Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/T38zZlgIu8HJSbfn2gAKc94WYA4.roa
File: T38zZlgIu8HJSbfn2gAKc94WYA4.roa (raw, json)
Hash identifier: op76tVUVPe3nRQqz+gkUdJ0w74ecSw9hvD8cxG1OM8c=
Subject key identifier: 4F:7F:33:66:58:08:BB:C1:C9:49:B7:E7:DA:00:0A:73:DE:16:60:0E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186E59D7799E1314B4A8AD7AD65E0225077
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/T38zZlgIu8HJSbfn2gAKc94WYA4.roa
Signing time: Wed 15 Mar 2023 14:12:27 +0000
ROA not before: Wed 15 Mar 2023 14:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e5:9d:77:99:e1:31:4b:4a:8a:d7:ad:65:e0:22:50:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 15 14:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f7f33665808bbc1c949b7e7da000a73de16600e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1c:cc:db:76:da:80:6a:fe:6b:30:76:8c:09:
db:19:6c:df:2a:88:84:5d:d3:61:a7:23:ef:d1:13:
3e:40:1a:b9:15:26:80:78:15:85:d3:4f:12:b9:30:
9c:05:d7:e1:04:7a:22:00:97:5e:0a:90:d8:f4:f5:
d4:a5:53:40:70:a3:40:c6:73:35:a7:70:b3:85:f8:
45:b0:87:be:f1:e6:59:f1:c6:46:4d:ac:71:41:ff:
89:18:ac:f9:4e:d4:14:64:2f:5b:22:9e:c2:75:15:
b6:d6:4b:6c:d7:6f:d3:1b:d7:f7:d9:74:4c:df:9d:
20:2a:87:cb:91:1c:15:d8:70:ce:3f:2b:69:51:fc:
a2:d7:3f:be:b4:b2:4e:40:81:72:42:fc:29:82:2b:
22:fb:7b:da:d0:c0:d6:7c:8c:65:21:72:6d:d8:ac:
6b:2d:4c:65:e7:16:ce:b5:77:0a:8b:a5:c5:ff:cd:
f5:7b:cc:49:e7:9c:a4:22:3c:7a:be:d3:38:a0:70:
50:5c:88:49:e1:ad:6d:5b:39:01:80:55:3f:fe:27:
c5:4f:22:44:32:c1:f3:c7:81:7a:83:45:a5:13:d1:
4e:54:0e:f8:63:94:7f:d9:e9:9a:d0:00:4b:fa:0e:
ba:ea:b8:d3:aa:59:8f:ec:37:2a:b6:4d:3b:3c:60:
a4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:7F:33:66:58:08:BB:C1:C9:49:B7:E7:DA:00:0A:73:DE:16:60:0E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/T38zZlgIu8HJSbfn2gAKc94WYA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:cf:e2:97:1c:93:93:f4:03:bc:41:e1:e0:11:6d:2c:80:34:
6a:5d:c6:46:74:fb:cc:11:db:1b:02:cb:15:13:55:99:6f:10:
1a:aa:68:07:37:62:8c:66:7b:9a:50:37:9e:9e:60:4d:14:4a:
64:22:c1:d8:86:9b:b8:65:85:68:8b:72:90:46:b3:1f:2e:34:
76:f1:af:46:c2:ea:dd:b4:5c:d5:d5:8a:f3:e6:96:d1:15:25:
03:cb:98:b3:5f:2c:69:44:81:e9:8f:3f:5f:3b:8c:f9:c8:0d:
d3:af:c7:1a:2d:a9:ba:34:66:27:ac:ad:53:82:4d:cd:90:4f:
69:e0:41:fa:0a:af:3d:34:35:9f:80:2f:33:0a:d8:54:cc:2f:
8a:c0:ba:6e:1e:d1:db:fc:4b:e8:c5:0a:89:4e:cf:1d:4d:1c:
cb:eb:3b:0e:14:36:96:6f:67:c0:49:f8:40:f6:56:a1:96:4a:
29:0d:70:66:c6:97:6f:80:d9:54:f7:97:a0:6b:55:10:14:92:
39:21:ac:11:f3:8c:0d:c6:6c:23:1c:50:f4:f1:47:10:ea:ea:
59:1e:c8:08:cb:71:c7:6a:c9:04:33:24:d8:4d:bb:f7:30:73:
8f:f0:d3:b0:8b:cb:21:59:07:14:62:45:a6:2a:1e:19:3e:9c:
57:46:dc:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYblnXeZ4TFLSorXrWXgIlB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE1MTQxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjdmMzM2NjU4MDhiYmMxYzk0OWI3ZTdkYTAwMGE3M2RlMTY2MDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxzM23bagGr+azB2jAnbGWzfKoiE
XdNhpyPv0RM+QBq5FSaAeBWF008SuTCcBdfhBHoiAJdeCpDY9PXUpVNAcKNAxnM1
p3CzhfhFsIe+8eZZ8cZGTaxxQf+JGKz5TtQUZC9bIp7CdRW21kts12/TG9f32XRM
350gKofLkRwV2HDOPytpUfyi1z++tLJOQIFyQvwpgisi+3va0MDWfIxlIXJt2Kxr
LUxl5xbOtXcKi6XF/831e8xJ55ykIjx6vtM4oHBQXIhJ4a1tWzkBgFU//ifFTyJE
MsHzx4F6g0WlE9FOVA74Y5R/2ema0ABL+g666rjTqlmP7Dcqtk07PGCkQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE9/M2ZYCLvByUm359oACnPeFmAOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVDM4elpsZ0l1OEhKU2JmbjJnQUtjOTRXWUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC/P4pcck5P0A7xB4eAR
bSyANGpdxkZ0+8wR2xsCyxUTVZlvEBqqaAc3Yoxme5pQN56eYE0USmQiwdiGm7hl
hWiLcpBGsx8uNHbxr0bC6t20XNXVivPmltEVJQPLmLNfLGlEgemPP187jPnIDdOv
xxotqbo0ZiesrVOCTc2QT2ngQfoKrz00NZ+ALzMK2FTML4rAum4e0dv8S+jFColO
zx1NHMvrOw4UNpZvZ8BJ+ED2VqGWSikNcGbGl2+A2VT3l6BrVRAUkjkhrBHzjA3G
bCMcUPTxRxDq6lkeyAjLccdqyQQzJNhNu/cwc4/w07CLyyFZBxRiRaYqHhk+nFdG
3IQ=
-----END CERTIFICATE-----
Generated at Thu May 1 00:59:18 2025 by rpki-client