Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Rz1ufVPICuriK3RufoCJIzAQAkY.roa
File: Rz1ufVPICuriK3RufoCJIzAQAkY.roa (raw, json)
Hash identifier: lSfaU1QuTUJ5fzNaolx12ZXUSjReo/nwKXw7Zjw4WHo=
Subject key identifier: 47:3D:6E:7D:53:C8:0A:EA:E2:2B:74:6E:7E:80:89:23:30:10:02:46
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185940EE4888B3638F40B8341C6F1919E42
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Rz1ufVPICuriK3RufoCJIzAQAkY.roa
Signing time: Mon 09 Jan 2023 01:04:42 +0000
ROA not before: Mon 09 Jan 2023 01:04:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:940e:7130/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:94:0e:e4:88:8b:36:38:f4:0b:83:41:c6:f1:91:9e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 9 01:04:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=473d6e7d53c80aeae22b746e7e80892330100246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4d:2a:d6:5a:2b:bd:34:98:18:3d:07:0c:dc:
80:81:ac:1c:11:08:9e:36:cc:6d:ad:2c:68:c4:f5:
83:0e:1e:98:db:c5:d1:c8:dc:8a:aa:d8:64:53:d9:
f5:bc:63:0e:51:61:b6:8a:0e:1f:6f:5e:bd:29:a6:
c7:57:ea:ba:3b:7b:aa:cb:75:6c:d7:ea:41:5e:57:
d9:22:74:e9:56:cb:17:f9:1b:a5:64:c0:87:80:3c:
fc:12:ee:2b:ac:36:2e:24:40:8f:1f:ee:30:13:e0:
10:90:2c:62:03:5d:1a:09:17:99:ff:65:30:f5:53:
cd:4f:5e:cb:f2:64:f5:e4:bc:62:82:88:16:86:8f:
98:eb:65:9f:63:8d:e6:51:25:77:6d:e5:96:c8:72:
67:ff:0e:0a:11:99:2a:af:8e:45:b3:ff:35:0d:e7:
6d:4d:50:d8:3c:32:6a:f9:4c:57:dd:68:72:71:00:
26:cf:73:de:87:72:0c:48:98:01:ce:ec:22:b6:53:
c9:20:ed:49:5f:e3:65:13:fc:7e:31:a3:91:03:4f:
9b:62:1e:57:0c:80:b6:69:6c:37:7f:f1:bb:32:b4:
98:67:6e:e7:c9:33:bc:52:4c:bb:aa:1a:15:93:f2:
af:90:23:83:6e:25:55:dd:11:95:a4:28:1b:4c:34:
77:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:3D:6E:7D:53:C8:0A:EA:E2:2B:74:6E:7E:80:89:23:30:10:02:46
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Rz1ufVPICuriK3RufoCJIzAQAkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:5f:10:c1:0c:9c:87:9a:2b:59:0f:bf:a1:57:a7:c6:2e:00:
c0:1a:38:75:91:4b:b6:9c:84:59:a2:92:04:62:73:d7:7d:8c:
58:00:25:be:0a:81:1f:fd:b0:67:17:68:fd:3f:a0:ea:1b:47:
58:4c:5d:fd:a9:9b:bd:e2:6b:e1:73:79:15:8f:50:34:b7:33:
57:e0:10:33:eb:29:e0:d3:36:da:b7:37:42:75:e3:03:68:2f:
85:00:24:9d:6f:d4:f5:87:23:aa:cc:6b:2d:e6:a7:21:1b:33:
02:28:8b:97:20:50:6c:0b:d8:9f:5d:a3:1c:23:89:e1:1f:e9:
18:4b:7f:ca:6f:f0:31:40:1f:2c:3c:8f:0b:7f:83:7f:bf:c5:
b4:e1:af:cb:93:a2:14:0d:fe:96:a9:17:0e:a7:8a:f3:4d:8e:
c9:64:8d:7c:fe:eb:e4:a7:ad:33:f4:1a:49:94:e9:12:c3:f3:
6c:de:d6:2a:3b:30:0f:00:c9:02:dc:07:23:72:99:f0:68:ec:
73:93:c7:56:35:92:4e:be:4e:a4:a6:a1:85:47:e5:bb:b0:2e:
d2:8c:f4:60:e7:30:fe:2d:1a:7a:81:85:f0:93:4e:38:c2:00:
f2:8f:61:55:52:69:4b:3d:ac:bb:0a:0a:11:54:7a:e8:1c:27:
b2:1a:01:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWUDuSIizY49AuDQcbxkZ5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA5MDEwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzNkNmU3ZDUzYzgwYWVhZTIyYjc0NmU3ZTgwODkyMzMwMTAwMjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA100q1lorvTSYGD0HDNyAgawcEQie
NsxtrSxoxPWDDh6Y28XRyNyKqthkU9n1vGMOUWG2ig4fb169KabHV+q6O3uqy3Vs
1+pBXlfZInTpVssX+RulZMCHgDz8Eu4rrDYuJECPH+4wE+AQkCxiA10aCReZ/2Uw
9VPNT17L8mT15LxigogWho+Y62WfY43mUSV3beWWyHJn/w4KEZkqr45Fs/81Dedt
TVDYPDJq+UxX3WhycQAmz3Peh3IMSJgBzuwitlPJIO1JX+NlE/x+MaORA0+bYh5X
DIC2aWw3f/G7MrSYZ27nyTO8Uky7qhoVk/KvkCODbiVV3RGVpCgbTDR3BwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEc9bn1TyArq4it0bn6AiSMwEAJGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUnoxdWZWUElDdXJpSzNSdWZvQ0pJekFRQWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI1fEMEMnIeaK1kPv6FX
p8YuAMAaOHWRS7achFmikgRic9d9jFgAJb4KgR/9sGcXaP0/oOobR1hMXf2pm73i
a+FzeRWPUDS3M1fgEDPrKeDTNtq3N0J14wNoL4UAJJ1v1PWHI6rMay3mpyEbMwIo
i5cgUGwL2J9doxwjieEf6RhLf8pv8DFAHyw8jwt/g3+/xbThr8uTohQN/papFw6n
ivNNjslkjXz+6+SnrTP0GkmU6RLD82ze1io7MA8AyQLcByNymfBo7HOTx1Y1kk6+
TqSmoYVH5buwLtKM9GDnMP4tGnqBhfCTTjjCAPKPYVVSaUs9rLsKChFUeugcJ7Ia
AfI=
-----END CERTIFICATE-----
Generated at Fri May 2 05:23:14 2025 by rpki-client