Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S3q0Zt0VXSF3jh7fvL88VxOzg8A.roa
File: S3q0Zt0VXSF3jh7fvL88VxOzg8A.roa (raw, json)
Hash identifier: ZKnKviKO/4xNJ0wzmoLH+T0ZMpFh7l7iP+gNrYdGdfo=
Subject key identifier: 4B:7A:B4:66:DD:15:5D:21:77:8E:1E:DF:BC:BF:3C:57:13:B3:83:C0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189BF2F5A435ED38787D7D00A85BF2B00A9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S3q0Zt0VXSF3jh7fvL88VxOzg8A.roa
Signing time: Fri 04 Aug 2023 06:14:58 +0000
ROA not before: Fri 04 Aug 2023 06:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bf:2f:5a:43:5e:d3:87:87:d7:d0:0a:85:bf:2b:00:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 4 06:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b7ab466dd155d21778e1edfbcbf3c5713b383c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:17:c8:da:eb:30:e7:9b:37:43:9c:5f:f6:8e:
c8:a1:db:e8:1d:09:80:96:6d:f4:92:b6:a0:d2:e4:
4b:e2:2c:90:8a:ab:fa:0b:b4:ca:9c:46:0d:5c:d4:
be:65:5e:92:80:81:42:0d:4d:13:be:ed:5c:cc:50:
16:33:9a:32:d5:4d:d9:72:07:ce:2b:c6:61:3d:c4:
42:11:13:1a:b5:f0:c6:b3:1f:0c:c1:a6:38:03:61:
09:1d:46:49:07:52:d4:ac:62:e7:30:e5:ec:41:b3:
7a:39:37:a6:a6:e7:07:e8:f9:93:d8:81:f8:7b:27:
1b:69:2d:76:c8:c6:6b:31:1c:cd:cb:c9:a9:f8:5c:
00:22:92:ca:d8:32:d3:a7:cc:e4:ae:f1:44:f8:74:
57:c8:3f:06:a4:2c:63:8a:6b:31:f6:a3:3b:d3:fb:
b7:dd:c4:57:1d:1e:3c:51:46:16:3f:db:fa:15:c4:
4f:42:15:a5:07:3d:33:29:69:75:09:b2:39:b6:98:
47:c1:b2:e9:c6:8e:ce:55:ff:db:fc:a8:39:34:09:
0a:f8:82:8a:72:b1:93:a4:8d:9b:cf:5b:9a:c4:13:
f3:4b:d7:a0:b9:41:7d:80:57:7a:38:89:3a:d8:19:
7b:49:f6:a5:b1:38:f0:4b:3e:4e:23:47:0d:b0:10:
c6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7A:B4:66:DD:15:5D:21:77:8E:1E:DF:BC:BF:3C:57:13:B3:83:C0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S3q0Zt0VXSF3jh7fvL88VxOzg8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:0f:a6:70:87:27:a9:3c:05:55:b2:79:18:57:05:5b:c6:23:
36:d2:8b:e9:f0:4d:f8:27:b4:4c:ec:89:b9:85:ad:c7:d0:ef:
03:0f:8a:02:c9:b1:b0:75:fe:92:60:b2:20:39:1e:fe:b6:3b:
94:1f:d0:4e:1f:13:eb:0c:97:69:e0:4d:df:f6:21:25:ac:25:
3a:4b:22:e4:7e:7a:3f:30:b6:6a:d9:0a:2f:cd:c8:2f:75:13:
76:5b:7b:00:08:18:26:43:32:0f:38:10:95:c3:4f:fe:9e:de:
8f:a1:e8:49:7e:41:b6:39:d6:56:64:dc:0f:0f:da:1d:67:9e:
4c:47:4f:45:ef:95:1b:a3:d4:80:b8:7e:0d:4d:85:d0:3c:96:
66:2d:d5:db:f0:ab:29:3f:c0:24:f1:9c:78:68:64:11:5b:50:
9c:bc:e6:33:07:bf:3a:66:38:94:aa:9b:a8:13:f5:9c:63:e5:
25:91:60:b9:2e:0a:a9:53:44:37:9d:4f:10:4e:c4:9e:6a:81:
19:44:91:1b:3e:03:dc:6c:e8:62:c3:cb:d5:77:1f:9d:06:cd:
c2:07:d5:6b:a7:f6:48:17:3e:29:e2:63:bd:74:05:3d:c6:b4:
8d:78:fc:9b:91:20:0e:2a:8b:a7:1f:e8:b6:dc:e6:f7:c0:9b:
a2:cb:6e:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm/L1pDXtOHh9fQCoW/KwCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA0MDYxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjdhYjQ2NmRkMTU1ZDIxNzc4ZTFlZGZiY2JmM2M1NzEzYjM4M2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhfI2usw55s3Q5xf9o7IodvoHQmA
lm30krag0uRL4iyQiqv6C7TKnEYNXNS+ZV6SgIFCDU0Tvu1czFAWM5oy1U3ZcgfO
K8ZhPcRCERMatfDGsx8MwaY4A2EJHUZJB1LUrGLnMOXsQbN6OTempucH6PmT2IH4
eycbaS12yMZrMRzNy8mp+FwAIpLK2DLTp8zkrvFE+HRXyD8GpCxjimsx9qM70/u3
3cRXHR48UUYWP9v6FcRPQhWlBz0zKWl1CbI5tphHwbLpxo7OVf/b/Kg5NAkK+IKK
crGTpI2bz1uaxBPzS9eguUF9gFd6OIk62Bl7SfalsTjwSz5OI0cNsBDGkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEt6tGbdFV0hd44e37y/PFcTs4PAMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUzNxMFp0MFZYU0Yzamg3ZnZMODhWeE96ZzhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEMPpnCHJ6k8BVWyeRhX
BVvGIzbSi+nwTfgntEzsibmFrcfQ7wMPigLJsbB1/pJgsiA5Hv62O5Qf0E4fE+sM
l2ngTd/2ISWsJTpLIuR+ej8wtmrZCi/NyC91E3ZbewAIGCZDMg84EJXDT/6e3o+h
6El+QbY51lZk3A8P2h1nnkxHT0XvlRuj1IC4fg1NhdA8lmYt1dvwqyk/wCTxnHho
ZBFbUJy85jMHvzpmOJSqm6gT9Zxj5SWRYLkuCqlTRDedTxBOxJ5qgRlEkRs+A9xs
6GLDy9V3H50GzcIH1Wun9kgXPiniY710BT3GtI14/JuRIA4qi6cf6Lbc5vfAm6LL
bo0=
-----END CERTIFICATE-----
Generated at Fri May 2 14:02:44 2025 by rpki-client