Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Sn8AbInbCCkvkrtxHuC6zi9BxA0.roa
File: Sn8AbInbCCkvkrtxHuC6zi9BxA0.roa (raw, json)
Hash identifier: iZHAMT4seE3aSlZIK7SQmZ4X/y7qR/C5WPBO/yYco/o=
Subject key identifier: 4A:7F:00:6C:89:DB:08:29:2F:92:BB:71:1E:E0:BA:CE:2F:41:C4:0D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189D8781F4D705720702A76B396CABACB15
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Sn8AbInbCCkvkrtxHuC6zi9BxA0.roa
Signing time: Wed 09 Aug 2023 04:04:58 +0000
ROA not before: Wed 09 Aug 2023 04:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
2001:67c:64:ffff:0:189:d877:d537/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d8:78:1f:4d:70:57:20:70:2a:76:b3:96:ca:ba:cb:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 9 04:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a7f006c89db08292f92bb711ee0bace2f41c40d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e2:21:6c:32:23:68:a0:8a:1e:17:c3:c9:33:
26:7e:d9:19:f6:8f:48:7b:dc:b1:dd:ac:ea:5f:2d:
41:77:71:78:f9:f6:fb:6c:e6:55:f2:7a:e2:d3:b9:
7e:1b:49:09:7a:bf:89:bf:12:59:38:75:95:8a:c3:
1f:49:c4:7e:71:9d:eb:24:14:7d:ea:a6:c7:74:17:
51:35:ca:c7:77:3d:78:b7:c6:c9:54:06:7f:db:1c:
b7:4b:e2:b5:b6:7f:6c:15:97:d5:8c:a5:2f:1c:73:
f8:92:c2:c4:6b:29:e2:37:24:64:0b:46:8e:2f:93:
a6:6e:c5:f8:4e:d8:c4:79:ad:b5:a7:bb:80:c2:1c:
e3:ca:e8:f5:b5:9c:8c:23:a7:b9:72:08:67:ce:15:
00:15:e4:6d:65:db:04:1e:69:da:d1:1f:20:7c:7c:
08:e3:60:b4:68:d1:3b:10:04:8e:c4:48:d9:db:25:
6f:f3:37:a9:85:0d:50:db:70:cc:8f:28:de:33:57:
c6:a8:8e:ec:b8:cf:29:85:16:0e:1a:fc:03:1c:2b:
5d:21:ce:6b:80:ee:2a:25:9b:57:c3:9c:1a:f6:8e:
c6:06:0a:7a:ab:3d:25:dc:25:19:92:76:a9:bb:ac:
2d:3c:0b:e2:0a:b8:73:d3:24:fa:96:38:7b:10:7a:
db:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:7F:00:6C:89:DB:08:29:2F:92:BB:71:1E:E0:BA:CE:2F:41:C4:0D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Sn8AbInbCCkvkrtxHuC6zi9BxA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:05:e4:78:69:c1:a3:b1:37:78:04:a7:06:11:74:74:d3:75:
5c:2c:75:3b:63:ad:19:00:e2:33:32:bc:f3:ce:44:cd:69:85:
0a:2e:74:6a:2c:bc:46:11:41:d2:13:75:6c:06:2b:27:02:bf:
7e:c6:e0:a0:e7:22:fe:f6:55:81:00:4f:66:f6:5a:54:dc:69:
7a:39:ee:3b:9b:56:b5:bd:38:48:b8:a2:fc:6c:df:59:c2:fd:
49:c7:e1:02:bd:40:ad:fc:32:7e:89:12:25:4d:d5:e9:5f:c0:
7b:09:c8:87:5c:f6:1c:e3:9f:d6:a9:ae:bb:c1:97:9a:a7:35:
6b:59:ed:04:d2:78:68:49:33:94:a0:60:e0:ac:32:c7:1b:d5:
d7:12:bd:99:28:6c:a4:10:c3:07:80:32:4b:ee:48:69:a0:8f:
a0:a8:34:92:ee:79:a2:5f:bb:d4:4d:68:a8:03:7d:bf:f3:39:
20:13:a6:51:8f:da:71:5b:67:36:9d:dc:3f:00:7d:9d:29:7e:
84:4c:c1:76:5b:14:f1:38:a8:25:05:28:3e:c6:f2:3d:b6:0c:
9e:00:de:d7:6a:30:ad:73:63:6d:3e:23:5a:6e:ab:e0:da:51:
42:51:2a:71:53:28:a5:1b:51:0e:75:ff:51:7b:2c:a8:74:a7:
f9:15:0a:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnYeB9NcFcgcCp2s5bKussVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA5MDQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTdmMDA2Yzg5ZGIwODI5MmY5MmJiNzExZWUwYmFjZTJmNDFjNDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneIhbDIjaKCKHhfDyTMmftkZ9o9I
e9yx3azqXy1Bd3F4+fb7bOZV8nri07l+G0kJer+JvxJZOHWVisMfScR+cZ3rJBR9
6qbHdBdRNcrHdz14t8bJVAZ/2xy3S+K1tn9sFZfVjKUvHHP4ksLEayniNyRkC0aO
L5OmbsX4TtjEea21p7uAwhzjyuj1tZyMI6e5cghnzhUAFeRtZdsEHmna0R8gfHwI
42C0aNE7EASOxEjZ2yVv8zephQ1Q23DMjyjeM1fGqI7suM8phRYOGvwDHCtdIc5r
gO4qJZtXw5wa9o7GBgp6qz0l3CUZknapu6wtPAviCrhz0yT6ljh7EHrboQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEp/AGyJ2wgpL5K7cR7gus4vQcQNMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvU244QWJJbmJDQ2t2a3J0eEh1QzZ6aTlCeEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH0F5HhpwaOxN3gEpwYR
dHTTdVwsdTtjrRkA4jMyvPPORM1phQoudGosvEYRQdITdWwGKycCv37G4KDnIv72
VYEAT2b2WlTcaXo57jubVrW9OEi4ovxs31nC/UnH4QK9QK38Mn6JEiVN1elfwHsJ
yIdc9hzjn9aprrvBl5qnNWtZ7QTSeGhJM5SgYOCsMscb1dcSvZkobKQQwweAMkvu
SGmgj6CoNJLueaJfu9RNaKgDfb/zOSATplGP2nFbZzad3D8AfZ0pfoRMwXZbFPE4
qCUFKD7G8j22DJ4A3tdqMK1zY20+I1puq+DaUUJRKnFTKKUbUQ51/1F7LKh0p/kV
Clw=
-----END CERTIFICATE-----
Generated at Thu May 1 14:47:11 2025 by rpki-client