Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RWDMZ15Wj4SO_D22Dc-_qyTfE70.roa
File: RWDMZ15Wj4SO_D22Dc-_qyTfE70.roa (raw, json)
Hash identifier: p6To9ITYxsBXfMGNmj6k3m5L8/LxjK2Cg0M1pn7cz8o=
Subject key identifier: 45:60:CC:67:5E:56:8F:84:8E:FC:3D:B6:0D:CF:BF:AB:24:DF:13:BD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186BD089285D6C4E3E8E08BF41C64D5D5AD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RWDMZ15Wj4SO_D22Dc-_qyTfE70.roa
Signing time: Tue 07 Mar 2023 17:05:00 +0000
ROA not before: Tue 07 Mar 2023 17:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:bd08:2f4d/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bd:08:92:85:d6:c4:e3:e8:e0:8b:f4:1c:64:d5:d5:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 7 17:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4560cc675e568f848efc3db60dcfbfab24df13bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d0:59:41:0b:96:f0:6b:e4:30:c1:45:8c:d1:
8e:6c:5f:7d:2e:a1:62:51:f3:42:9e:48:b4:50:e2:
08:79:b3:cb:23:b7:b7:0d:34:58:98:05:5a:3e:fa:
e3:f4:5d:74:7f:6e:f5:ce:77:8a:e6:e8:1a:b9:9e:
ae:64:a7:06:1b:7c:01:7d:e1:f1:67:21:9e:72:bd:
cd:9e:9a:87:b8:34:a9:cd:c1:a8:52:38:2b:7e:83:
af:7a:3c:32:d0:82:c7:05:c9:2a:45:96:e3:f2:64:
12:49:81:95:3a:cd:0b:63:b8:3c:b6:5d:05:58:ed:
2e:96:e0:7c:f7:f4:5f:3e:95:aa:5a:c9:b5:e8:3c:
aa:d2:c2:24:a9:89:ff:e1:94:ed:fb:80:1a:54:dd:
d1:d2:1c:93:eb:cf:c4:5a:52:43:df:46:1d:32:f1:
79:d8:09:28:b5:85:0c:31:be:0c:25:29:5a:d8:0b:
c7:d0:54:e2:c3:4b:17:53:d5:c9:b8:fe:78:66:a2:
36:ad:a2:70:e2:44:2c:ec:d3:b3:b3:59:57:e2:82:
6b:98:d7:e6:9b:e0:ba:c2:4b:56:ec:9c:10:00:7c:
0a:04:06:5f:4e:51:e2:5c:f5:1e:78:d0:92:cf:f4:
f0:f2:91:ab:43:01:c3:0d:9b:ec:b5:31:2c:f5:52:
74:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:60:CC:67:5E:56:8F:84:8E:FC:3D:B6:0D:CF:BF:AB:24:DF:13:BD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RWDMZ15Wj4SO_D22Dc-_qyTfE70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:ac:29:91:dd:08:a2:b0:d4:94:90:cb:67:78:bf:b0:49:b9:
e4:3c:1c:b9:21:d2:07:49:c1:fd:3d:f3:b2:88:09:69:1e:de:
fe:db:34:9b:a4:8d:05:81:3a:0e:e9:54:9a:23:de:e6:4f:e5:
75:82:0e:91:fa:82:ad:aa:bc:f4:86:45:bf:94:ca:26:84:ba:
24:f1:1e:b3:16:99:73:dc:77:24:6d:6d:98:65:da:f5:e9:98:
0e:a3:9c:67:15:6d:01:79:fe:c3:3d:f2:65:4d:4c:da:9c:ab:
b0:fc:62:54:75:25:27:1f:c9:7c:50:7d:0c:17:da:c9:dd:30:
7a:8a:83:55:37:e3:97:db:40:05:3d:f1:93:18:cb:49:52:12:
58:50:36:87:9c:f1:2f:6b:a3:f0:33:f5:e6:d9:a9:f8:42:f5:
70:e4:84:09:56:f9:67:4a:64:35:9c:b9:28:2b:d7:c1:3b:cc:
a7:82:f9:5e:98:3c:bb:ef:7b:f0:27:f1:91:5d:e0:51:18:ef:
32:8a:ef:d5:2a:73:ef:fb:4f:62:1d:18:b5:c6:99:da:2a:41:
19:bf:2a:b9:df:aa:00:ec:96:62:32:8a:59:44:a4:92:b9:04:
b5:81:83:d3:f8:db:d4:cf:86:d5:38:bf:17:5d:d8:56:a1:7d:
f1:75:19:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYa9CJKF1sTj6OCL9Bxk1dWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA3MTcwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTYwY2M2NzVlNTY4Zjg0OGVmYzNkYjYwZGNmYmZhYjI0ZGYxM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9BZQQuW8GvkMMFFjNGObF99LqFi
UfNCnki0UOIIebPLI7e3DTRYmAVaPvrj9F10f271zneK5ugauZ6uZKcGG3wBfeHx
ZyGecr3NnpqHuDSpzcGoUjgrfoOvejwy0ILHBckqRZbj8mQSSYGVOs0LY7g8tl0F
WO0uluB89/RfPpWqWsm16Dyq0sIkqYn/4ZTt+4AaVN3R0hyT68/EWlJD30YdMvF5
2AkotYUMMb4MJSla2AvH0FTiw0sXU9XJuP54ZqI2raJw4kQs7NOzs1lX4oJrmNfm
m+C6wktW7JwQAHwKBAZfTlHiXPUeeNCSz/Tw8pGrQwHDDZvstTEs9VJ0vQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEVgzGdeVo+Ejvw9tg3Pv6sk3xO9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUldETVoxNVdqNFNPX0QyMkRjLV9xeVRmRTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHmsKZHdCKKw1JSQy2d4
v7BJueQ8HLkh0gdJwf0987KICWke3v7bNJukjQWBOg7pVJoj3uZP5XWCDpH6gq2q
vPSGRb+UyiaEuiTxHrMWmXPcdyRtbZhl2vXpmA6jnGcVbQF5/sM98mVNTNqcq7D8
YlR1JScfyXxQfQwX2sndMHqKg1U345fbQAU98ZMYy0lSElhQNoec8S9ro/Az9ebZ
qfhC9XDkhAlW+WdKZDWcuSgr18E7zKeC+V6YPLvve/An8ZFd4FEY7zKK79Uqc+/7
T2IdGLXGmdoqQRm/KrnfqgDslmIyillEpJK5BLWBg9P429TPhtU4vxdd2FahffF1
GaU=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:43:04 2025 by rpki-client