Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/If_1dW8f22u5h0-s8qUZgCO_i5M.roa
File: If_1dW8f22u5h0-s8qUZgCO_i5M.roa (raw, json)
Hash identifier: KnHgr/35G/mb5PMR67T/cpGEnZM6rYOb1dygRJChSKg=
Subject key identifier: 21:FF:F5:75:6F:1F:DB:6B:B9:87:4F:AC:F2:A5:19:80:23:BF:8B:93
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187CA5BB975560225022625A140425368B5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/If_1dW8f22u5h0-s8qUZgCO_i5M.roa
Signing time: Sat 29 Apr 2023 00:13:41 +0000
ROA not before: Sat 29 Apr 2023 00:13:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ca:5b:b9:75:56:02:25:02:26:25:a1:40:42:53:68:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 29 00:13:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21fff5756f1fdb6bb9874facf2a5198023bf8b93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9f:f0:d1:95:48:38:f6:c8:f8:c9:9d:c9:a3:
f5:66:1d:af:3b:12:78:9e:cb:98:af:c6:cb:1a:02:
db:9b:31:cb:38:68:b6:55:e3:fd:21:5a:30:6d:7c:
09:48:17:6c:7d:26:bb:ca:07:c2:b8:6a:91:30:96:
41:01:69:47:db:4e:8e:b9:a7:a8:2d:46:52:9d:52:
3e:46:87:fb:fd:e4:dd:18:e7:d1:6f:57:62:bf:dd:
a7:dd:6a:a4:76:d7:8d:1f:77:03:97:a0:53:e9:34:
83:5c:55:ed:b1:76:a7:3f:48:51:2a:20:38:ba:06:
ba:aa:2f:e0:83:fb:73:28:f4:a0:75:91:d5:bc:a0:
21:5f:0c:11:03:89:f7:37:04:ef:de:eb:25:0a:3f:
28:e5:2f:4f:4f:a0:94:ea:b2:9e:22:b4:28:1b:20:
89:8c:3b:3a:6b:1c:14:f9:5d:92:26:78:38:a6:8e:
05:ea:72:e4:d7:0f:eb:21:97:b2:ca:ab:db:42:06:
09:7b:01:23:4c:3a:a4:b1:2f:d3:33:3e:b6:b5:e7:
34:02:ff:33:d9:e1:cc:2e:a8:33:e9:76:94:62:66:
97:58:08:db:35:14:48:11:b1:30:59:fa:21:30:7a:
35:91:d6:7a:b9:dd:ac:60:35:ca:85:18:9a:9d:6a:
b5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FF:F5:75:6F:1F:DB:6B:B9:87:4F:AC:F2:A5:19:80:23:BF:8B:93
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/If_1dW8f22u5h0-s8qUZgCO_i5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:dc:ae:b7:b2:6a:7d:00:53:eb:c9:58:0d:02:b2:aa:fd:80:
d4:f8:5d:4e:00:db:1f:8b:4d:98:e7:18:5a:a7:1c:e5:98:f8:
50:30:d3:b1:d7:27:e9:b1:55:d0:84:ca:88:1d:98:43:ad:cc:
ba:1e:2d:fb:18:17:89:7f:ee:2d:8a:ab:32:68:94:1d:97:5c:
43:66:7b:81:93:37:98:f8:ac:b5:d2:a3:17:31:1e:2c:08:b6:
c5:44:7a:da:fa:bf:e7:f1:4d:6e:dc:22:a2:2d:5f:d5:0e:c4:
29:76:54:7a:e7:22:19:b2:6e:42:97:d0:a4:02:84:48:70:53:
a0:94:0e:70:10:f5:cc:f4:e5:eb:87:6c:73:fe:f4:63:b3:9a:
b5:3f:da:89:c5:5b:6d:3a:c2:93:2b:f1:9c:9b:ab:ba:1b:21:
52:f4:d8:f2:b3:c7:07:cb:2c:3e:b9:3d:46:34:6e:f8:f9:72:
65:fd:c2:2b:47:02:81:d3:ab:2b:c1:9f:e2:2c:fc:28:c6:6f:
83:38:0f:4b:93:3e:d6:6c:72:ea:9e:44:48:af:67:91:83:e3:
f4:5f:91:46:4e:10:37:4f:fc:eb:60:32:70:da:18:f2:cd:7a:
4c:14:d9:53:f2:6c:64:b3:16:85:c3:77:01:b1:6e:f2:3c:a3:
ab:01:9c:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfKW7l1VgIlAiYloUBCU2i1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDI5MDAxMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWZmZjU3NTZmMWZkYjZiYjk4NzRmYWNmMmE1MTk4MDIzYmY4YjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5/w0ZVIOPbI+MmdyaP1Zh2vOxJ4
nsuYr8bLGgLbmzHLOGi2VeP9IVowbXwJSBdsfSa7ygfCuGqRMJZBAWlH206Ouaeo
LUZSnVI+Rof7/eTdGOfRb1div92n3WqkdteNH3cDl6BT6TSDXFXtsXanP0hRKiA4
uga6qi/gg/tzKPSgdZHVvKAhXwwRA4n3NwTv3uslCj8o5S9PT6CU6rKeIrQoGyCJ
jDs6axwU+V2SJng4po4F6nLk1w/rIZeyyqvbQgYJewEjTDqksS/TMz62tec0Av8z
2eHMLqgz6XaUYmaXWAjbNRRIEbEwWfohMHo1kdZ6ud2sYDXKhRianWq1XwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCH/9XVvH9truYdPrPKlGYAjv4uTMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSWZfMWRXOGYyMnU1aDAtczhxVVpnQ09faTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADrcrreyan0AU+vJWA0C
sqr9gNT4XU4A2x+LTZjnGFqnHOWY+FAw07HXJ+mxVdCEyogdmEOtzLoeLfsYF4l/
7i2KqzJolB2XXENme4GTN5j4rLXSoxcxHiwItsVEetr6v+fxTW7cIqItX9UOxCl2
VHrnIhmybkKX0KQChEhwU6CUDnAQ9cz05euHbHP+9GOzmrU/2onFW206wpMr8Zyb
q7obIVL02PKzxwfLLD65PUY0bvj5cmX9witHAoHTqyvBn+Is/CjGb4M4D0uTPtZs
cuqeREivZ5GD4/RfkUZOEDdP/OtgMnDaGPLNekwU2VPybGSzFoXDdwGxbvI8o6sB
nIQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:51:23 2025 by rpki-client