Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Dx3qKpousXyjISN54-YfmtI2Dmc.roa
File: Dx3qKpousXyjISN54-YfmtI2Dmc.roa (raw, json)
Hash identifier: dkdkQmf5sqJHsJPRVkZagFRv+yVI/I/OpICQDW1LdYo=
Subject key identifier: 0F:1D:EA:2A:9A:2E:B1:7C:A3:21:23:79:E3:E6:1F:9A:D2:36:0E:67
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189B659FC16D9C37461A5EFE3297A2CC3A9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Dx3qKpousXyjISN54-YfmtI2Dmc.roa
Signing time: Wed 02 Aug 2023 13:04:57 +0000
ROA not before: Wed 02 Aug 2023 13:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:189:b659:5698/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:59:fc:16:d9:c3:74:61:a5:ef:e3:29:7a:2c:c3:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 2 13:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f1dea2a9a2eb17ca3212379e3e61f9ad2360e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d3:c8:ab:39:d7:3d:e8:cd:3f:aa:3a:82:d8:
6c:66:49:14:4a:35:05:de:ce:a9:85:6d:c9:ef:6c:
4d:68:46:97:34:eb:71:5a:00:7b:42:c1:a7:94:73:
9d:8b:e0:80:85:34:d4:a4:77:8d:d9:aa:8c:ba:7a:
ad:a3:c3:76:b6:13:b5:a8:19:67:d1:ad:a0:67:18:
00:ae:0c:0e:ff:4c:aa:ac:19:c3:ef:c4:cf:d7:c1:
39:67:66:b8:44:05:6b:54:7f:fc:05:22:88:79:ab:
d0:8e:fd:90:b1:b5:fe:68:63:bc:f5:ad:b8:63:f2:
87:f2:86:23:49:71:3b:4c:11:b2:0e:80:8d:3a:fa:
29:22:d4:8a:ec:96:f5:b7:f9:23:62:6c:b6:cd:68:
49:6c:b4:80:1c:72:da:b4:1d:60:3c:6e:00:b2:1e:
a2:f6:1a:ed:26:9c:69:ce:75:41:86:70:82:7a:d1:
9e:ba:cd:a6:db:ef:a4:18:8f:58:e2:6e:66:75:3b:
54:ad:c9:e3:5a:e7:66:63:09:97:72:f9:10:f8:c6:
82:92:8b:d2:52:2d:48:60:98:9f:43:3d:b6:eb:f0:
3b:58:da:68:cf:3b:5c:e9:c5:3d:14:70:47:77:90:
2f:9f:1f:7f:95:96:51:d4:ea:c3:22:dd:18:b0:bd:
2a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:1D:EA:2A:9A:2E:B1:7C:A3:21:23:79:E3:E6:1F:9A:D2:36:0E:67
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Dx3qKpousXyjISN54-YfmtI2Dmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:78:ec:ec:76:e2:ea:8b:17:0a:be:a9:38:c0:3c:7f:48:d6:
b8:d9:16:d6:90:bf:34:1d:1b:46:ae:c8:22:ef:2c:25:05:74:
d7:08:79:bd:bb:d7:64:60:ff:d9:15:5c:4c:39:15:5e:b0:3c:
82:fc:ad:25:a2:b7:73:78:52:76:03:cc:a8:8d:7a:e8:28:eb:
08:a1:07:75:2b:43:1e:52:a1:9a:d5:95:26:a1:35:08:6e:6c:
71:8a:ee:10:70:2c:bb:5c:7c:eb:47:7e:e0:a3:2d:26:11:5a:
3c:73:8f:f0:e5:49:39:2c:42:c3:b1:b4:50:e9:11:1d:6f:89:
e5:69:d2:da:c2:8e:46:84:21:6a:c9:54:01:4c:06:8a:2c:fb:
fd:f3:17:d0:e8:34:0d:51:22:e0:4f:2d:fd:d0:fd:55:36:76:
46:b5:bf:d9:15:ec:b0:3e:66:7b:ff:29:8d:c9:bd:d0:8d:9e:
32:55:b2:94:4e:9a:38:0e:a0:3d:5d:a3:49:c9:cd:02:74:d8:
30:a8:de:aa:2c:41:ee:9f:e8:c0:f3:92:e6:0e:79:84:99:d3:
d7:9d:ec:0c:81:7f:7c:64:a7:cf:73:99:4f:2b:e9:44:aa:72:
56:72:b9:d8:2c:91:35:23:21:86:52:bf:fd:91:f9:71:d5:d6:
91:22:f4:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm2WfwW2cN0YaXv4yl6LMOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODAyMTMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjFkZWEyYTlhMmViMTdjYTMyMTIzNzllM2U2MWY5YWQyMzYwZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNPIqznXPejNP6o6gthsZkkUSjUF
3s6phW3J72xNaEaXNOtxWgB7QsGnlHOdi+CAhTTUpHeN2aqMunqto8N2thO1qBln
0a2gZxgArgwO/0yqrBnD78TP18E5Z2a4RAVrVH/8BSKIeavQjv2QsbX+aGO89a24
Y/KH8oYjSXE7TBGyDoCNOvopItSK7Jb1t/kjYmy2zWhJbLSAHHLatB1gPG4Ash6i
9hrtJpxpznVBhnCCetGeus2m2++kGI9Y4m5mdTtUrcnjWudmYwmXcvkQ+MaCkovS
Ui1IYJifQz226/A7WNpozztc6cU9FHBHd5Avnx9/lZZR1OrDIt0YsL0qYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA8d6iqaLrF8oyEjeePmH5rSNg5nMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRHgzcUtwb3VzWHlqSVNONTQtWWZtdEkyRG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFx47Ox24uqLFwq+qTjA
PH9I1rjZFtaQvzQdG0auyCLvLCUFdNcIeb2712Rg/9kVXEw5FV6wPIL8rSWit3N4
UnYDzKiNeugo6wihB3UrQx5SoZrVlSahNQhubHGK7hBwLLtcfOtHfuCjLSYRWjxz
j/DlSTksQsOxtFDpER1vieVp0trCjkaEIWrJVAFMBoos+/3zF9DoNA1RIuBPLf3Q
/VU2dka1v9kV7LA+Znv/KY3JvdCNnjJVspROmjgOoD1do0nJzQJ02DCo3qosQe6f
6MDzkuYOeYSZ09ed7AyBf3xkp89zmU8r6USqclZyudgskTUjIYZSv/2R+XHV1pEi
9K0=
-----END CERTIFICATE-----
Generated at Thu May 1 03:08:17 2025 by rpki-client