Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G4OVBAe51bh-mszw2tM6mTimVF8.roa
File: G4OVBAe51bh-mszw2tM6mTimVF8.roa (raw, json)
Hash identifier: qz/lqoNTUk6Dqg7A6xuthwuSrNZE77SQA0NPTgF6Hy0=
Subject key identifier: 1B:83:95:04:07:B9:D5:B8:7E:9A:CC:F0:DA:D3:3A:99:38:A6:54:5F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186B10CA43C3FB1FA9F7A4717B7D590B0FE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G4OVBAe51bh-mszw2tM6mTimVF8.roa
Signing time: Sun 05 Mar 2023 09:14:00 +0000
ROA not before: Sun 05 Mar 2023 09:14:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b1:0c:a4:3c:3f:b1:fa:9f:7a:47:17:b7:d5:90:b0:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 5 09:14:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b83950407b9d5b87e9accf0dad33a9938a6545f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:5e:39:c6:0a:18:27:d1:a2:71:96:c3:b0:a0:
93:c7:a5:f6:0f:c9:32:35:0b:2c:de:e8:f1:c8:8b:
05:4d:ba:44:f1:11:71:dd:3f:e8:8d:65:8b:6a:80:
7d:3d:40:1b:1c:43:a4:45:f3:39:03:c3:e5:25:f6:
dd:ea:d3:33:a9:eb:5d:0f:4a:ce:76:39:3b:6f:d3:
59:aa:21:b2:26:31:b9:0a:91:20:33:d1:22:6a:b0:
6f:33:3e:25:2d:65:3f:f6:c5:b2:cd:2b:89:b9:77:
0a:ce:67:86:27:f9:36:f6:bd:19:26:43:4c:6d:79:
f2:2f:cb:bd:4a:85:74:7f:dc:02:69:67:a0:d8:e7:
3d:54:47:03:83:9d:b4:d7:aa:fa:b0:a4:34:30:7d:
ab:c0:f3:fc:50:45:a0:71:05:c4:4d:69:3d:df:09:
63:2b:f9:d6:2e:55:32:5a:92:57:06:6e:40:75:86:
82:04:8d:ea:a3:4a:07:51:9e:fa:67:95:e9:6b:2c:
b3:f4:49:bb:fb:81:f6:84:46:e7:d3:67:db:41:57:
c6:b6:44:a4:e6:48:b5:b2:00:e0:8f:eb:11:32:fb:
80:ce:aa:12:60:bd:9e:df:a2:df:de:ca:b9:58:0d:
59:ec:48:df:c4:f5:4c:cc:73:f8:a6:d9:13:55:02:
10:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:83:95:04:07:B9:D5:B8:7E:9A:CC:F0:DA:D3:3A:99:38:A6:54:5F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G4OVBAe51bh-mszw2tM6mTimVF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:3d:da:7b:87:5e:8c:fc:60:fd:c7:42:65:e0:91:d3:6a:8c:
a3:57:04:12:19:bc:e1:1d:95:dd:a5:ed:67:6d:6a:6d:3f:d0:
93:64:36:9a:d0:1d:61:2e:70:05:1d:e6:ed:42:ba:14:40:2a:
55:5a:77:ea:2f:8c:ce:98:cb:af:ec:b8:a8:c3:9b:24:77:9b:
9b:67:da:a0:43:a2:89:d1:c1:28:c4:7b:fc:75:48:4e:e0:f8:
63:ed:2e:9e:51:e3:4b:9b:a7:7d:44:39:05:15:97:4f:59:d5:
51:45:af:57:9a:5c:87:df:fa:6e:a2:3c:86:54:41:fc:cf:5a:
a7:d4:77:73:71:2c:6c:21:ce:f3:93:ee:aa:99:aa:1a:e6:d7:
a4:58:37:6c:4d:ad:a3:db:2b:3a:9f:15:74:ee:29:0c:f1:a3:
8d:13:b1:25:9a:40:c8:51:f8:93:6e:be:92:88:6a:05:2d:38:
1b:92:11:04:8a:0f:ba:d9:43:9a:51:11:7a:29:6e:e6:dc:fb:
ae:a2:b5:19:cf:74:90:27:df:0e:c6:67:73:b8:d4:90:7d:b7:
55:06:a6:d6:8a:bd:a7:72:12:93:26:e3:bb:13:0e:08:8e:e0:
f2:04:6f:ef:26:60:35:c4:43:7d:01:de:44:ff:96:26:75:e7:
f2:f7:e4:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaxDKQ8P7H6n3pHF7fVkLD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA1MDkxNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjgzOTUwNDA3YjlkNWI4N2U5YWNjZjBkYWQzM2E5OTM4YTY1NDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhV45xgoYJ9GicZbDsKCTx6X2D8ky
NQss3ujxyIsFTbpE8RFx3T/ojWWLaoB9PUAbHEOkRfM5A8PlJfbd6tMzqetdD0rO
djk7b9NZqiGyJjG5CpEgM9EiarBvMz4lLWU/9sWyzSuJuXcKzmeGJ/k29r0ZJkNM
bXnyL8u9SoV0f9wCaWeg2Oc9VEcDg52016r6sKQ0MH2rwPP8UEWgcQXETWk93wlj
K/nWLlUyWpJXBm5AdYaCBI3qo0oHUZ76Z5Xpayyz9Em7+4H2hEbn02fbQVfGtkSk
5ki1sgDgj+sRMvuAzqoSYL2e36Lf3sq5WA1Z7EjfxPVMzHP4ptkTVQIQKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBuDlQQHudW4fprM8NrTOpk4plRfMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRzRPVkJBZTUxYmgtbXN6dzJ0TTZtVGltVkY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKE92nuHXoz8YP3HQmXg
kdNqjKNXBBIZvOEdld2l7Wdtam0/0JNkNprQHWEucAUd5u1CuhRAKlVad+ovjM6Y
y6/suKjDmyR3m5tn2qBDoonRwSjEe/x1SE7g+GPtLp5R40ubp31EOQUVl09Z1VFF
r1eaXIff+m6iPIZUQfzPWqfUd3NxLGwhzvOT7qqZqhrm16RYN2xNraPbKzqfFXTu
KQzxo40TsSWaQMhR+JNuvpKIagUtOBuSEQSKD7rZQ5pREXopbubc+66itRnPdJAn
3w7GZ3O41JB9t1UGptaKvadyEpMm47sTDgiO4PIEb+8mYDXEQ30B3kT/liZ15/L3
5Kw=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:30 2025 by rpki-client