Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SBO4OOy3cOCMg-uiylepKRmmlGc.roa
File: SBO4OOy3cOCMg-uiylepKRmmlGc.roa (raw, json)
Hash identifier: CzgEmV+6W845CADnn74Sv5aFyFvSkAQ6QTqmsCq2rTA=
Subject key identifier: 48:13:B8:38:EC:B7:70:E0:8C:83:EB:A2:CA:57:A9:29:19:A6:94:67
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A043DABD96630E58976688C32F1F29234
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SBO4OOy3cOCMg-uiylepKRmmlGc.roa
Signing time: Thu 17 Aug 2023 16:04:25 +0000
ROA not before: Thu 17 Aug 2023 16:04:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:43d:987c/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:04:3d:ab:d9:66:30:e5:89:76:68:8c:32:f1:f2:92:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 17 16:04:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4813b838ecb770e08c83eba2ca57a92919a69467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:31:88:eb:87:d2:64:e7:9f:77:3e:4b:83:77:
4a:bb:56:37:d4:3d:42:cb:e6:37:37:e7:bf:e6:44:
26:34:ce:4e:c2:12:58:b8:6d:61:be:7b:ca:60:c5:
2f:a8:11:97:fb:60:e3:21:7b:23:aa:ef:dc:da:57:
ba:a2:8f:50:5f:5b:4a:c1:7a:27:f4:35:71:44:50:
f5:9e:e4:f4:e5:1f:78:2d:84:6b:88:8b:e1:21:f0:
d0:0b:2f:af:ac:bb:c7:f7:06:ea:31:5d:ac:2e:38:
ec:39:1e:5c:a1:3d:a9:99:50:8c:63:c2:5c:ba:5e:
b2:41:ea:4a:cd:ce:3f:5b:20:10:5d:d5:cc:ec:01:
5c:ed:90:02:72:74:71:04:0d:06:97:32:b5:9a:7a:
73:30:b9:ca:b8:19:90:c1:dc:a0:cb:b5:b1:d9:d2:
74:8f:23:9c:99:b7:66:ce:9b:fb:8a:5d:ee:66:67:
eb:41:0a:aa:e5:bd:3a:78:ca:ff:5d:63:d9:9d:1c:
35:46:f1:e7:5f:de:3d:40:0e:9a:f4:76:31:74:6f:
b9:a8:8e:d2:0b:e7:40:f5:32:26:5d:fa:22:ca:01:
a9:d5:08:ad:d5:36:1f:53:ab:21:c8:5e:ce:9f:47:
4a:11:19:68:54:ac:ca:56:3a:0b:d3:8b:70:4b:18:
4f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:13:B8:38:EC:B7:70:E0:8C:83:EB:A2:CA:57:A9:29:19:A6:94:67
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SBO4OOy3cOCMg-uiylepKRmmlGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:30:7c:c4:db:dc:cf:58:63:1e:7a:e7:8e:8d:dc:6b:55:34:
75:61:ed:cd:93:eb:35:21:49:5d:b8:92:8e:9d:f5:69:5c:5d:
42:46:6f:6f:3f:95:17:7e:34:20:f1:b2:39:00:8f:c5:44:ae:
0a:d6:e5:16:0c:5e:a7:88:9e:15:de:86:1a:78:84:1f:a6:b5:
aa:07:ff:d0:67:4d:25:d7:95:9e:bb:f2:db:71:f2:78:75:fb:
ee:8d:a4:50:f9:3a:7d:de:12:40:01:8a:6f:f6:3f:f5:6a:32:
3f:f7:1d:d2:21:95:50:04:4c:25:9a:72:42:12:db:89:02:a0:
91:1d:2e:89:21:9f:26:dd:e5:33:50:47:4b:81:5c:de:b8:eb:
e7:d2:05:ce:28:59:34:b6:2e:0c:0a:36:82:26:0d:cf:8c:d2:
ce:75:83:e8:bb:d7:86:9b:50:1c:cf:3f:1b:47:71:31:ec:f5:
1b:d8:80:46:24:67:7f:ed:de:f4:2f:1b:38:f8:8b:e7:ae:0c:
6a:fd:bd:b8:38:de:46:3d:29:36:d8:9f:10:30:3a:18:84:14:
11:72:ce:ca:0f:c8:12:ea:ed:e9:16:54:3f:4b:f3:35:a5:fa:
a1:1e:94:6b:f7:af:d1:0b:c8:cc:4c:b2:fb:8a:6a:14:b8:b8:
25:01:22:2b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoEPavZZjDliXZojDLx8pI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE3MTYwNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODEzYjgzOGVjYjc3MGUwOGM4M2ViYTJjYTU3YTkyOTE5YTY5NDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jGI64fSZOefdz5Lg3dKu1Y31D1C
y+Y3N+e/5kQmNM5OwhJYuG1hvnvKYMUvqBGX+2DjIXsjqu/c2le6oo9QX1tKwXon
9DVxRFD1nuT05R94LYRriIvhIfDQCy+vrLvH9wbqMV2sLjjsOR5coT2pmVCMY8Jc
ul6yQepKzc4/WyAQXdXM7AFc7ZACcnRxBA0GlzK1mnpzMLnKuBmQwdygy7Wx2dJ0
jyOcmbdmzpv7il3uZmfrQQqq5b06eMr/XWPZnRw1RvHnX949QA6a9HYxdG+5qI7S
C+dA9TImXfoiygGp1Qit1TYfU6shyF7On0dKERloVKzKVjoL04twSxhPJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEgTuDjst3DgjIProspXqSkZppRnMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvU0JPNE9PeTNjT0NNZy11aXlsZXBLUm1tbEdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIYwfMTb3M9YYx56546N
3GtVNHVh7c2T6zUhSV24ko6d9WlcXUJGb28/lRd+NCDxsjkAj8VErgrW5RYMXqeI
nhXehhp4hB+mtaoH/9BnTSXXlZ678ttx8nh1++6NpFD5On3eEkABim/2P/VqMj/3
HdIhlVAETCWackIS24kCoJEdLokhnybd5TNQR0uBXN646+fSBc4oWTS2LgwKNoIm
Dc+M0s51g+i714abUBzPPxtHcTHs9RvYgEYkZ3/t3vQvGzj4i+euDGr9vbg43kY9
KTbYnxAwOhiEFBFyzsoPyBLq7ekWVD9L8zWl+qEelGv3r9ELyMxMsvuKahS4uCUB
Iis=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:36:06 2025 by rpki-client