Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SguYbKksoKwVCjkwSUwMi7RwUSk.roa
File: SguYbKksoKwVCjkwSUwMi7RwUSk.roa (raw, json)
Hash identifier: 00z+K/kKGvwnd1Uc4oO+pZGQ3gd4YVFzl52KnXB7EZA=
Subject key identifier: 4A:0B:98:6C:A9:2C:A0:AC:15:0A:39:30:49:4C:0C:8B:B4:70:51:29
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189B1DE82E3E35D5D6C536F62CBB40016E2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SguYbKksoKwVCjkwSUwMi7RwUSk.roa
Signing time: Tue 01 Aug 2023 16:11:36 +0000
ROA not before: Tue 01 Aug 2023 16:11:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b1:de:82:e3:e3:5d:5d:6c:53:6f:62:cb:b4:00:16:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 1 16:11:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a0b986ca92ca0ac150a3930494c0c8bb4705129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:da:04:4b:f2:9e:1c:01:a4:9c:2c:b3:8d:cf:
e0:09:04:40:7e:7f:f1:d6:6b:89:cb:e8:d4:32:ba:
48:fb:be:63:2d:45:f6:48:75:18:63:3a:5d:a1:f6:
f0:4e:73:cb:ba:4e:61:a7:fb:21:75:4d:d4:1a:ab:
0a:4b:44:4a:c5:5a:38:58:73:6a:31:b2:32:fc:46:
d2:02:4e:87:87:69:fe:6e:a8:a2:ad:30:a2:f0:4b:
db:1a:91:f3:a9:4a:06:af:10:37:d1:ba:f8:3c:b1:
e9:09:bf:3a:8d:3e:37:2b:ca:e1:96:8a:20:96:f9:
5a:c9:a4:02:0e:1c:99:29:be:f0:24:6b:c8:40:d7:
89:e1:b1:1b:ca:f8:53:63:ce:44:8c:24:6c:2d:a2:
f4:13:fc:8d:62:52:45:5b:3f:bb:23:ce:d0:ef:7d:
0e:8f:0a:3f:b8:7c:a6:2b:d5:f3:a7:64:c8:f5:c9:
35:96:20:68:dc:d8:ab:eb:38:c0:7d:a7:2e:07:c7:
ae:43:5c:83:68:b2:5e:ef:e4:4d:33:a5:cd:5e:af:
ba:fa:0c:79:a4:21:2f:ae:62:39:bd:7f:2e:5d:1e:
12:c0:a0:20:59:4d:35:af:65:40:e1:03:7f:d6:df:
88:9c:0a:b6:44:b4:04:34:55:6e:bb:f4:c7:eb:b7:
c3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:0B:98:6C:A9:2C:A0:AC:15:0A:39:30:49:4C:0C:8B:B4:70:51:29
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SguYbKksoKwVCjkwSUwMi7RwUSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:8a:15:e4:bf:64:d6:3f:f4:62:cc:95:bb:03:f7:04:32:48:
1b:64:06:13:cb:c3:f6:00:23:74:4a:b2:f8:3c:31:22:46:45:
22:33:c9:96:53:7a:02:dd:63:d9:01:9a:96:b6:29:dd:5a:b2:
3b:3d:61:3e:62:94:09:df:51:fd:51:d2:91:f2:13:48:32:8e:
8a:9b:0d:73:b0:02:ae:28:30:77:08:2d:98:d7:7c:9c:ea:84:
03:c0:76:e0:ec:f8:83:76:e3:c6:73:ac:3c:44:d0:c8:95:74:
ef:37:9e:29:11:71:8e:cb:33:de:4c:2d:66:18:cc:ed:c3:06:
96:9b:14:8b:71:87:1c:17:e2:11:f9:a1:3f:fc:0b:54:16:bb:
c5:57:65:bd:95:b5:49:66:bd:e1:ae:20:98:89:37:24:73:ec:
97:f4:b4:b9:96:45:aa:39:4a:c0:eb:b8:ce:71:1c:d4:92:e2:
39:ba:a1:85:05:65:51:2b:68:44:f6:3d:15:9c:d2:04:8a:72:
2d:2e:2e:e1:ea:39:b4:2e:39:2c:8e:98:89:ac:a8:89:a5:97:
4c:2d:2b:b2:85:c5:bc:9e:76:0b:a2:26:8f:66:44:08:6d:ec:
10:c6:ea:59:5e:f3:43:f2:51:c4:b4:53:e1:3c:4b:27:19:7b:
ef:fa:19:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmx3oLj411dbFNvYsu0ABbiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODAxMTYxMTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTBiOTg2Y2E5MmNhMGFjMTUwYTM5MzA0OTRjMGM4YmI0NzA1MTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtoES/KeHAGknCyzjc/gCQRAfn/x
1muJy+jUMrpI+75jLUX2SHUYYzpdofbwTnPLuk5hp/shdU3UGqsKS0RKxVo4WHNq
MbIy/EbSAk6Hh2n+bqiirTCi8EvbGpHzqUoGrxA30br4PLHpCb86jT43K8rhloog
lvlayaQCDhyZKb7wJGvIQNeJ4bEbyvhTY85EjCRsLaL0E/yNYlJFWz+7I87Q730O
jwo/uHymK9Xzp2TI9ck1liBo3Nir6zjAfacuB8euQ1yDaLJe7+RNM6XNXq+6+gx5
pCEvrmI5vX8uXR4SwKAgWU01r2VA4QN/1t+InAq2RLQENFVuu/TH67fDjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEoLmGypLKCsFQo5MElMDIu0cFEpMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvU2d1WWJLa3NvS3dWQ2prd1NVd01pN1J3VVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI6KFeS/ZNY/9GLMlbsD
9wQySBtkBhPLw/YAI3RKsvg8MSJGRSIzyZZTegLdY9kBmpa2Kd1asjs9YT5ilAnf
Uf1R0pHyE0gyjoqbDXOwAq4oMHcILZjXfJzqhAPAduDs+IN248ZzrDxE0MiVdO83
nikRcY7LM95MLWYYzO3DBpabFItxhxwX4hH5oT/8C1QWu8VXZb2VtUlmveGuIJiJ
NyRz7Jf0tLmWRao5SsDruM5xHNSS4jm6oYUFZVEraET2PRWc0gSKci0uLuHqObQu
OSyOmImsqImll0wtK7KFxbyedguiJo9mRAht7BDG6lle80PyUcS0U+E8SycZe+/6
Gcs=
-----END CERTIFICATE-----
Generated at Sat May 3 06:43:15 2025 by rpki-client