Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SGzFjNAAHHPHqM8EtyXKLohJ75s.roa
File: SGzFjNAAHHPHqM8EtyXKLohJ75s.roa (raw, json)
Hash identifier: Sey5zsBKiqzSPSq8T0M7CAqL2X1TE8MDHsXPUmCRqLI=
Subject key identifier: 48:6C:C5:8C:D0:00:1C:73:C7:A8:CF:04:B7:25:CA:2E:88:49:EF:9B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185801DE9351825FA1DC915CE35074BAA50
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SGzFjNAAHHPHqM8EtyXKLohJ75s.roa
Signing time: Thu 05 Jan 2023 04:08:41 +0000
ROA not before: Thu 05 Jan 2023 04:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:80:1d:e9:35:18:25:fa:1d:c9:15:ce:35:07:4b:aa:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 5 04:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=486cc58cd0001c73c7a8cf04b725ca2e8849ef9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b5:84:bb:2f:31:8e:de:1d:62:a2:14:e0:bf:
a7:62:2d:29:57:4f:3d:08:06:3e:e2:ec:3b:03:53:
81:cb:87:30:63:58:df:51:85:ed:a4:fe:13:22:0f:
d2:e0:2f:0b:e5:43:4d:f9:79:ad:2e:82:2f:67:92:
00:7e:cd:3c:e7:90:c8:6d:98:22:1b:ff:5e:7e:57:
be:89:d6:6a:a6:f1:29:85:55:e7:b0:32:8c:e0:e3:
0b:ad:45:7e:56:76:aa:bd:55:49:53:ac:a8:44:22:
88:4d:28:12:d3:de:19:36:da:20:87:e0:2f:9d:a5:
66:0f:7a:2f:40:cf:e8:d8:e5:35:92:2e:c9:82:eb:
06:8f:5f:65:ca:38:c7:67:04:16:c8:58:19:87:21:
b2:63:0b:c6:31:4b:75:47:50:68:ad:dc:c0:03:aa:
0f:a3:e0:ea:c2:99:69:7d:37:b7:15:fc:9a:5c:1b:
18:f0:cc:b4:08:43:0e:4c:64:58:1f:7e:c9:ac:f6:
e1:e7:b4:9e:78:cc:67:9c:af:81:7f:d4:7e:55:65:
3e:28:e7:ad:a8:a9:96:0e:44:39:db:0e:41:11:e4:
69:5a:57:dc:29:97:2f:0f:11:b8:a4:d9:18:c8:65:
c5:eb:9b:68:a3:19:16:e4:d8:64:6f:d1:12:63:3c:
e2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:6C:C5:8C:D0:00:1C:73:C7:A8:CF:04:B7:25:CA:2E:88:49:EF:9B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SGzFjNAAHHPHqM8EtyXKLohJ75s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:bf:c5:57:f6:ee:dd:84:ef:a8:ea:57:c0:81:96:8c:32:59:
4f:90:1f:5b:e7:a5:14:aa:c7:52:cf:52:c9:f9:08:0b:45:eb:
ed:cd:18:91:20:ca:4f:e2:aa:43:ba:b2:9a:41:d5:30:f6:3d:
d0:d3:fc:74:c6:6d:e1:1f:3c:e2:b7:b6:35:bf:20:c4:4f:f2:
c6:8f:55:bc:c5:27:de:2c:01:74:d8:a9:a2:ec:fa:dc:ba:ac:
e1:cb:d9:02:0e:c2:4d:0e:3d:80:28:4e:f2:9c:d6:1a:f6:ee:
5e:69:5e:66:89:ad:d3:65:aa:db:2e:18:12:72:cd:43:c4:8c:
90:92:01:3d:9a:3a:2d:58:10:e2:97:7a:20:77:4f:d1:62:16:
f3:ee:fa:fb:8b:83:53:ed:78:58:5d:4d:e0:84:87:1f:80:5e:
4c:4c:0d:ed:b6:7f:f3:8d:b3:8a:90:8b:70:2d:91:d4:91:59:
0b:48:bb:45:96:d5:6c:9b:41:3d:9c:07:f7:c1:6b:ee:96:c7:
03:cf:c3:37:f8:70:dd:79:45:e8:d8:49:86:51:b6:63:02:7d:
a8:36:4c:08:b8:77:48:e4:54:90:37:a2:e2:dd:7b:5c:b6:6c:
13:f8:4f:5d:bd:5c:7a:21:8d:ea:35:73:b5:45:a0:f5:a2:06:
74:83:0d:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWAHek1GCX6HckVzjUHS6pQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA1MDQwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODZjYzU4Y2QwMDAxYzczYzdhOGNmMDRiNzI1Y2EyZTg4NDllZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrWEuy8xjt4dYqIU4L+nYi0pV089
CAY+4uw7A1OBy4cwY1jfUYXtpP4TIg/S4C8L5UNN+XmtLoIvZ5IAfs0855DIbZgi
G/9efle+idZqpvEphVXnsDKM4OMLrUV+VnaqvVVJU6yoRCKITSgS094ZNtogh+Av
naVmD3ovQM/o2OU1ki7JgusGj19lyjjHZwQWyFgZhyGyYwvGMUt1R1BordzAA6oP
o+DqwplpfTe3FfyaXBsY8My0CEMOTGRYH37JrPbh57SeeMxnnK+Bf9R+VWU+KOet
qKmWDkQ52w5BEeRpWlfcKZcvDxG4pNkYyGXF65tooxkW5Nhkb9ESYzziTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEhsxYzQABxzx6jPBLclyi6ISe+bMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvU0d6RmpOQUFISFBIcU04RXR5WEtMb2hKNzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAy/xVf27t2E76jqV8CB
lowyWU+QH1vnpRSqx1LPUsn5CAtF6+3NGJEgyk/iqkO6sppB1TD2PdDT/HTGbeEf
POK3tjW/IMRP8saPVbzFJ94sAXTYqaLs+ty6rOHL2QIOwk0OPYAoTvKc1hr27l5p
XmaJrdNlqtsuGBJyzUPEjJCSAT2aOi1YEOKXeiB3T9FiFvPu+vuLg1PteFhdTeCE
hx+AXkxMDe22f/ONs4qQi3AtkdSRWQtIu0WW1WybQT2cB/fBa+6WxwPPwzf4cN15
RejYSYZRtmMCfag2TAi4d0jkVJA3ouLde1y2bBP4T129XHohjeo1c7VFoPWiBnSD
DQg=
-----END CERTIFICATE-----
Generated at Thu May 1 11:30:21 2025 by rpki-client