Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JTtEhnN7KgMyzUoZGnf3_bBKM-I.roa
File: JTtEhnN7KgMyzUoZGnf3_bBKM-I.roa (raw, json)
Hash identifier: V1rTNRRNj6QIFnBf19wAJz4AOLCXDF6Ee0i+2Gfw8kQ=
Subject key identifier: 25:3B:44:86:73:7B:2A:03:32:CD:4A:19:1A:77:F7:FD:B0:4A:33:E2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189A8300C399025DBEA16052956FFF49F4D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JTtEhnN7KgMyzUoZGnf3_bBKM-I.roa
Signing time: Sun 30 Jul 2023 19:04:28 +0000
ROA not before: Sun 30 Jul 2023 19:04:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:189:a82f:c3fb/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a8:30:0c:39:90:25:db:ea:16:05:29:56:ff:f4:9f:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 30 19:04:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=253b4486737b2a0332cd4a191a77f7fdb04a33e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:19:cb:1c:9b:56:f3:e4:64:e2:17:6d:ec:7d:
75:5e:c1:0d:d6:f7:c4:e4:0c:37:97:d2:ae:05:1f:
6e:e6:97:34:e1:05:0a:f7:b1:7a:46:fa:c0:fc:c0:
a6:02:db:63:51:87:ce:c6:74:3f:2c:04:0e:b5:0d:
63:32:b1:ed:2c:e4:02:66:31:72:d1:92:22:10:5d:
57:1e:55:5a:11:e9:ab:c4:cf:20:a9:e0:4e:d6:fa:
13:d2:d9:66:47:77:07:90:4a:58:6e:6d:aa:43:81:
9a:7f:31:aa:25:75:43:aa:76:b6:83:a5:af:69:64:
a1:61:66:ec:22:14:44:8e:69:70:ab:f8:c2:59:c9:
f6:d5:3a:73:d5:d0:50:bd:e7:c9:db:a3:c3:19:fd:
18:22:0d:11:b1:3a:d6:ae:af:17:25:ff:83:21:29:
6d:0b:fc:36:b1:aa:be:f5:db:93:2c:2b:cb:d7:1a:
0e:a6:10:6a:58:a7:61:a6:87:24:5c:59:05:15:a2:
57:22:d8:b1:45:85:f4:14:05:f1:44:6b:76:0e:a4:
7c:db:14:e5:70:5c:3d:67:24:a7:92:39:b9:d6:f7:
29:c6:f2:43:a1:b8:f5:ea:c7:e9:bc:e8:47:b0:a1:
81:41:61:ce:a9:da:9a:37:0f:57:1c:3d:10:38:3c:
e7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:3B:44:86:73:7B:2A:03:32:CD:4A:19:1A:77:F7:FD:B0:4A:33:E2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JTtEhnN7KgMyzUoZGnf3_bBKM-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:ee:f5:17:bc:65:42:22:08:37:63:28:f1:c9:22:37:e2:2e:
1a:19:07:2e:90:cc:3b:4b:9e:27:e6:6c:a7:ce:84:ee:22:b2:
ed:dd:8f:33:2d:0d:bf:40:5c:81:5c:10:2a:51:b6:22:3d:db:
64:2b:3c:b3:02:04:11:7c:5f:c2:11:5a:05:95:8a:4b:48:cf:
fc:8f:46:1f:dc:ba:db:a1:1c:db:7d:3a:0c:13:bb:0e:1f:ee:
69:b6:53:36:3e:c7:a2:b0:af:bf:56:13:5a:17:08:d0:84:0c:
ab:14:a3:66:10:67:74:15:81:48:bb:8a:79:55:20:f7:bc:ec:
0c:86:0f:78:83:25:ee:03:12:3b:97:63:49:69:48:2f:b9:79:
0a:99:1d:87:ac:32:7a:7d:9d:ce:b8:ff:13:33:35:d3:f1:d0:
5c:b8:9a:43:93:db:39:8b:6f:9d:be:58:a0:0c:56:31:c3:c8:
f0:2f:2b:05:fe:3b:68:08:7d:8f:de:3f:f4:c4:13:9b:cd:64:
39:9b:cf:48:a9:36:ee:bc:48:16:52:d2:3b:7b:da:ff:04:73:
96:fd:ef:64:b1:9d:3b:c5:ad:9c:45:44:a0:9d:2c:fe:e5:b3:
cb:53:e1:0b:4e:f1:9c:5d:14:e3:4a:b8:11:5c:ba:c1:a5:d2:
5e:d8:53:fd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmoMAw5kCXb6hYFKVb/9J9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMwMTkwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTNiNDQ4NjczN2IyYTAzMzJjZDRhMTkxYTc3ZjdmZGIwNGEzM2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBnLHJtW8+Rk4hdt7H11XsEN1vfE
5Aw3l9KuBR9u5pc04QUK97F6RvrA/MCmAttjUYfOxnQ/LAQOtQ1jMrHtLOQCZjFy
0ZIiEF1XHlVaEemrxM8gqeBO1voT0tlmR3cHkEpYbm2qQ4GafzGqJXVDqna2g6Wv
aWShYWbsIhREjmlwq/jCWcn21Tpz1dBQvefJ26PDGf0YIg0RsTrWrq8XJf+DISlt
C/w2saq+9duTLCvL1xoOphBqWKdhpockXFkFFaJXItixRYX0FAXxRGt2DqR82xTl
cFw9ZySnkjm51vcpxvJDobj16sfpvOhHsKGBQWHOqdqaNw9XHD0QODznNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCU7RIZzeyoDMs1KGRp39/2wSjPiMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSlR0RWhuTjdLZ015elVvWkduZjNfYkJLTS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIbu9Re8ZUIiCDdjKPHJ
IjfiLhoZBy6QzDtLnifmbKfOhO4isu3djzMtDb9AXIFcECpRtiI922QrPLMCBBF8
X8IRWgWViktIz/yPRh/cutuhHNt9OgwTuw4f7mm2UzY+x6Kwr79WE1oXCNCEDKsU
o2YQZ3QVgUi7inlVIPe87AyGD3iDJe4DEjuXY0lpSC+5eQqZHYesMnp9nc64/xMz
NdPx0Fy4mkOT2zmLb52+WKAMVjHDyPAvKwX+O2gIfY/eP/TEE5vNZDmbz0ipNu68
SBZS0jt72v8Ec5b972SxnTvFrZxFRKCdLP7ls8tT4QtO8ZxdFONKuBFcusGl0l7Y
U/0=
-----END CERTIFICATE-----
Generated at Thu May 1 07:54:21 2025 by rpki-client