Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Gi0B2WqWk4uazIJkWIDMMzXH0Hw.roa
File: Gi0B2WqWk4uazIJkWIDMMzXH0Hw.roa (raw, json)
Hash identifier: fqcVPxRfYEvA4Vem3vhWZVcn3ZgAhiVHi4kUeI4QLqQ=
Subject key identifier: 1A:2D:01:D9:6A:96:93:8B:9A:CC:82:64:58:80:CC:33:35:C7:D0:7C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01864102312B546FC84C9E045C95330F5BC8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Gi0B2WqWk4uazIJkWIDMMzXH0Hw.roa
Signing time: Sat 11 Feb 2023 15:05:08 +0000
ROA not before: Sat 11 Feb 2023 15:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:4101:5f34/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:41:02:31:2b:54:6f:c8:4c:9e:04:5c:95:33:0f:5b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 11 15:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a2d01d96a96938b9acc82645880cc3335c7d07c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:60:38:2c:bf:7d:7f:03:98:cd:5c:88:4b:a9:
d7:da:36:7f:71:78:8f:8d:96:7b:95:ef:83:d1:f3:
52:cf:a2:b1:0d:43:1b:38:7a:e3:e9:fb:35:c3:8b:
d9:64:77:88:45:c4:fa:5f:d3:52:7b:30:88:04:53:
80:e6:57:06:ae:ce:85:ae:b6:b4:bb:99:a7:94:d1:
7c:b3:3f:63:a0:a8:2a:99:99:6e:95:d1:df:eb:5c:
fa:c5:18:12:6e:20:f6:52:64:a2:e5:b4:b0:ba:d0:
ab:16:aa:26:9d:56:ea:22:b9:b2:69:6d:06:ff:32:
a7:e8:62:49:b5:4d:eb:66:5f:86:84:dc:91:53:c5:
e5:23:08:58:8c:cb:8f:30:87:74:71:ca:c0:72:e3:
8b:93:a4:76:ac:3d:18:fb:5f:21:60:c3:5a:f6:f4:
5b:47:3c:d7:22:76:3a:63:7a:e3:12:78:48:c5:f8:
ac:da:3c:b6:1c:bd:99:6c:93:91:c8:9b:77:e8:6c:
71:9e:b5:54:4c:23:48:22:02:57:c4:28:1c:a1:f2:
c3:02:e2:2e:7d:22:cb:7d:00:7d:cb:7a:0c:1f:6c:
4e:0e:be:44:09:68:bf:df:04:c1:64:02:4b:32:27:
8a:d7:09:44:82:3f:96:15:e8:52:e2:ca:42:85:4b:
b7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:2D:01:D9:6A:96:93:8B:9A:CC:82:64:58:80:CC:33:35:C7:D0:7C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Gi0B2WqWk4uazIJkWIDMMzXH0Hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:e0:b7:47:d2:67:7e:ed:45:66:39:b7:59:af:3e:fd:a2:4a:
57:95:ad:3b:8b:ed:6b:e0:5e:f6:9b:2e:7a:e4:d3:9e:43:9b:
4f:35:a5:f3:d8:0d:6e:2d:c2:91:e5:63:65:be:31:33:3d:75:
89:13:40:0f:f6:a6:a3:fc:6f:4d:57:be:61:e3:99:6d:7c:96:
b8:36:c3:eb:7c:d8:5d:aa:c7:d1:6c:ac:79:38:e7:fc:b6:ce:
44:a0:45:c1:33:c1:f9:d4:7b:05:b1:11:ff:35:44:dd:a6:c5:
ea:4a:b5:18:d4:0a:29:d4:b1:8a:93:84:db:74:61:35:64:17:
9b:b8:84:6d:8a:58:8d:23:68:b7:18:5a:f9:d7:a9:13:5b:ee:
25:97:22:59:dc:ba:76:1c:de:d6:23:86:29:54:21:45:ae:44:
09:dd:11:0f:f4:a7:df:cc:91:89:bb:35:33:6e:6a:b0:0a:eb:
8e:0c:69:0b:3f:ee:a5:35:6b:08:09:ad:61:03:fe:3e:08:a9:
4a:96:ce:ba:8f:3c:77:dd:a4:3d:87:d4:1d:b8:4c:d0:4c:5a:
ba:08:e6:86:e8:f5:9e:ce:b9:42:ac:85:84:b7:76:97:42:21:
17:7f:25:da:30:34:40:97:58:25:cb:8f:99:fe:69:55:28:b1:
65:df:d1:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZBAjErVG/ITJ4EXJUzD1vIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjExMTUwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTJkMDFkOTZhOTY5MzhiOWFjYzgyNjQ1ODgwY2MzMzM1YzdkMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2A4LL99fwOYzVyIS6nX2jZ/cXiP
jZZ7le+D0fNSz6KxDUMbOHrj6fs1w4vZZHeIRcT6X9NSezCIBFOA5lcGrs6Frra0
u5mnlNF8sz9joKgqmZluldHf61z6xRgSbiD2UmSi5bSwutCrFqomnVbqIrmyaW0G
/zKn6GJJtU3rZl+GhNyRU8XlIwhYjMuPMId0ccrAcuOLk6R2rD0Y+18hYMNa9vRb
RzzXInY6Y3rjEnhIxfis2jy2HL2ZbJORyJt36GxxnrVUTCNIIgJXxCgcofLDAuIu
fSLLfQB9y3oMH2xODr5ECWi/3wTBZAJLMieK1wlEgj+WFehS4spChUu3IQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBotAdlqlpOLmsyCZFiAzDM1x9B8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvR2kwQjJXcVdrNHVheklKa1dJRE1NelhIMEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJXgt0fSZ37tRWY5t1mv
Pv2iSleVrTuL7WvgXvabLnrk055Dm081pfPYDW4twpHlY2W+MTM9dYkTQA/2pqP8
b01XvmHjmW18lrg2w+t82F2qx9FsrHk45/y2zkSgRcEzwfnUewWxEf81RN2mxepK
tRjUCinUsYqThNt0YTVkF5u4hG2KWI0jaLcYWvnXqRNb7iWXIlncunYc3tYjhilU
IUWuRAndEQ/0p9/MkYm7NTNuarAK644MaQs/7qU1awgJrWED/j4IqUqWzrqPPHfd
pD2H1B24TNBMWroI5obo9Z7OuUKshYS3dpdCIRd/JdowNECXWCXLj5n+aVUosWXf
0WQ=
-----END CERTIFICATE-----
Generated at Thu May 1 08:53:53 2025 by rpki-client