Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NCjq0hswGPiYpoxeZ1Td1Fz7akw.roa
File: NCjq0hswGPiYpoxeZ1Td1Fz7akw.roa (raw, json)
Hash identifier: p0dtqvQcCB6SyqMMMxVqEORQZ5heTST6ujDbbYKERl8=
Subject key identifier: 34:28:EA:D2:1B:30:18:F8:98:A6:8C:5E:67:54:DD:D4:5C:FB:6A:4C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018686C83D92137A12A51F8E9CE3FC7E14A5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NCjq0hswGPiYpoxeZ1Td1Fz7akw.roa
Signing time: Sat 25 Feb 2023 04:15:15 +0000
ROA not before: Sat 25 Feb 2023 04:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:86:c8:3d:92:13:7a:12:a5:1f:8e:9c:e3:fc:7e:14:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 04:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3428ead21b3018f898a68c5e6754ddd45cfb6a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:be:ad:79:fa:15:78:7d:69:d0:c3:6c:9f:18:
61:aa:ec:08:70:8f:c6:7e:3a:48:d7:aa:11:f3:72:
93:be:db:71:f8:72:a8:a5:fb:6d:4d:2e:65:5f:97:
60:1f:41:a7:24:27:70:bd:9d:85:ef:c2:76:73:46:
57:84:32:a2:d6:c0:7a:b2:f1:02:8f:53:c1:e6:a6:
30:8e:3d:55:7a:c1:71:c5:14:52:c5:5a:91:05:2f:
78:13:9d:7b:5b:6f:41:56:f9:fb:a3:4a:36:a3:5e:
54:e1:bb:5a:54:15:47:51:5e:00:c8:f5:02:d1:c0:
59:83:dd:45:fe:5f:ef:2e:80:27:6e:86:c4:11:9b:
84:2c:a6:38:d2:b6:16:da:d8:7a:d3:83:2e:73:a6:
67:c5:d2:63:70:c8:cb:9e:81:9a:f9:ff:da:bc:20:
5c:37:a9:8c:bd:c8:ee:07:7c:10:b7:5b:20:d1:82:
6b:ee:2f:74:73:ed:9d:5c:df:87:80:f3:30:59:b2:
8f:f0:72:8f:57:5d:82:d1:64:49:88:c5:f1:4f:a1:
2b:1e:31:d8:0e:b0:f5:d5:77:42:fd:70:26:57:71:
03:a5:fd:21:1e:68:02:6c:34:c8:a5:96:e5:c9:06:
a2:24:2a:ff:c1:b5:b7:8a:a2:e0:eb:dc:06:8c:e9:
b7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:28:EA:D2:1B:30:18:F8:98:A6:8C:5E:67:54:DD:D4:5C:FB:6A:4C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NCjq0hswGPiYpoxeZ1Td1Fz7akw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:9f:ef:20:7f:5e:3a:53:97:76:5a:7c:c7:dd:e2:a7:50:cb:
f2:45:3a:ac:53:d1:24:8d:32:5b:78:75:5a:63:cf:77:27:f2:
f7:74:17:fb:0b:c6:59:f1:72:5c:10:b9:f9:a1:7b:46:92:b2:
19:2c:7d:f6:c4:3e:a5:db:72:21:87:7b:9c:43:23:88:dc:3d:
3f:b5:a2:e1:b0:43:74:6d:89:93:94:5b:47:89:2f:d9:28:5c:
f8:9a:4c:67:15:b9:7c:ae:9a:60:7f:48:35:38:b8:11:e6:d7:
27:f9:3b:a6:36:ee:20:d1:f7:51:84:22:05:ad:51:e0:5e:18:
53:82:6e:45:97:48:90:5c:0f:90:bd:76:18:c5:b6:b2:30:db:
fc:8b:c0:0d:47:17:c4:ee:86:9c:0a:7a:d6:6e:66:eb:29:6d:
d0:8e:6c:1a:03:67:f3:6a:20:ec:a7:65:a4:5f:88:5e:63:d8:
b9:f6:44:ae:ab:b6:39:c5:25:23:e0:da:0c:03:5a:17:d1:cc:
24:f7:20:18:80:88:ca:cc:5c:22:1b:c1:42:6d:f5:b2:8d:8e:
ae:cc:1a:74:ed:95:1b:14:ec:27:31:e5:e9:64:18:f2:3a:8a:
c5:7b:94:4c:19:62:4f:6a:8d:6f:06:a2:06:c4:2a:8e:bd:eb:
4b:fb:6f:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaGyD2SE3oSpR+OnOP8fhSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MDQxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDI4ZWFkMjFiMzAxOGY4OThhNjhjNWU2NzU0ZGRkNDVjZmI2YTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyb6tefoVeH1p0MNsnxhhquwIcI/G
fjpI16oR83KTvttx+HKopfttTS5lX5dgH0GnJCdwvZ2F78J2c0ZXhDKi1sB6svEC
j1PB5qYwjj1VesFxxRRSxVqRBS94E517W29BVvn7o0o2o15U4btaVBVHUV4AyPUC
0cBZg91F/l/vLoAnbobEEZuELKY40rYW2th604Muc6ZnxdJjcMjLnoGa+f/avCBc
N6mMvcjuB3wQt1sg0YJr7i90c+2dXN+HgPMwWbKP8HKPV12C0WRJiMXxT6ErHjHY
DrD11XdC/XAmV3EDpf0hHmgCbDTIpZblyQaiJCr/wbW3iqLg69wGjOm3xwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDQo6tIbMBj4mKaMXmdU3dRc+2pMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTkNqcTBoc3dHUGlZcG94ZVoxVGQxRno3YWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHuf7yB/XjpTl3ZafMfd
4qdQy/JFOqxT0SSNMlt4dVpjz3cn8vd0F/sLxlnxclwQufmhe0aSshksffbEPqXb
ciGHe5xDI4jcPT+1ouGwQ3RtiZOUW0eJL9koXPiaTGcVuXyummB/SDU4uBHm1yf5
O6Y27iDR91GEIgWtUeBeGFOCbkWXSJBcD5C9dhjFtrIw2/yLwA1HF8TuhpwKetZu
ZuspbdCObBoDZ/NqIOynZaRfiF5j2Ln2RK6rtjnFJSPg2gwDWhfRzCT3IBiAiMrM
XCIbwUJt9bKNjq7MGnTtlRsU7Ccx5elkGPI6isV7lEwZYk9qjW8GogbEKo6960v7
bzw=
-----END CERTIFICATE-----
Generated at Sat May 3 14:47:31 2025 by rpki-client