Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/D_fPDOT1fKZzhoYee-NpqPLAUbc.roa
File: D_fPDOT1fKZzhoYee-NpqPLAUbc.roa (raw, json)
Hash identifier: HMd0pH5KSJ2MtUG5MBeLaqHpnZe4fYAcAtErM6RELGU=
Subject key identifier: 0F:F7:CF:0C:E4:F5:7C:A6:73:86:86:1E:7B:E3:69:A8:F2:C0:51:B7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01871731B6A27B1F0C6D8B1552FE040F44FD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/D_fPDOT1fKZzhoYee-NpqPLAUbc.roa
Signing time: Sat 25 Mar 2023 05:15:46 +0000
ROA not before: Sat 25 Mar 2023 05:15:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:17:31:b6:a2:7b:1f:0c:6d:8b:15:52:fe:04:0f:44:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 25 05:15:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ff7cf0ce4f57ca67386861e7be369a8f2c051b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a5:34:3f:57:82:0d:fc:a8:c2:a4:56:5b:0c:
c6:5a:e5:a0:75:aa:0c:7d:f9:5e:5c:a4:6f:50:bd:
8b:77:b0:77:0f:6e:7f:aa:17:cb:08:01:2e:dd:d9:
94:0c:36:f2:5b:98:3f:81:b7:9b:9a:3d:a2:3e:31:
de:1f:4e:7f:1b:bf:9f:23:0c:90:c5:6f:28:a4:1c:
ad:28:7f:4a:98:d7:f1:d9:c7:4d:23:49:47:fd:a6:
61:29:31:6d:61:b5:75:be:6e:4e:f2:9b:94:6f:8a:
de:e5:85:ef:c8:a2:22:bd:d4:ca:19:5e:b4:4a:e6:
8a:a5:a2:23:0e:d7:9e:65:b3:13:e8:b7:86:b2:63:
cc:56:06:c7:5e:2a:ed:b3:fe:38:0e:03:8a:1d:ba:
c3:f5:e1:9d:f5:44:9c:f9:9a:70:de:d6:d1:37:6d:
55:a5:d7:66:cd:21:5a:08:94:19:56:61:ca:a5:58:
1f:c5:5b:d5:3d:7b:0e:bd:2e:de:f8:11:9f:64:69:
ca:9f:2e:8c:9f:3d:d5:a4:54:53:99:90:7e:9d:05:
9e:2b:f8:5c:85:82:97:a0:49:c0:d1:08:27:3c:c8:
3d:33:a4:d7:7e:f8:0e:97:26:c5:19:eb:c1:04:f4:
97:61:23:10:0a:f4:ee:07:7b:da:90:e2:d9:2c:4b:
e9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F7:CF:0C:E4:F5:7C:A6:73:86:86:1E:7B:E3:69:A8:F2:C0:51:B7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/D_fPDOT1fKZzhoYee-NpqPLAUbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:9a:61:55:ec:a1:11:53:23:6f:20:5a:77:24:1c:92:3f:72:
d2:0d:42:63:6a:60:99:38:38:03:f0:20:9c:4c:c2:5f:95:d1:
38:d3:96:b0:85:5b:cd:d4:a5:ee:5f:72:13:a2:4f:fa:31:44:
8a:25:10:51:85:cf:be:95:cc:63:8b:0a:11:ff:45:d1:b5:f1:
8a:99:c7:94:0f:9f:19:31:cb:40:a4:a9:77:1e:eb:4f:80:8d:
04:30:f2:16:be:76:3c:a3:6c:be:a8:b3:3a:7f:83:cc:cb:d3:
df:3d:37:66:37:79:ac:f7:cd:54:d9:69:17:14:9b:ec:6a:b6:
c3:e5:d3:5d:bd:b6:f0:1e:14:ff:76:4a:7e:12:aa:99:9f:84:
22:8e:f1:c6:54:c1:d7:4b:d8:9f:82:d4:a2:ee:42:5c:b2:6f:
2a:2d:49:76:74:17:dc:2c:60:29:91:9e:2e:51:4e:88:51:c7:
2f:f8:46:8f:cf:e4:27:7d:0b:ee:a5:25:84:a1:b5:74:50:16:
96:a7:cf:9b:60:a8:bd:f7:10:2d:68:ce:f4:16:e6:ce:33:68:
ba:fe:96:0c:82:f9:5a:ad:ad:08:a4:da:3c:3b:c7:e1:7d:cc:
40:42:32:3a:8a:a7:ef:49:67:7f:54:f5:a7:13:cc:16:a1:a2:
ac:30:2f:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcXMbaiex8MbYsVUv4ED0T9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI1MDUxNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmY3Y2YwY2U0ZjU3Y2E2NzM4Njg2MWU3YmUzNjlhOGYyYzA1MWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKU0P1eCDfyowqRWWwzGWuWgdaoM
ffleXKRvUL2Ld7B3D25/qhfLCAEu3dmUDDbyW5g/gbebmj2iPjHeH05/G7+fIwyQ
xW8opBytKH9KmNfx2cdNI0lH/aZhKTFtYbV1vm5O8puUb4re5YXvyKIivdTKGV60
SuaKpaIjDteeZbMT6LeGsmPMVgbHXirts/44DgOKHbrD9eGd9USc+Zpw3tbRN21V
pddmzSFaCJQZVmHKpVgfxVvVPXsOvS7e+BGfZGnKny6Mnz3VpFRTmZB+nQWeK/hc
hYKXoEnA0QgnPMg9M6TXfvgOlybFGevBBPSXYSMQCvTuB3vakOLZLEvpCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA/3zwzk9Xymc4aGHnvjaajywFG3MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRF9mUERPVDFmS1p6aG9ZZWUtTnBxUExBVWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGOaYVXsoRFTI28gWnck
HJI/ctINQmNqYJk4OAPwIJxMwl+V0TjTlrCFW83Upe5fchOiT/oxRIolEFGFz76V
zGOLChH/RdG18YqZx5QPnxkxy0CkqXce60+AjQQw8ha+djyjbL6oszp/g8zL0989
N2Y3eaz3zVTZaRcUm+xqtsPl0129tvAeFP92Sn4SqpmfhCKO8cZUwddL2J+C1KLu
QlyybyotSXZ0F9wsYCmRni5RTohRxy/4Ro/P5Cd9C+6lJYShtXRQFpanz5tgqL33
EC1ozvQW5s4zaLr+lgyC+VqtrQik2jw7x+F9zEBCMjqKp+9JZ39U9acTzBahoqww
LzU=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:33:02 2025 by rpki-client