Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O32maHLjmDy13_EWk31wH1DIXeI.roa
File: O32maHLjmDy13_EWk31wH1DIXeI.roa (raw, json)
Hash identifier: zU2CndzeJwT3e1DqitWf/adU5eCQJMhq5r2fv82UoWo=
Subject key identifier: 3B:7D:A6:68:72:E3:98:3C:B5:DF:F1:16:93:7D:70:1F:50:C8:5D:E2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186AA32CEDE20A29D00126E1F3D67AA2663
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O32maHLjmDy13_EWk31wH1DIXeI.roa
Signing time: Sat 04 Mar 2023 01:18:21 +0000
ROA not before: Sat 04 Mar 2023 01:18:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:aa:32:ce:de:20:a2:9d:00:12:6e:1f:3d:67:aa:26:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 4 01:18:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b7da66872e3983cb5dff116937d701f50c85de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f3:d1:4d:a5:1b:98:8f:69:e7:1c:70:65:c5:
d5:94:5d:e9:03:62:02:31:dc:a5:67:ec:d0:c6:2d:
65:57:2b:45:10:98:38:77:56:0e:d7:1b:b6:f5:21:
8b:1a:21:f7:a0:7d:bb:1a:d6:33:9f:81:9b:7b:ba:
fb:de:8c:8d:95:f0:0a:b6:8a:9e:3a:8d:a2:6c:00:
61:41:9a:de:91:bc:21:df:ca:60:a1:be:59:80:bd:
3f:f0:7c:28:51:d6:40:1d:41:50:71:bc:16:7b:38:
4c:f0:f8:7d:78:ad:f8:c2:e7:b5:31:1f:56:68:e2:
75:6b:ef:6f:ac:67:4e:b8:ee:d1:e6:63:4f:90:72:
24:44:48:49:9a:1e:03:4d:62:10:16:ef:db:9a:b2:
17:81:d3:33:d1:c5:a2:74:05:a7:a5:11:99:6f:95:
e0:24:92:85:be:cb:cb:b4:8a:bc:c5:4a:dd:88:ed:
79:a6:8f:a7:a2:7d:f4:3f:bf:4c:2b:a7:8a:11:a1:
42:3a:1d:84:7a:67:36:b6:f2:64:60:c1:e2:d0:82:
95:e2:c4:47:3f:c3:0a:d3:d4:dd:b7:92:06:bd:40:
1b:cd:fd:08:b3:2b:4b:b1:bd:9d:78:6d:1e:9b:8b:
a0:01:42:84:d1:15:70:72:6b:86:bf:94:9e:4b:a9:
32:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:7D:A6:68:72:E3:98:3C:B5:DF:F1:16:93:7D:70:1F:50:C8:5D:E2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/O32maHLjmDy13_EWk31wH1DIXeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:7f:2e:e0:57:68:6a:a6:68:87:ed:2d:49:27:db:2e:1d:27:
e3:6f:63:67:0c:2a:a2:d1:8f:03:6a:7e:f0:35:db:a6:00:c4:
06:94:36:d9:ec:fe:20:8c:fb:75:ec:4c:ab:f2:f7:02:af:f4:
25:87:fb:c2:4d:97:0e:a4:04:7d:30:17:ed:5b:89:3e:56:87:
e3:2e:f1:d0:f4:bb:fc:d7:76:a4:34:20:b3:2b:a8:39:0f:95:
3a:fc:db:16:a3:f9:b5:c6:68:f2:13:fa:07:10:30:7a:17:69:
8f:a3:fe:d9:d9:d7:c3:cf:b2:f2:f9:9e:0e:5a:51:80:e5:6f:
0e:99:b9:ed:a2:cb:90:5a:aa:c4:82:2b:e4:c2:19:7b:e6:40:
04:f6:bb:bf:09:2a:f0:dc:17:0c:f4:61:df:5f:86:31:97:d3:
7c:63:e5:33:45:99:1a:67:04:29:fa:08:aa:bd:f3:51:b0:70:
61:96:a9:5b:53:6b:fb:f3:ea:43:ce:a6:9e:d8:bf:2f:2c:69:
34:b5:c1:29:f4:5b:e9:21:8d:f1:9c:ac:61:c6:7d:e6:01:e5:
cb:12:bb:a3:26:22:ea:ee:8b:a0:76:83:df:e8:fc:ac:68:5d:
36:94:40:84:15:33:4e:86:d8:6f:5e:bf:02:f5:71:a9:a2:14:
12:85:1f:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaqMs7eIKKdABJuHz1nqiZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA0MDExODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjdkYTY2ODcyZTM5ODNjYjVkZmYxMTY5MzdkNzAxZjUwYzg1ZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfPRTaUbmI9p5xxwZcXVlF3pA2IC
MdylZ+zQxi1lVytFEJg4d1YO1xu29SGLGiH3oH27GtYzn4Gbe7r73oyNlfAKtoqe
Oo2ibABhQZrekbwh38pgob5ZgL0/8HwoUdZAHUFQcbwWezhM8Ph9eK34wue1MR9W
aOJ1a+9vrGdOuO7R5mNPkHIkREhJmh4DTWIQFu/bmrIXgdMz0cWidAWnpRGZb5Xg
JJKFvsvLtIq8xUrdiO15po+non30P79MK6eKEaFCOh2Eemc2tvJkYMHi0IKV4sRH
P8MK09Tdt5IGvUAbzf0IsytLsb2deG0em4ugAUKE0RVwcmuGv5SeS6kyYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDt9pmhy45g8td/xFpN9cB9QyF3iMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTzMybWFITGptRHkxM19FV2szMXdIMURJWGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAF/LuBXaGqmaIftLUkn
2y4dJ+NvY2cMKqLRjwNqfvA126YAxAaUNtns/iCM+3XsTKvy9wKv9CWH+8JNlw6k
BH0wF+1biT5Wh+Mu8dD0u/zXdqQ0ILMrqDkPlTr82xaj+bXGaPIT+gcQMHoXaY+j
/tnZ18PPsvL5ng5aUYDlbw6Zue2iy5BaqsSCK+TCGXvmQAT2u78JKvDcFwz0Yd9f
hjGX03xj5TNFmRpnBCn6CKq981GwcGGWqVtTa/vz6kPOpp7Yvy8saTS1wSn0W+kh
jfGcrGHGfeYB5csSu6MmIurui6B2g9/o/KxoXTaUQIQVM06G2G9evwL1camiFBKF
HzE=
-----END CERTIFICATE-----
Generated at Thu May 1 11:16:38 2025 by rpki-client