Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S1DzhwSjuT6kDBSr_GBLF2BoVyQ.roa
File: S1DzhwSjuT6kDBSr_GBLF2BoVyQ.roa (raw, json)
Hash identifier: ILaFflgtGNoXZvu4CHq0boRqZm0b8540C1SP5u5QKsQ=
Subject key identifier: 4B:50:F3:87:04:A3:B9:3E:A4:0C:14:AB:FC:60:4B:17:60:68:57:24
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188AE39037E17879991EF6DEE5C4966573E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S1DzhwSjuT6kDBSr_GBLF2BoVyQ.roa
Signing time: Mon 12 Jun 2023 06:09:11 +0000
ROA not before: Mon 12 Jun 2023 06:09:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ae:39:03:7e:17:87:99:91:ef:6d:ee:5c:49:66:57:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 12 06:09:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b50f38704a3b93ea40c14abfc604b1760685724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:23:7d:b8:0a:e8:6c:9c:b1:d4:3c:c6:a5:a4:
a0:3b:75:58:c8:90:3d:f4:75:cf:7a:7b:8f:35:5f:
7f:86:f5:1f:56:b3:dd:51:da:7a:59:0a:73:f0:ec:
2b:ff:b1:eb:83:22:ce:61:21:93:d8:db:be:c7:35:
2f:81:77:16:15:bd:9c:13:e9:2f:5e:05:cb:7f:30:
45:04:b9:28:f5:4f:fc:16:c3:a4:59:5d:1e:b9:82:
cc:34:db:ab:90:2b:5c:05:e0:1c:9f:79:39:0e:e3:
24:01:24:1d:fb:c8:15:01:f2:b6:0c:3f:b5:f4:9b:
bb:63:e6:bd:57:e8:cf:39:9d:64:35:e6:35:55:76:
e4:d7:5f:85:19:f7:8d:50:13:7c:cb:2f:56:2a:2e:
9c:8e:55:64:3f:9b:f6:7c:4e:f6:45:48:57:f4:a7:
80:cb:87:e9:d7:06:99:06:d7:d6:fb:1f:dd:fb:22:
a9:c6:5f:af:94:cb:ae:8a:1b:bf:7e:5a:db:b1:a6:
6e:aa:1a:3e:11:23:1c:13:e7:25:5f:83:d9:5b:a9:
30:e8:6f:11:b5:6d:49:43:01:f2:08:1b:37:39:00:
7f:83:db:37:f3:e1:5c:d4:73:d8:9a:7c:32:4a:b8:
69:b9:47:0c:a6:9e:7a:28:8a:6c:e7:7b:f1:6c:50:
69:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:50:F3:87:04:A3:B9:3E:A4:0C:14:AB:FC:60:4B:17:60:68:57:24
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S1DzhwSjuT6kDBSr_GBLF2BoVyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:e6:71:17:df:d9:5d:16:a1:21:d8:2b:3b:dc:0a:92:ee:40:
97:31:8f:c3:fa:50:1e:35:6d:7d:d5:9c:51:2e:2a:0d:2b:a8:
df:9f:d4:fd:12:3c:e6:6c:4a:bb:a0:d9:f3:f6:ad:72:3b:be:
ae:31:ab:71:c2:dd:49:96:90:80:1c:d7:db:de:96:5f:6a:c2:
55:f3:96:5e:45:83:81:2e:fb:df:d2:26:3f:23:8c:5c:c6:80:
fe:7c:c5:c2:77:5b:d0:76:39:9d:6f:40:49:c8:09:9b:1d:a7:
e1:fd:8e:2b:bd:53:d6:65:4f:aa:84:79:21:46:8d:31:65:05:
e1:5c:c5:9e:83:f9:ad:19:0b:de:6a:ee:70:c4:da:b8:b4:60:
31:4c:26:11:51:ff:9a:50:13:a0:43:f1:8d:9f:c3:b7:11:71:
a1:0c:1d:71:48:0f:00:f7:f5:9b:52:0a:5f:0b:55:5d:f3:56:
c3:8e:27:a9:fb:01:aa:90:6b:3a:58:cb:35:4f:1a:d2:57:92:
48:5b:aa:24:2c:2c:fc:9f:63:d9:3f:28:96:a9:4e:7c:0d:8c:
15:e5:22:04:b1:d3:77:4c:b1:20:ef:45:c0:0f:31:ca:06:5c:
6b:82:3e:08:6e:a4:de:c8:e3:5c:a4:a2:fc:1f:44:69:b1:6d:
9d:59:94:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiuOQN+F4eZke9t7lxJZlc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjEyMDYwOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjUwZjM4NzA0YTNiOTNlYTQwYzE0YWJmYzYwNGIxNzYwNjg1NzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSN9uArobJyx1DzGpaSgO3VYyJA9
9HXPenuPNV9/hvUfVrPdUdp6WQpz8Owr/7HrgyLOYSGT2Nu+xzUvgXcWFb2cE+kv
XgXLfzBFBLko9U/8FsOkWV0euYLMNNurkCtcBeAcn3k5DuMkASQd+8gVAfK2DD+1
9Ju7Y+a9V+jPOZ1kNeY1VXbk11+FGfeNUBN8yy9WKi6cjlVkP5v2fE72RUhX9KeA
y4fp1waZBtfW+x/d+yKpxl+vlMuuihu/flrbsaZuqho+ESMcE+clX4PZW6kw6G8R
tW1JQwHyCBs3OQB/g9s38+Fc1HPYmnwySrhpuUcMpp56KIps53vxbFBpZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEtQ84cEo7k+pAwUq/xgSxdgaFckMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUzFEemh3U2p1VDZrREJTcl9HQkxGMkJvVnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEvmcRff2V0WoSHYKzvc
CpLuQJcxj8P6UB41bX3VnFEuKg0rqN+f1P0SPOZsSrug2fP2rXI7vq4xq3HC3UmW
kIAc19vell9qwlXzll5Fg4Eu+9/SJj8jjFzGgP58xcJ3W9B2OZ1vQEnICZsdp+H9
jiu9U9ZlT6qEeSFGjTFlBeFcxZ6D+a0ZC95q7nDE2ri0YDFMJhFR/5pQE6BD8Y2f
w7cRcaEMHXFIDwD39ZtSCl8LVV3zVsOOJ6n7AaqQazpYyzVPGtJXkkhbqiQsLPyf
Y9k/KJapTnwNjBXlIgSx03dMsSDvRcAPMcoGXGuCPghupN7I41ykovwfRGmxbZ1Z
lDQ=
-----END CERTIFICATE-----
Generated at Fri May 2 17:40:27 2025 by rpki-client