Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SfKRzdY4ovmACn0R7KSydCVjDrw.roa
File: SfKRzdY4ovmACn0R7KSydCVjDrw.roa (raw, json)
Hash identifier: 11QOSt8FW/arm3w1dYOGgAIYdVp6+iYxFHD8/A/G/EM=
Subject key identifier: 49:F2:91:CD:D6:38:A2:F9:80:0A:7D:11:EC:A4:B2:74:25:63:0E:BC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3C08B9A423983307688F42B3905A1FCC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SfKRzdY4ovmACn0R7KSydCVjDrw.roa
Signing time: Mon 28 Aug 2023 12:05:19 +0000
ROA not before: Mon 28 Aug 2023 12:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:3c08:406/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:08:b9:a4:23:98:33:07:68:8f:42:b3:90:5a:1f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 12:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49f291cdd638a2f9800a7d11eca4b27425630ebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e0:61:43:b0:fc:cf:b0:da:c0:46:76:df:13:
85:7e:74:b6:85:ca:50:59:b0:5d:e0:5a:9d:e5:9e:
74:6e:9b:fc:f0:4f:11:db:72:96:e3:6f:69:6d:83:
1f:05:f3:68:5b:a4:33:84:d9:22:7e:c2:06:ca:fa:
d2:8a:48:18:0c:26:7a:ba:97:e3:6d:cc:43:63:16:
c3:9e:a2:14:65:55:a6:31:f7:3e:b3:ff:82:72:30:
7d:42:90:9a:84:92:bf:61:a4:12:54:5a:6d:8a:33:
59:cf:a7:4c:d5:3d:f9:a5:e8:52:9b:08:c6:75:0e:
b5:d9:39:a0:8c:f4:ff:5e:61:c1:ec:5d:af:45:42:
88:94:bc:f6:8e:b6:cf:b8:da:54:9d:74:34:b7:c2:
af:19:c9:2d:c3:79:47:be:e3:a7:4f:22:3d:14:30:
4d:39:5b:7d:98:80:94:14:a1:b7:aa:9e:b3:01:3f:
5c:96:ea:36:f3:e4:b0:2a:55:ce:40:f3:51:e1:5e:
e6:d7:67:9e:7b:f0:36:bb:a8:8b:ef:a2:b6:c4:1c:
08:6d:d2:e1:4a:6f:f0:34:d9:f0:2f:3b:59:61:cd:
bd:32:50:0d:63:55:8f:d5:e3:74:4d:be:f7:28:27:
80:12:20:8b:bf:ee:8e:21:4e:45:56:98:e0:70:a3:
85:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F2:91:CD:D6:38:A2:F9:80:0A:7D:11:EC:A4:B2:74:25:63:0E:BC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SfKRzdY4ovmACn0R7KSydCVjDrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:e4:6e:aa:d8:67:7c:3b:49:02:4d:86:fd:ba:b7:b9:6c:3b:
ae:e3:e7:89:4a:aa:e1:c4:8b:3f:29:8e:f8:ab:8b:bb:32:4a:
32:68:1c:0d:79:94:00:c6:e0:1b:d5:fa:7a:e0:67:68:ae:78:
67:6a:28:e9:a6:14:b2:e2:e7:d8:6b:c0:83:b9:9a:eb:eb:b7:
0b:d2:f8:96:eb:1f:b0:78:54:92:0e:f4:08:12:f2:00:a0:74:
c7:e9:7d:6a:e1:d6:4b:09:45:02:08:01:94:6d:a6:26:c5:34:
8b:8b:56:82:5f:13:c9:58:fd:08:ea:2c:d6:d6:91:23:5f:fb:
a0:d8:7d:11:1d:49:33:19:36:1f:68:f6:5c:75:50:df:9b:7d:
b3:17:c6:28:b1:d5:c2:05:c2:2b:81:75:64:c0:76:35:14:14:
14:c1:47:11:bd:14:ed:56:91:8c:c8:5a:68:e8:69:ab:ba:7a:
c0:48:2b:5e:3b:5f:43:56:26:fb:ea:d6:00:0a:10:cc:28:6d:
bf:2a:91:45:2c:7d:be:8b:48:78:9a:a7:a2:42:f2:f9:9b:96:
e2:a9:29:96:f4:40:77:87:58:e6:2f:eb:bf:41:8c:7d:5f:86:
fe:d6:ed:ff:31:73:86:42:8b:8f:87:30:76:77:64:eb:b1:f1:
eb:15:8e:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo8CLmkI5gzB2iPQrOQWh/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI4MTIwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWYyOTFjZGQ2MzhhMmY5ODAwYTdkMTFlY2E0YjI3NDI1NjMwZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuBhQ7D8z7DawEZ23xOFfnS2hcpQ
WbBd4Fqd5Z50bpv88E8R23KW429pbYMfBfNoW6QzhNkifsIGyvrSikgYDCZ6upfj
bcxDYxbDnqIUZVWmMfc+s/+CcjB9QpCahJK/YaQSVFptijNZz6dM1T35pehSmwjG
dQ612TmgjPT/XmHB7F2vRUKIlLz2jrbPuNpUnXQ0t8KvGcktw3lHvuOnTyI9FDBN
OVt9mICUFKG3qp6zAT9cluo28+SwKlXOQPNR4V7m12eee/A2u6iL76K2xBwIbdLh
Sm/wNNnwLztZYc29MlANY1WP1eN0Tb73KCeAEiCLv+6OIU5FVpjgcKOFPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEnykc3WOKL5gAp9EeyksnQlYw68MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvU2ZLUnpkWTRvdm1BQ24wUjdLU3lkQ1ZqRHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJzkbqrYZ3w7SQJNhv26
t7lsO67j54lKquHEiz8pjviri7sySjJoHA15lADG4BvV+nrgZ2iueGdqKOmmFLLi
59hrwIO5muvrtwvS+JbrH7B4VJIO9AgS8gCgdMfpfWrh1ksJRQIIAZRtpibFNIuL
VoJfE8lY/QjqLNbWkSNf+6DYfREdSTMZNh9o9lx1UN+bfbMXxiix1cIFwiuBdWTA
djUUFBTBRxG9FO1WkYzIWmjoaau6esBIK147X0NWJvvq1gAKEMwobb8qkUUsfb6L
SHiap6JC8vmbluKpKZb0QHeHWOYv679BjH1fhv7W7f8xc4ZCi4+HMHZ3ZOux8esV
jm8=
-----END CERTIFICATE-----
Generated at Thu May 1 19:51:16 2025 by rpki-client