Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DdnXSnZlI6cagNBU0GSsDZPBLqg.roa
File: DdnXSnZlI6cagNBU0GSsDZPBLqg.roa (raw, json)
Hash identifier: 1I3Xz92BetUYBBmZjqsRxjmfcaYPKjs7rinhzOVWeTU=
Subject key identifier: 0D:D9:D7:4A:76:65:23:A7:1A:80:D0:54:D0:64:AC:0D:93:C1:2E:A8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01868651374EDBF8D90219E72222EBF11C9F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DdnXSnZlI6cagNBU0GSsDZPBLqg.roa
Signing time: Sat 25 Feb 2023 02:05:14 +0000
ROA not before: Sat 25 Feb 2023 02:05:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:8650:612a/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:86:51:37:4e:db:f8:d9:02:19:e7:22:22:eb:f1:1c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 02:05:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dd9d74a766523a71a80d054d064ac0d93c12ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2d:3e:0a:6c:1a:17:56:f1:5c:7b:f2:72:98:
f2:d8:ea:e8:be:67:27:c4:79:ff:5d:9f:23:71:53:
93:aa:32:30:15:a1:e5:65:90:97:50:e0:b8:95:7d:
58:6c:04:c5:23:3e:4d:06:9d:de:9e:a2:68:b4:50:
bc:e3:62:b7:f4:39:40:57:06:02:65:fd:1a:4b:59:
65:91:ab:6f:c8:b8:6d:fc:45:d4:a7:fc:40:99:ad:
ce:65:58:76:52:0b:28:fc:77:15:d3:77:0a:b4:a6:
cc:bf:1c:3d:f0:08:ca:5c:f7:bb:dc:a4:0e:40:1f:
bd:48:94:2c:d5:7b:ba:ab:b4:df:e0:29:94:39:2f:
4a:1b:5e:f8:96:1a:3a:a1:d4:94:65:20:f0:15:df:
59:7b:a5:89:f3:43:4b:c4:d6:aa:4a:27:09:cb:5d:
8a:4a:4f:03:67:c8:ed:00:9b:f1:88:b5:c2:bf:ea:
aa:55:c3:08:0f:4b:d3:17:b9:ad:ec:eb:38:1f:47:
d6:01:1c:bd:fa:0e:d7:6e:fd:73:47:5f:1e:32:33:
19:20:c7:28:e3:9f:64:a1:80:a0:fc:c0:1e:7c:e5:
a1:6d:21:b6:8d:15:01:25:6e:6d:c6:6b:4b:46:d9:
0f:44:7a:a7:33:2d:81:dd:ad:81:ab:77:23:e1:81:
54:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D9:D7:4A:76:65:23:A7:1A:80:D0:54:D0:64:AC:0D:93:C1:2E:A8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DdnXSnZlI6cagNBU0GSsDZPBLqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:c4:51:eb:24:58:41:51:17:92:61:ff:17:f0:64:4b:f9:19:
7f:8d:76:19:08:6c:f1:fd:42:c2:de:94:f0:3d:41:0a:d8:a0:
58:65:9d:48:7c:10:79:27:09:63:04:ec:0e:ae:be:62:30:de:
9f:af:4e:97:01:2c:dd:0c:53:79:93:dd:f6:08:e0:b0:66:3e:
e0:92:48:a1:7f:ea:3d:aa:bd:6b:80:86:42:c6:6e:db:db:ec:
07:28:58:f1:db:0b:0f:82:bb:9c:61:b8:f0:71:b1:14:c5:18:
d2:a2:0e:79:28:d6:45:28:79:14:d7:d2:7c:19:11:aa:3a:5f:
5c:91:7f:eb:f1:2e:b7:c2:9a:35:a8:7c:1f:c9:6e:4d:9b:7e:
12:9c:4c:6e:91:3b:45:3d:14:b2:5b:00:86:9f:43:71:f3:63:
9e:60:6f:1b:b7:9f:fc:25:14:00:12:90:28:58:53:5c:1e:e5:
1e:d0:c0:e1:66:35:8f:40:a7:17:58:ba:87:80:91:28:31:32:
78:81:70:28:91:d8:e1:cc:e9:4a:4a:8b:04:25:f2:4f:49:56:
1e:51:aa:b8:25:f1:13:16:83:da:93:82:c7:9c:a1:45:53:77:
74:89:af:0f:5a:c0:fa:b9:f7:7f:c0:cb:bf:9b:55:ab:76:c2:
c0:40:e6:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaGUTdO2/jZAhnnIiLr8RyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MDIwNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ5ZDc0YTc2NjUyM2E3MWE4MGQwNTRkMDY0YWMwZDkzYzEyZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC0+CmwaF1bxXHvycpjy2Orovmcn
xHn/XZ8jcVOTqjIwFaHlZZCXUOC4lX1YbATFIz5NBp3enqJotFC842K39DlAVwYC
Zf0aS1llkatvyLht/EXUp/xAma3OZVh2Ugso/HcV03cKtKbMvxw98AjKXPe73KQO
QB+9SJQs1Xu6q7Tf4CmUOS9KG174lho6odSUZSDwFd9Ze6WJ80NLxNaqSicJy12K
Sk8DZ8jtAJvxiLXCv+qqVcMID0vTF7mt7Os4H0fWARy9+g7Xbv1zR18eMjMZIMco
459koYCg/MAefOWhbSG2jRUBJW5txmtLRtkPRHqnMy2B3a2Bq3cj4YFUCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA3Z10p2ZSOnGoDQVNBkrA2TwS6oMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRGRuWFNuWmxJNmNhZ05CVTBHU3NEWlBCTHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ/EUeskWEFRF5Jh/xfw
ZEv5GX+NdhkIbPH9QsLelPA9QQrYoFhlnUh8EHknCWME7A6uvmIw3p+vTpcBLN0M
U3mT3fYI4LBmPuCSSKF/6j2qvWuAhkLGbtvb7AcoWPHbCw+Cu5xhuPBxsRTFGNKi
Dnko1kUoeRTX0nwZEao6X1yRf+vxLrfCmjWofB/Jbk2bfhKcTG6RO0U9FLJbAIaf
Q3HzY55gbxu3n/wlFAASkChYU1we5R7QwOFmNY9ApxdYuoeAkSgxMniBcCiR2OHM
6UpKiwQl8k9JVh5Rqrgl8RMWg9qTgsecoUVTd3SJrw9awPq593/Ay7+bVat2wsBA
5r8=
-----END CERTIFICATE-----
Generated at Fri May 2 13:15:13 2025 by rpki-client