Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/T6hstZVzUfFS80J0qrrf7M3FzHg.roa
File: T6hstZVzUfFS80J0qrrf7M3FzHg.roa (raw, json)
Hash identifier: 3TT6TnhvpHZX27owoOMqhXFzWc4vgmGFOu1iDtKDpl0=
Subject key identifier: 4F:A8:6C:B5:95:73:51:F1:52:F3:42:74:AA:BA:DF:EC:CD:C5:CC:78
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A1A6386D4058A40AAB2B693B526297A6D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/T6hstZVzUfFS80J0qrrf7M3FzHg.roa
Signing time: Mon 21 Aug 2023 23:17:24 +0000
ROA not before: Mon 21 Aug 2023 23:17:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1a:63:86:d4:05:8a:40:aa:b2:b6:93:b5:26:29:7a:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 21 23:17:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fa86cb5957351f152f34274aabadfeccdc5cc78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b3:03:88:3b:8e:03:27:b5:34:a1:4f:9b:12:
ad:a6:74:0e:98:f9:44:b8:7e:ba:e6:29:dc:64:30:
6d:bf:bd:12:9b:b5:9a:3f:b6:44:51:bb:92:a9:9a:
53:11:40:fa:db:df:1b:d1:05:bd:a1:e3:59:9f:8b:
87:51:53:f6:07:92:5b:db:dc:0d:df:a6:16:b9:1a:
4a:5f:b2:e4:99:42:3b:98:ec:2b:83:90:6d:72:04:
1c:63:b8:44:6e:aa:2d:83:5a:be:bf:20:e6:da:e9:
02:e9:6a:ab:f3:3f:65:d2:7a:4c:a5:f9:c9:55:69:
20:01:fc:d7:25:0d:9f:5d:e3:5a:ea:a8:da:5c:d0:
c3:6a:3f:62:05:e5:da:2d:f5:fc:6c:3e:18:39:58:
74:20:c6:a8:d3:77:61:2f:98:36:4f:96:48:30:d2:
ab:da:74:18:f6:54:13:d9:a4:c9:46:70:58:e7:81:
8f:c1:b5:c4:09:08:98:e7:f0:ee:34:e5:24:b1:49:
f8:05:f7:57:6e:48:e0:b8:6f:d9:1c:b2:20:32:7a:
7f:ed:1d:a0:fb:0d:10:37:06:67:02:ce:28:cf:4a:
ec:31:3f:50:5a:66:70:0e:3c:0c:a4:16:99:b7:6f:
f0:c9:64:6d:b4:4e:be:fb:8c:d5:86:68:b9:19:99:
86:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A8:6C:B5:95:73:51:F1:52:F3:42:74:AA:BA:DF:EC:CD:C5:CC:78
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/T6hstZVzUfFS80J0qrrf7M3FzHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
92:0c:1b:0c:e5:37:96:13:71:4d:85:97:79:ac:dd:c3:37:18:
7c:17:77:d4:56:48:90:8e:12:94:52:19:a0:94:7c:74:9c:f7:
69:97:9e:d8:e1:81:1a:00:95:93:b7:e7:92:b6:6f:75:0a:86:
09:7e:ff:6f:d2:7f:b3:0f:c7:0d:74:11:16:0b:16:c3:5f:64:
95:5f:99:34:05:7a:38:92:ba:b4:87:e3:75:f6:02:f5:5e:f0:
3d:26:23:2d:e6:1e:28:40:c9:c4:93:b5:08:b1:a3:7b:07:4a:
2e:07:a0:4e:e8:d4:54:cb:c5:ae:58:7d:5e:ac:4d:1d:1a:a1:
5f:24:ac:99:cb:a1:86:8c:d3:ce:57:69:47:1d:62:04:24:d1:
18:60:29:6f:18:12:6d:5e:e7:7e:a3:41:cc:6a:e6:13:99:1d:
8e:f3:ba:43:a2:a2:b5:43:3c:15:62:15:84:2b:99:d5:a7:29:
30:12:96:bb:5a:db:22:40:7c:cc:d0:8e:b1:32:49:cd:8d:6f:
d7:28:61:74:1c:8f:90:80:9a:9d:2d:dd:53:28:4d:51:73:6a:
5d:3f:4b:82:bb:12:7b:8d:1c:aa:1e:fe:64:41:7c:78:99:f9:
9e:3e:f2:5a:2b:9a:c0:4b:19:a4:0e:2f:7a:1e:e1:93:4c:6a:
48:25:f1:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoaY4bUBYpAqrK2k7UmKXptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIxMjMxNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmE4NmNiNTk1NzM1MWYxNTJmMzQyNzRhYWJhZGZlY2NkYzVjYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLMDiDuOAye1NKFPmxKtpnQOmPlE
uH665incZDBtv70Sm7WaP7ZEUbuSqZpTEUD6298b0QW9oeNZn4uHUVP2B5Jb29wN
36YWuRpKX7LkmUI7mOwrg5BtcgQcY7hEbqotg1q+vyDm2ukC6Wqr8z9l0npMpfnJ
VWkgAfzXJQ2fXeNa6qjaXNDDaj9iBeXaLfX8bD4YOVh0IMao03dhL5g2T5ZIMNKr
2nQY9lQT2aTJRnBY54GPwbXECQiY5/DuNOUksUn4BfdXbkjguG/ZHLIgMnp/7R2g
+w0QNwZnAs4oz0rsMT9QWmZwDjwMpBaZt2/wyWRttE6++4zVhmi5GZmGlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE+obLWVc1HxUvNCdKq63+zNxcx4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVDZoc3RaVnpVZkZTODBKMHFycmY3TTNGekhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJIMGwzlN5YTcU2Fl3ms
3cM3GHwXd9RWSJCOEpRSGaCUfHSc92mXntjhgRoAlZO355K2b3UKhgl+/2/Sf7MP
xw10ERYLFsNfZJVfmTQFejiSurSH43X2AvVe8D0mIy3mHihAycSTtQixo3sHSi4H
oE7o1FTLxa5YfV6sTR0aoV8krJnLoYaM085XaUcdYgQk0RhgKW8YEm1e536jQcxq
5hOZHY7zukOiorVDPBViFYQrmdWnKTASlrta2yJAfMzQjrEySc2Nb9coYXQcj5CA
mp0t3VMoTVFzal0/S4K7EnuNHKoe/mRBfHiZ+Z4+8lormsBLGaQOL3oe4ZNMakgl
8Ug=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:34:58 2025 by rpki-client