Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RL3QJePA6FrYs93XPLPQkkH7u6Y.roa
File: RL3QJePA6FrYs93XPLPQkkH7u6Y.roa (raw, json)
Hash identifier: IYQQwgdjbuW32PIKTqpGdfpiSrSlhwcT2wXUIcZEnYU=
Subject key identifier: 44:BD:D0:25:E3:C0:E8:5A:D8:B3:DD:D7:3C:B3:D0:92:41:FB:BB:A6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01870B23791CFF3808856D4FD6FB4F2CE586
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RL3QJePA6FrYs93XPLPQkkH7u6Y.roa
Signing time: Wed 22 Mar 2023 21:04:46 +0000
ROA not before: Wed 22 Mar 2023 21:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:187:b22:ea63/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0b:23:79:1c:ff:38:08:85:6d:4f:d6:fb:4f:2c:e5:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 22 21:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44bdd025e3c0e85ad8b3ddd73cb3d09241fbbba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:aa:97:c1:c4:8b:24:3e:0d:90:42:1b:23:ee:
ae:84:0e:79:bd:68:8c:4f:1d:da:2f:bc:49:b1:5f:
5c:75:18:09:96:9d:99:98:6e:50:72:a5:ae:1f:75:
ef:05:c9:99:ff:88:e7:c6:8a:1d:87:ac:81:ba:e0:
2e:fa:17:9f:96:d4:3d:19:98:3c:5e:c8:31:18:58:
ca:c1:ac:ac:ed:b3:e8:66:b9:84:1d:39:46:93:61:
b4:c6:df:33:ab:d5:66:ff:b0:d6:5d:eb:19:dc:d2:
4e:43:80:bb:7a:0f:dd:18:b9:c1:2c:05:a3:59:75:
e1:5e:7a:ce:65:b3:c7:38:80:e3:ab:47:ad:46:20:
3b:01:ff:74:f4:81:dc:6b:5d:20:e8:68:2c:ef:e4:
89:d3:c2:1b:08:7a:94:69:20:b1:ec:60:cd:a4:44:
cc:3e:86:02:05:3e:09:62:17:b8:34:a3:6c:7a:a0:
bc:2b:1b:c5:e5:7b:c3:b1:9c:5e:47:54:bf:55:e0:
68:46:89:7b:55:8b:0b:35:f3:ed:93:79:85:4c:ec:
d6:6a:38:a9:fa:99:0e:84:6e:b2:83:73:fd:0e:ed:
86:95:c5:27:16:4e:f1:53:04:bf:76:6d:d8:4d:ba:
5a:5f:31:dd:bc:c5:ff:7f:cb:12:6a:e6:47:5f:ec:
c8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:BD:D0:25:E3:C0:E8:5A:D8:B3:DD:D7:3C:B3:D0:92:41:FB:BB:A6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RL3QJePA6FrYs93XPLPQkkH7u6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:7e:55:01:b7:de:6b:87:5a:81:f6:78:24:b8:6f:8d:29:7e:
52:ea:a6:38:53:87:2b:36:9a:71:52:b7:c4:36:32:0a:65:e1:
c4:c9:a3:78:ed:05:4e:c6:f5:6a:08:68:af:36:e5:2b:82:57:
d5:c1:16:ac:23:30:03:d7:ec:ae:26:81:e4:73:e4:06:76:58:
0d:b8:6e:d1:89:eb:e8:2e:de:42:4e:37:66:a0:7d:0f:f8:db:
e9:59:57:41:65:30:00:59:db:9c:f8:77:d3:bb:01:b7:1b:f3:
1a:69:4b:54:9d:15:8b:fa:0a:ab:9a:8e:b4:c5:32:7a:04:9b:
1d:bb:e8:c7:43:36:2d:ed:16:15:6e:19:6a:ca:b1:03:8a:62:
7e:6e:30:9d:6d:dc:15:45:73:44:b1:c7:65:c2:be:5e:17:9b:
6e:a8:93:12:7d:d9:77:84:91:56:6e:99:c5:13:dc:d9:ba:f6:
e4:d4:dc:b3:35:01:92:42:c1:b5:23:2f:fa:4b:e5:86:c7:34:
4f:45:ef:ac:43:26:30:e4:23:6e:63:61:96:a6:79:b6:41:51:
75:89:cd:e8:48:21:13:00:59:6d:2d:1c:84:db:dd:5c:1e:c5:
81:b2:45:02:fc:08:35:a5:9d:fb:e0:a1:24:fd:cc:ce:4f:ea:
e8:f4:da:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcLI3kc/zgIhW1P1vtPLOWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzIyMjEwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGJkZDAyNWUzYzBlODVhZDhiM2RkZDczY2IzZDA5MjQxZmJiYmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKqXwcSLJD4NkEIbI+6uhA55vWiM
Tx3aL7xJsV9cdRgJlp2ZmG5QcqWuH3XvBcmZ/4jnxoodh6yBuuAu+hefltQ9GZg8
XsgxGFjKways7bPoZrmEHTlGk2G0xt8zq9Vm/7DWXesZ3NJOQ4C7eg/dGLnBLAWj
WXXhXnrOZbPHOIDjq0etRiA7Af909IHca10g6Ggs7+SJ08IbCHqUaSCx7GDNpETM
PoYCBT4JYhe4NKNseqC8KxvF5XvDsZxeR1S/VeBoRol7VYsLNfPtk3mFTOzWajip
+pkOhG6yg3P9Du2GlcUnFk7xUwS/dm3YTbpaXzHdvMX/f8sSauZHX+zIzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFES90CXjwOha2LPd1zyz0JJB+7umMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUkwzUUplUEE2RnJZczkzWFBMUFFra0g3dTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADF+VQG33muHWoH2eCS4
b40pflLqpjhThys2mnFSt8Q2Mgpl4cTJo3jtBU7G9WoIaK825SuCV9XBFqwjMAPX
7K4mgeRz5AZ2WA24btGJ6+gu3kJON2agfQ/42+lZV0FlMABZ25z4d9O7Abcb8xpp
S1SdFYv6CquajrTFMnoEmx276MdDNi3tFhVuGWrKsQOKYn5uMJ1t3BVFc0Sxx2XC
vl4Xm26okxJ92XeEkVZumcUT3Nm69uTU3LM1AZJCwbUjL/pL5YbHNE9F76xDJjDk
I25jYZamebZBUXWJzehIIRMAWW0tHITb3VwexYGyRQL8CDWlnfvgoST9zM5P6uj0
2nQ=
-----END CERTIFICATE-----
Generated at Thu May 1 11:17:50 2025 by rpki-client