Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DD4HQM7Auwqs8FqRI5qb_DfSuvc.roa
File: DD4HQM7Auwqs8FqRI5qb_DfSuvc.roa (raw, json)
Hash identifier: m8t9aU778KjGlf67whhH0Do17OgOQsDqBJW2bP88OzQ=
Subject key identifier: 0C:3E:07:40:CE:C0:BB:0A:AC:F0:5A:91:23:9A:9B:FC:37:D2:BA:F7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188B8F3776F2E82342817EE452EDBEF9C43
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DD4HQM7Auwqs8FqRI5qb_DfSuvc.roa
Signing time: Wed 14 Jun 2023 08:09:03 +0000
ROA not before: Wed 14 Jun 2023 08:09:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b8:f3:77:6f:2e:82:34:28:17:ee:45:2e:db:ef:9c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 14 08:09:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c3e0740cec0bb0aacf05a91239a9bfc37d2baf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b2:2d:2e:3f:af:65:6b:74:91:60:b9:33:d3:
a7:92:d2:dd:b9:fa:44:76:bf:3a:49:6a:1b:8f:42:
22:cc:a2:04:81:4e:54:e8:7c:0f:8b:64:a2:79:eb:
cd:07:ea:9c:92:d6:be:31:33:96:b1:62:7a:87:24:
d1:b3:ff:bc:a7:a2:cb:7b:dc:6c:99:a1:7a:31:e6:
8f:6e:94:e7:a5:da:f1:3a:3f:48:ff:82:65:d3:fc:
75:76:0d:29:5d:65:11:9d:70:04:7c:e0:5d:a6:2a:
60:a3:61:7d:79:32:65:f8:a3:8a:73:6f:dd:d7:9b:
1f:b9:c2:92:e3:c2:52:07:42:38:6a:e5:5f:da:1c:
5c:92:d9:c2:38:3c:19:83:68:64:1b:45:7f:be:32:
23:6f:98:0e:eb:6e:f8:76:dc:b2:50:32:94:da:ef:
d5:69:70:23:1d:30:1a:89:7a:e7:50:74:2f:09:c9:
22:f9:e9:4c:1c:df:43:0c:14:f0:4f:cc:5b:a1:5a:
9a:18:26:81:47:a2:4b:24:d0:ce:53:d1:8d:3e:2d:
f9:14:c6:df:75:1a:fc:36:e8:b5:70:55:6c:cd:f4:
68:4a:43:35:44:2e:e6:f0:9b:17:bf:42:fe:96:4a:
a5:2a:4b:2b:10:ce:e7:2e:40:4e:de:8b:f5:2c:16:
72:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3E:07:40:CE:C0:BB:0A:AC:F0:5A:91:23:9A:9B:FC:37:D2:BA:F7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DD4HQM7Auwqs8FqRI5qb_DfSuvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4c:2b:b6:b0:73:d4:37:38:be:13:4c:07:82:c8:6b:7a:63:b2:
26:3d:fd:b3:63:87:0f:f6:20:61:54:24:d0:67:b7:e1:ab:31:
8e:94:4b:5f:cc:52:de:dc:1d:0d:dd:ec:49:99:34:ef:a3:c6:
8a:0e:1f:c2:e4:f9:eb:8c:4f:b8:f1:fd:f5:5a:fe:80:a9:e4:
b3:04:55:03:95:61:97:6c:5d:43:06:30:f5:e6:19:3d:66:78:
3a:40:07:e4:c9:0a:63:03:42:34:ae:8b:09:e8:75:a8:dd:18:
fe:9f:c6:65:8c:08:37:f2:ce:85:cb:f0:77:74:29:1e:e3:e6:
56:fe:94:bc:ee:ae:46:87:df:32:b0:9f:60:4c:2b:d8:a4:73:
3c:87:ee:91:e1:30:24:b7:71:7d:98:ab:f3:65:55:63:80:95:
78:d3:58:b8:10:35:4e:1b:94:0b:e5:db:b0:74:c5:9a:f4:e6:
7f:c7:9d:da:4f:56:66:a6:b3:38:1c:55:61:41:b6:8f:91:76:
0a:ae:24:49:a8:b7:3a:f7:0e:f5:86:19:ef:77:cf:f7:89:15:
23:36:54:b2:54:c5:59:b8:a9:56:86:d8:e5:db:25:44:a3:a7:
f0:5f:8e:9f:f1:82:a8:a5:68:0e:12:48:9d:5d:78:b1:60:fb:
97:d2:1f:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYi483dvLoI0KBfuRS7b75xDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjE0MDgwOTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzNlMDc0MGNlYzBiYjBhYWNmMDVhOTEyMzlhOWJmYzM3ZDJiYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLItLj+vZWt0kWC5M9OnktLdufpE
dr86SWobj0IizKIEgU5U6HwPi2SieevNB+qckta+MTOWsWJ6hyTRs/+8p6LLe9xs
maF6MeaPbpTnpdrxOj9I/4Jl0/x1dg0pXWURnXAEfOBdpipgo2F9eTJl+KOKc2/d
15sfucKS48JSB0I4auVf2hxcktnCODwZg2hkG0V/vjIjb5gO6274dtyyUDKU2u/V
aXAjHTAaiXrnUHQvCcki+elMHN9DDBTwT8xboVqaGCaBR6JLJNDOU9GNPi35FMbf
dRr8Nui1cFVszfRoSkM1RC7m8JsXv0L+lkqlKksrEM7nLkBO3ov1LBZy/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAw+B0DOwLsKrPBakSOam/w30rr3MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvREQ0SFFNN0F1d3FzOEZxUkk1cWJfRGZTdXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEwrtrBz1Dc4vhNMB4LI
a3pjsiY9/bNjhw/2IGFUJNBnt+GrMY6US1/MUt7cHQ3d7EmZNO+jxooOH8Lk+euM
T7jx/fVa/oCp5LMEVQOVYZdsXUMGMPXmGT1meDpAB+TJCmMDQjSuiwnodajdGP6f
xmWMCDfyzoXL8Hd0KR7j5lb+lLzurkaH3zKwn2BMK9ikczyH7pHhMCS3cX2Yq/Nl
VWOAlXjTWLgQNU4blAvl27B0xZr05n/HndpPVmamszgcVWFBto+RdgquJEmotzr3
DvWGGe93z/eJFSM2VLJUxVm4qVaG2OXbJUSjp/Bfjp/xgqilaA4SSJ1deLFg+5fS
H4Y=
-----END CERTIFICATE-----
Generated at Thu May 1 00:09:10 2025 by rpki-client