Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G2BbfZAMX_DzQ4nqOczBkOOJABw.roa
File: G2BbfZAMX_DzQ4nqOczBkOOJABw.roa (raw, json)
Hash identifier: sKdihsiHTdPlavr45CEGcnK2AIjFKZXscUU4nZgZNPc=
Subject key identifier: 1B:60:5B:7D:90:0C:5F:F0:F3:43:89:EA:39:CC:C1:90:E3:89:00:1C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018376B9739F1B0C02F4D5160DC8C7B0C822
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G2BbfZAMX_DzQ4nqOczBkOOJABw.roa
Signing time: Sun 25 Sep 2022 22:16:48 +0000
ROA not before: Sun 25 Sep 2022 22:16:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:50b3:5643/128 maxlen: 128
2001:67c:64:ffff:0:183:5f81:ab13/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:76:b9:73:9f:1b:0c:02:f4:d5:16:0d:c8:c7:b0:c8:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 25 22:16:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b605b7d900c5ff0f34389ea39ccc190e389001c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a4:1d:cc:af:a8:33:25:47:53:1a:19:ce:55:
4a:4b:08:40:5a:40:2c:03:60:98:6d:ff:de:24:0e:
9e:5e:fd:e2:d9:79:c3:ae:4e:ce:a9:93:c7:65:e0:
76:42:b2:05:dc:b2:74:2e:7d:46:11:d2:ef:4a:5f:
0d:d2:bc:eb:97:e7:e7:1d:30:4b:5e:d5:ad:22:02:
c2:da:c5:9d:83:4d:e7:99:21:ee:49:65:9e:c3:f6:
6d:78:da:2a:e4:f5:35:1d:53:25:bc:7d:ab:45:a7:
28:e6:ff:7a:e7:27:c3:a4:f7:0b:43:2b:ab:87:7d:
7f:c7:a5:2a:10:94:bc:e5:56:0c:ab:a9:d9:f8:63:
a4:b6:b0:c7:9e:30:89:ce:cc:71:e9:93:00:14:6d:
6d:8c:93:8e:e0:47:6d:49:82:c5:06:74:d3:94:73:
95:e4:4d:78:9b:40:7f:36:3f:ed:f8:39:44:58:40:
4d:e7:c6:ef:f8:2e:6d:2a:ad:55:09:e3:79:1e:b4:
43:2a:c5:f2:cb:09:32:fb:f5:a7:50:12:62:6b:89:
08:d8:e8:38:5a:ff:2b:f5:05:88:84:d6:0a:d2:77:
fb:97:f4:9d:d3:b1:07:97:90:d1:06:58:f4:cc:fd:
fe:f6:5a:1a:48:e5:e3:78:ee:00:cb:fa:f7:e0:83:
ca:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:60:5B:7D:90:0C:5F:F0:F3:43:89:EA:39:CC:C1:90:E3:89:00:1C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G2BbfZAMX_DzQ4nqOczBkOOJABw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:35:58:dd:69:aa:77:1d:91:df:f5:d5:71:ff:07:e6:5d:55:
28:7f:4c:38:f2:13:2d:d1:d5:5b:4b:d9:dc:c2:54:77:5b:b2:
8d:a6:38:7f:f5:41:00:48:80:b4:bc:45:a0:51:a1:37:31:9e:
a4:43:8d:53:a5:4f:b6:b6:47:46:15:a1:a0:57:8b:9b:46:aa:
d6:fd:e8:46:f1:46:8a:4b:f3:71:b7:72:8b:b6:8c:9e:5d:a5:
b2:99:b0:30:9f:d5:f6:69:b6:ca:1f:71:90:a3:95:e9:f9:0c:
10:df:e9:1f:59:d9:e6:95:27:e7:22:50:72:ed:76:07:59:fd:
0b:0e:de:56:14:1c:0c:67:c6:9c:9d:41:24:9b:42:0b:37:de:
26:b0:64:45:c7:19:54:8c:9a:12:5d:1e:7a:7d:94:8c:3c:85:
95:fb:eb:af:a5:5a:b2:ee:1d:9d:9a:b7:4b:fb:88:52:32:50:
12:d4:36:cb:b1:79:cc:5b:3a:b0:2b:2d:56:ec:d1:8a:74:c3:
2e:3e:9e:cb:4f:2b:40:8b:80:19:07:cd:a1:16:ed:4c:0e:d4:
e7:e3:4e:30:21:49:ee:e7:a6:2d:bc:89:fd:72:2b:7a:36:5c:
f2:00:28:78:cb:f0:5a:8b:8e:a5:cb:8e:d6:a6:03:91:f0:30:
1b:1a:68:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYN2uXOfGwwC9NUWDcjHsMgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTI1MjIxNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjYwNWI3ZDkwMGM1ZmYwZjM0Mzg5ZWEzOWNjYzE5MGUzODkwMDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKQdzK+oMyVHUxoZzlVKSwhAWkAs
A2CYbf/eJA6eXv3i2XnDrk7OqZPHZeB2QrIF3LJ0Ln1GEdLvSl8N0rzrl+fnHTBL
XtWtIgLC2sWdg03nmSHuSWWew/ZteNoq5PU1HVMlvH2rRaco5v965yfDpPcLQyur
h31/x6UqEJS85VYMq6nZ+GOktrDHnjCJzsxx6ZMAFG1tjJOO4EdtSYLFBnTTlHOV
5E14m0B/Nj/t+DlEWEBN58bv+C5tKq1VCeN5HrRDKsXyywky+/WnUBJia4kI2Og4
Wv8r9QWIhNYK0nf7l/Sd07EHl5DRBlj0zP3+9loaSOXjeO4Ay/r34IPKvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBtgW32QDF/w80OJ6jnMwZDjiQAcMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRzJCYmZaQU1YX0R6UTRucU9jekJrT09KQUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEM1WN1pqncdkd/11XH/
B+ZdVSh/TDjyEy3R1VtL2dzCVHdbso2mOH/1QQBIgLS8RaBRoTcxnqRDjVOlT7a2
R0YVoaBXi5tGqtb96EbxRopL83G3cou2jJ5dpbKZsDCf1fZptsofcZCjlen5DBDf
6R9Z2eaVJ+ciUHLtdgdZ/QsO3lYUHAxnxpydQSSbQgs33iawZEXHGVSMmhJdHnp9
lIw8hZX766+lWrLuHZ2at0v7iFIyUBLUNsuxecxbOrArLVbs0Yp0wy4+nstPK0CL
gBkHzaEW7UwO1OfjTjAhSe7npi28if1yK3o2XPIAKHjL8FqLjqXLjtamA5HwMBsa
aOA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:25 2025 by rpki-client