Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NEVYo7oikBShjk2hf2sh1dGuR3k.roa
File: NEVYo7oikBShjk2hf2sh1dGuR3k.roa (raw, json)
Hash identifier: 2fKZ7HsCtOy17fuC9h9sQ3ug+9/iOEzW1aZ57KkPuDE=
Subject key identifier: 34:45:58:A3:BA:22:90:14:A1:8E:4D:A1:7F:6B:21:D5:D1:AE:47:79
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189B27CE629194BD3C0D83BEA302F12488C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NEVYo7oikBShjk2hf2sh1dGuR3k.roa
Signing time: Tue 01 Aug 2023 19:04:37 +0000
ROA not before: Tue 01 Aug 2023 19:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:b27c:8deb/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b2:7c:e6:29:19:4b:d3:c0:d8:3b:ea:30:2f:12:48:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 1 19:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=344558a3ba229014a18e4da17f6b21d5d1ae4779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:71:2f:b4:75:10:c2:87:50:bb:76:a7:eb:95:
88:a0:45:c3:d4:6e:39:56:46:49:84:8f:88:de:01:
dd:43:f5:cb:6b:9a:1f:ee:30:72:31:b2:37:1c:9a:
2e:65:64:b1:ce:c5:bb:84:80:85:dc:02:b8:a0:de:
91:0b:ec:ea:8d:49:51:52:d3:f2:0c:a5:05:27:08:
6c:27:f1:65:d8:1b:5e:b1:b0:41:a0:0a:14:04:a8:
de:24:1a:1d:7d:c1:39:46:37:c4:6a:ba:b8:fd:41:
48:b5:77:86:73:ea:5d:67:c1:22:8d:ad:d5:58:e0:
c7:6c:28:d2:81:eb:6c:8a:09:99:cf:d2:3b:77:20:
30:b9:42:11:44:c5:03:0f:95:47:fd:99:6b:bd:55:
4d:c3:4b:ad:cb:17:fd:11:f6:b1:07:75:c2:34:ef:
49:e3:c9:57:18:93:4a:0d:fb:54:07:c7:7c:fa:a0:
22:3a:41:75:ea:c3:20:ff:f5:63:ea:21:c1:45:4f:
a7:a9:20:2a:2e:68:1d:4e:20:f8:ca:cd:97:9c:c1:
07:91:91:1c:3c:42:fb:4f:31:d4:5d:30:3a:74:3f:
d0:d9:a6:07:00:03:8b:a5:2c:4d:9c:14:1f:0e:e5:
27:97:14:d8:12:f8:8a:09:13:40:71:04:9a:5d:9f:
4b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:45:58:A3:BA:22:90:14:A1:8E:4D:A1:7F:6B:21:D5:D1:AE:47:79
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NEVYo7oikBShjk2hf2sh1dGuR3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:47:c6:0a:98:4d:9b:ff:1b:e5:3f:f1:a4:b1:a1:4c:2c:32:
94:f6:92:74:d1:cc:c3:8e:8f:9d:30:ad:3b:ca:cc:7b:95:68:
c9:0b:ce:97:75:30:ea:26:3a:cd:b9:4f:1c:69:54:e0:3a:a3:
5e:a8:f4:71:1a:97:e1:c6:bf:96:44:68:91:45:27:e9:73:90:
4b:03:0c:01:95:48:2f:ef:44:5f:5c:d5:bf:1e:7b:5b:59:f9:
1f:5e:71:b3:ac:4c:2e:34:e8:1c:57:ac:e0:3f:f3:66:f4:a1:
fc:07:c0:80:c1:49:9a:84:ba:6b:4a:98:7e:d1:05:b4:53:1f:
49:8e:f5:23:20:4d:06:2e:4e:4f:9e:89:6f:63:eb:68:07:bf:
e6:34:77:b7:73:c6:e0:7d:8e:3e:e3:e9:e3:ce:b2:95:29:c5:
cb:9f:5b:6a:82:b0:66:a6:bb:da:df:1c:e6:de:a0:59:d4:ac:
12:69:b2:67:1d:75:86:1a:8f:52:c9:90:db:f0:d9:6b:b1:08:
4d:b0:29:12:a5:64:16:cb:8f:7d:6f:b7:21:27:88:de:46:77:
ed:7e:24:4a:b4:cf:62:13:7f:46:4e:8b:8e:ab:a3:a0:a7:85:
ca:b1:10:1b:14:d8:de:aa:2e:ff:12:b3:ef:a5:23:29:27:4b:
00:77:d1:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmyfOYpGUvTwNg76jAvEkiMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODAxMTkwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDQ1NThhM2JhMjI5MDE0YTE4ZTRkYTE3ZjZiMjFkNWQxYWU0Nzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nEvtHUQwodQu3an65WIoEXD1G45
VkZJhI+I3gHdQ/XLa5of7jByMbI3HJouZWSxzsW7hICF3AK4oN6RC+zqjUlRUtPy
DKUFJwhsJ/Fl2BtesbBBoAoUBKjeJBodfcE5RjfEarq4/UFItXeGc+pdZ8Eija3V
WODHbCjSgetsigmZz9I7dyAwuUIRRMUDD5VH/ZlrvVVNw0utyxf9EfaxB3XCNO9J
48lXGJNKDftUB8d8+qAiOkF16sMg//Vj6iHBRU+nqSAqLmgdTiD4ys2XnMEHkZEc
PEL7TzHUXTA6dD/Q2aYHAAOLpSxNnBQfDuUnlxTYEviKCRNAcQSaXZ9L8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDRFWKO6IpAUoY5NoX9rIdXRrkd5MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTkVWWW83b2lrQlNoamsyaGYyc2gxZEd1UjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKFHxgqYTZv/G+U/8aSx
oUwsMpT2knTRzMOOj50wrTvKzHuVaMkLzpd1MOomOs25TxxpVOA6o16o9HEal+HG
v5ZEaJFFJ+lzkEsDDAGVSC/vRF9c1b8ee1tZ+R9ecbOsTC406BxXrOA/82b0ofwH
wIDBSZqEumtKmH7RBbRTH0mO9SMgTQYuTk+eiW9j62gHv+Y0d7dzxuB9jj7j6ePO
spUpxcufW2qCsGamu9rfHObeoFnUrBJpsmcddYYaj1LJkNvw2WuxCE2wKRKlZBbL
j31vtyEniN5Gd+1+JEq0z2ITf0ZOi46ro6CnhcqxEBsU2N6qLv8Ss++lIyknSwB3
0dU=
-----END CERTIFICATE-----
Generated at Thu May 1 20:23:34 2025 by rpki-client