Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Nf9KsP_rp4maTarbIqiC61QetaA.roa
File: Nf9KsP_rp4maTarbIqiC61QetaA.roa (raw, json)
Hash identifier: OQaJzp4SNdTLK086tfY0/0ngZD6Rw05ZeKXDTvs50Z4=
Subject key identifier: 35:FF:4A:B0:FF:EB:A7:89:9A:4D:AA:DB:22:A8:82:EB:54:1E:B5:A0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186638E54B7CB9AB3C817F2EA5AF0DD58FD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Nf9KsP_rp4maTarbIqiC61QetaA.roa
Signing time: Sat 18 Feb 2023 08:05:17 +0000
ROA not before: Sat 18 Feb 2023 08:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:638d:8923/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:63:8e:54:b7:cb:9a:b3:c8:17:f2:ea:5a:f0:dd:58:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 18 08:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35ff4ab0ffeba7899a4daadb22a882eb541eb5a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:17:68:9c:26:27:82:38:6c:b0:2e:86:91:9c:
d6:2b:9a:92:07:cd:1b:59:b9:f6:9e:a4:f7:af:49:
06:c1:5c:ea:e8:f6:c7:a6:29:2a:8a:bc:c5:5b:c1:
29:7a:0c:f8:7f:82:a3:a7:a4:19:5c:05:38:3b:2a:
ef:28:b4:46:18:ca:e2:9f:e9:bc:92:f6:d2:e4:2d:
89:92:cd:7c:f6:4e:70:95:f2:df:f3:90:51:c0:87:
92:23:20:c9:d7:02:13:21:51:fb:53:8a:6c:ed:cb:
d8:00:40:da:5a:7e:20:9e:5f:1b:86:5d:ad:5b:46:
22:4e:5a:38:3d:83:0a:e3:11:da:f6:bd:2a:79:03:
8a:a0:0d:0c:ee:ea:81:1a:04:00:68:1e:39:3b:e5:
86:0d:1a:52:00:03:de:9f:ce:1c:55:85:77:d4:9b:
c9:ae:91:77:d8:cb:ba:42:16:c5:6f:3c:d0:3c:7b:
eb:2a:7e:45:d2:85:37:6f:35:35:57:fd:15:f0:6f:
68:85:b7:b7:cc:e0:02:26:71:cb:fe:de:b1:28:74:
ed:db:3b:97:ae:ae:54:14:e3:ab:42:d6:fd:81:51:
a7:8e:62:d2:08:32:bc:0d:bc:44:b7:73:0b:8f:55:
9a:64:50:cf:af:36:31:12:80:c3:fc:63:fa:41:48:
5e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:FF:4A:B0:FF:EB:A7:89:9A:4D:AA:DB:22:A8:82:EB:54:1E:B5:A0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Nf9KsP_rp4maTarbIqiC61QetaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:a9:d5:a0:e7:37:6d:54:23:9a:15:8b:90:ca:23:3f:45:c1:
98:c8:19:45:6b:18:02:31:b3:a5:62:bd:7e:8a:45:63:ed:56:
c5:62:7e:a6:fb:93:f4:81:d9:2f:4e:d5:e8:10:39:2e:3e:92:
55:ef:91:7f:c4:eb:b9:3b:96:f2:35:f8:f4:fa:5d:af:a4:66:
c5:f4:f0:c1:65:0b:28:de:8c:61:85:29:54:c5:7a:e4:a9:d5:
ee:86:ab:6c:3f:15:fd:fb:4a:55:18:7a:00:a7:d5:99:d5:0a:
ef:82:1a:4c:f9:d5:06:97:1f:da:34:28:28:fa:f8:d6:9c:c3:
57:fa:46:59:b0:a1:db:36:c5:ac:00:1a:7c:24:dd:70:ff:0f:
ef:62:29:23:5d:bb:76:98:04:bd:3d:d7:21:d1:0b:5b:e1:d4:
04:a0:3f:ec:ad:0e:73:3b:4e:bc:33:5b:4d:85:a1:a3:f1:91:
8e:1a:e4:fa:b5:21:fd:0b:eb:a8:a5:be:96:bd:fa:c0:43:e8:
8a:4b:4c:d2:be:66:cd:63:dd:f3:32:f0:b8:86:e3:d4:68:8d:
6f:d2:f1:ea:be:9e:ee:9b:0d:0f:95:ad:68:9e:41:fa:40:82:
2c:27:05:e6:2e:7a:f4:cc:01:49:43:1c:a6:99:cf:2a:22:0e:
a4:c6:d8:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZjjlS3y5qzyBfy6lrw3Vj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE4MDgwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWZmNGFiMGZmZWJhNzg5OWE0ZGFhZGIyMmE4ODJlYjU0MWViNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxdonCYngjhssC6GkZzWK5qSB80b
Wbn2nqT3r0kGwVzq6PbHpikqirzFW8Epegz4f4Kjp6QZXAU4OyrvKLRGGMrin+m8
kvbS5C2Jks189k5wlfLf85BRwIeSIyDJ1wITIVH7U4ps7cvYAEDaWn4gnl8bhl2t
W0YiTlo4PYMK4xHa9r0qeQOKoA0M7uqBGgQAaB45O+WGDRpSAAPen84cVYV31JvJ
rpF32Mu6QhbFbzzQPHvrKn5F0oU3bzU1V/0V8G9ohbe3zOACJnHL/t6xKHTt2zuX
rq5UFOOrQtb9gVGnjmLSCDK8DbxEt3MLj1WaZFDPrzYxEoDD/GP6QUhejQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDX/SrD/66eJmk2q2yKogutUHrWgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTmY5S3NQX3JwNG1hVGFyYklxaUM2MVFldGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACSp1aDnN21UI5oVi5DK
Iz9FwZjIGUVrGAIxs6VivX6KRWPtVsVifqb7k/SB2S9O1egQOS4+klXvkX/E67k7
lvI1+PT6Xa+kZsX08MFlCyjejGGFKVTFeuSp1e6Gq2w/Ff37SlUYegCn1ZnVCu+C
Gkz51QaXH9o0KCj6+Nacw1f6Rlmwods2xawAGnwk3XD/D+9iKSNdu3aYBL091yHR
C1vh1ASgP+ytDnM7TrwzW02FoaPxkY4a5Pq1If0L66ilvpa9+sBD6IpLTNK+Zs1j
3fMy8LiG49RojW/S8eq+nu6bDQ+VrWieQfpAgiwnBeYuevTMAUlDHKaZzyoiDqTG
2Nw=
-----END CERTIFICATE-----
Generated at Thu May 1 12:21:51 2025 by rpki-client