:20:30:32:59:ac:f4:
02:6c:59:01:54:fd:ab:a1:24:a5:5c:87:5c:95:7f:
ac:29:43:17:52:da:5f:ec:e3:7e:0f:df:39:28:70:
4e:fd:22:8f:39:29:6b:7a:25:84:ac:1d:fb:6b:6c:
d0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:3E:71:DC:8E:DF:93:85:CD:A6:43:D5:12:7A:92:6B:E4:BD:FA:77
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Cz5x3I7fk4XNpkPVEnqSa-S9-nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:91:11:e7:9e:37:71:b6:29:a0:12:61:50:16:85:45:5c:5f:
0c:c0:ce:d3:94:8e:24:f4:16:a4:28:ee:36:2a:32:d3:27:9b:
f5:25:6b:a0:5e:a7:83:b3:f4:8b:9d:f6:41:70:3c:2a:bd:d8:
a6:e8:45:c1:6f:ca:44:fd:39:d7:cc:fe:32:80:09:3f:c9:0a:
74:db:36:ff:5d:15:93:a3:b9:fd:d4:fc:83:11:36:33:74:67:
ec:f8:77:a6:da:3b:12:84:37:f7:32:61:3e:2e:4e:4c:83:7d:
07:1e:fa:77:67:6a:7c:9f:39:aa:45:f9:56:ac:c7:4a:9d:ac:
0f:0e:18:60:a3:fd:ac:ec:f3:17:c3:f1:44:78:ea:f7:d0:e5:
48:f0:25:78:51:8a:b5:5f:5a:00:fa:53:12:b0:a5:56:47:9b:
f3:f2:c4:e6:33:94:58:46:10:d7:30:87:bc:ae:6d:c6:7b:46:
8f:a3:aa:98:3f:c1:49:51:42:fc:35:7a:43:a4:90:76:bc:51:
b3:37:61:15:95:a4:79:ce:41:46:db:15:07:25:79:0d:ca:1f:
fe:86:d0:05:f3:88:46:53:9a:5f:c5:c4:db:7c:07:b2:a0:24:
e2:ec:4a:c7:58:d3:b7:73:b8:c4:eb:97:6d:a0:9c:6d:73:85:
39:e3:47:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUt8P0q2r+LKy8dpWpj3RUBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjIwMDUxMDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjNlNzFkYzhlZGY5Mzg1Y2RhNjQzZDUxMjdhOTI2YmU0YmRmYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAls2PDdKzZCEkFbQk0dLMceqcB8Jf
9cEh024rvOtzsWXrOZoqCfOpzXP0e0Vui02M1uyWuBInVBIHnkxGZsru23VKW25x
PfdgBCu3TaeENtOPcMORiIATrMUqiE9h1I7GDWokXbDzRF/dvum3BsLR+h0zmVlz
8yyfUKF4Q5Dka4GMdZayrZSU7nTJySCKwY7cuba1/50mHSteEaXskvMSS0MzKpnR
6ML17iVE8xGAkNbLLJ641I/v3m05KPprx2x2c0rAD9ZLQwfc9QsgMDJZrPQCbFkB
VP2roSSlXIdclX+sKUMXUtpf7ON+D985KHBO/SKPOSlreiWErB37a2zQewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAs+cdyO35OFzaZD1RJ6kmvkvfp3MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQ3o1eDNJN2ZrNFhOcGtQVkVucVNhLVM5LW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI+REeeeN3G2KaASYVAW
hUVcXwzAztOUjiT0FqQo7jYqMtMnm/Ula6Bep4Oz9Iud9kFwPCq92KboRcFvykT9
OdfM/jKACT/JCnTbNv9dFZOjuf3U/IMRNjN0Z+z4d6baOxKEN/cyYT4uTkyDfQce
+ndnanyfOapF+Vasx0qdrA8OGGCj/azs8xfD8UR46vfQ5UjwJXhRirVfWgD6UxKw
pVZHm/PyxOYzlFhGENcwh7yubcZ7Ro+jqpg/wUlRQvw1ekOkkHa8UbM3YRWVpHnO
QUbbFQcleQ3KH/6G0AXziEZTml/FxNt8B7KgJOLsSsdY07dzuMTrl22gnG1zhTnj
R1I=
-----END CERTIFICATE-----
Generated at Thu May 1 12:07:05 2025 by rpki-client