Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NSDa4Yw6TCPCJTIBKW3Ah3078Ws.roa
File: NSDa4Yw6TCPCJTIBKW3Ah3078Ws.roa (raw, json)
Hash identifier: dx/+Amg9PYueb41wu8ngDA4GsdnXZBmjPaABBtyIqaM=
Subject key identifier: 35:20:DA:E1:8C:3A:4C:23:C2:25:32:01:29:6D:C0:87:7D:3B:F1:6B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183647897A6B0498F78ADA5332CC252A458
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NSDa4Yw6TCPCJTIBKW3Ah3078Ws.roa
Signing time: Thu 22 Sep 2022 09:12:48 +0000
ROA not before: Thu 22 Sep 2022 09:12:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:50b3:5643/128 maxlen: 128
2001:67c:64:ffff:0:183:5f81:ab13/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:64:78:97:a6:b0:49:8f:78:ad:a5:33:2c:c2:52:a4:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 22 09:12:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3520dae18c3a4c23c2253201296dc0877d3bf16b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9d:2a:41:1e:58:2e:07:ff:f4:00:00:00:1c:
94:ce:db:96:ab:95:80:88:af:f4:6f:d9:d5:b3:16:
84:30:cc:a5:74:ed:34:59:a4:15:ed:ca:6b:e5:dd:
2a:3c:50:ff:7c:f0:e6:f6:3f:0e:73:a9:54:f4:d0:
4a:4a:c2:1f:8d:ee:c2:5c:86:f4:ef:2a:8a:0b:f7:
c5:6e:78:7d:6f:d5:90:e5:97:a5:f7:b7:d6:0b:2c:
74:af:8c:42:b4:fa:d6:2c:17:33:fb:59:a8:77:49:
73:9e:c3:54:1a:4c:1b:bd:c7:f0:78:fc:9e:e9:ff:
af:24:90:d9:a3:6f:d1:10:7e:65:e6:f3:fc:02:92:
d4:47:11:84:0e:d0:1d:75:43:ab:69:f9:2e:86:86:
ec:94:42:b8:98:e2:c5:25:2b:4d:0b:24:b0:6b:d8:
bb:91:b1:54:f1:ed:e1:f5:b1:fb:bf:1e:c3:02:e4:
22:db:28:76:ab:3a:7c:b2:4d:de:2e:27:59:f6:b0:
aa:db:df:98:9c:4c:d6:f3:80:c2:c3:9d:b2:bd:98:
61:5f:41:83:b9:50:20:11:0f:a8:b1:ef:c1:6b:83:
34:4a:1d:af:af:ef:c4:3e:c6:a4:7d:32:d1:ae:6b:
8d:b9:60:bb:72:16:fa:38:d6:57:a1:86:ae:50:19:
d8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:20:DA:E1:8C:3A:4C:23:C2:25:32:01:29:6D:C0:87:7D:3B:F1:6B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NSDa4Yw6TCPCJTIBKW3Ah3078Ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:85:06:19:3d:de:7d:b6:57:da:9a:c1:65:81:d4:1d:6c:3b:
0e:bf:44:d6:34:f8:b1:1d:dd:8d:7a:b0:0e:50:74:7b:e8:16:
4f:fd:37:6f:20:ae:b9:e1:f4:4e:3d:83:83:d0:93:e8:0a:17:
dd:38:5b:cb:7e:e8:a3:25:52:27:4a:8a:3d:f0:f6:2f:82:81:
d7:b5:26:cb:7a:88:72:02:ad:11:74:d8:a5:c6:01:81:1a:7b:
d8:b4:5b:e7:12:36:ce:42:ef:0d:96:56:75:d4:3e:f0:ae:10:
03:55:c2:a7:2b:3a:bf:2e:18:b5:a8:e7:91:f1:28:54:ba:76:
da:f3:77:e8:82:3a:64:d1:0e:a6:20:ca:de:d2:87:9a:bd:8c:
37:91:28:6b:de:bc:2d:0f:6c:66:5b:b0:9e:2f:07:07:59:13:
f1:e6:ba:68:07:b3:33:63:73:dc:65:b2:e0:e1:51:6f:54:c0:
cb:53:28:a9:91:c7:86:44:42:11:aa:21:af:f6:a5:18:d7:60:
93:38:ec:67:b4:e0:d1:67:c2:9a:fc:7e:37:3c:51:8b:f4:e0:
87:dc:dd:9f:ee:b1:73:00:21:61:a5:0a:a0:35:cb:0f:f9:94:
ed:89:10:03:c7:56:1d:89:42:1d:a1:52:3c:fd:98:52:ae:7f:
85:58:20:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYNkeJemsEmPeK2lMyzCUqRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTIyMDkxMjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTIwZGFlMThjM2E0YzIzYzIyNTMyMDEyOTZkYzA4NzdkM2JmMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ0qQR5YLgf/9AAAAByUztuWq5WA
iK/0b9nVsxaEMMyldO00WaQV7cpr5d0qPFD/fPDm9j8Oc6lU9NBKSsIfje7CXIb0
7yqKC/fFbnh9b9WQ5Zel97fWCyx0r4xCtPrWLBcz+1mod0lznsNUGkwbvcfwePye
6f+vJJDZo2/REH5l5vP8ApLURxGEDtAddUOrafkuhobslEK4mOLFJStNCySwa9i7
kbFU8e3h9bH7vx7DAuQi2yh2qzp8sk3eLidZ9rCq29+YnEzW84DCw52yvZhhX0GD
uVAgEQ+ose/Ba4M0Sh2vr+/EPsakfTLRrmuNuWC7chb6ONZXoYauUBnYCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDUg2uGMOkwjwiUyASltwId9O/FrMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTlNEYTRZdzZUQ1BDSlRJQktXM0FoMzA3OFdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJyFBhk93n22V9qawWWB
1B1sOw6/RNY0+LEd3Y16sA5QdHvoFk/9N28grrnh9E49g4PQk+gKF904W8t+6KMl
UidKij3w9i+Cgde1Jst6iHICrRF02KXGAYEae9i0W+cSNs5C7w2WVnXUPvCuEANV
wqcrOr8uGLWo55HxKFS6dtrzd+iCOmTRDqYgyt7Sh5q9jDeRKGvevC0PbGZbsJ4v
BwdZE/HmumgHszNjc9xlsuDhUW9UwMtTKKmRx4ZEQhGqIa/2pRjXYJM47Ge04NFn
wpr8fjc8UYv04Ifc3Z/usXMAIWGlCqA1yw/5lO2JEAPHVh2JQh2hUjz9mFKuf4VY
IMQ=
-----END CERTIFICATE-----
Generated at Thu May 1 09:41:50 2025 by rpki-client