Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/WR_xn1cwUehQm-hw8_5SaIDJq30.roa
File: WR_xn1cwUehQm-hw8_5SaIDJq30.roa (raw, json)
Hash identifier: 3/ggYgiasb7iy8ihA3pLKI0e/aQYZs8HDU6kGikfcz0=
Subject key identifier: 59:1F:F1:9F:57:30:51:E8:50:9B:E8:70:F3:FE:52:68:80:C9:AB:7D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A269344DE42CBA766A01EDA5111E96383
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/WR_xn1cwUehQm-hw8_5SaIDJq30.roa
Signing time: Thu 24 Aug 2023 08:05:00 +0000
ROA not before: Thu 24 Aug 2023 08:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:18a:2692:8563/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:93:44:de:42:cb:a7:66:a0:1e:da:51:11:e9:63:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 24 08:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=591ff19f573051e8509be870f3fe526880c9ab7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6c:66:48:10:19:0e:08:42:55:32:6c:c5:3b:
11:8f:6c:b3:27:1f:b5:97:dd:f4:3a:b8:54:8e:cd:
56:64:a1:8e:8f:6d:37:16:78:97:30:d9:f4:cd:86:
01:da:46:a1:df:b9:a3:f1:a4:8f:f6:d9:a3:d5:5b:
37:f3:49:92:40:a6:0f:3f:b1:6b:37:7e:c2:dd:86:
ca:31:42:18:9e:dc:9d:38:9c:af:76:ae:66:9e:5b:
40:57:43:fc:8a:ea:17:e1:6b:0a:6f:8e:75:d4:a0:
2f:5a:4f:d1:9f:d8:a6:b6:05:c6:c5:56:16:49:74:
a1:0e:8d:5c:b9:6b:95:c1:1b:ac:7c:62:0c:ed:02:
61:96:5e:7a:59:f3:8b:9e:83:87:f7:0b:a1:8a:43:
de:37:ac:0a:a2:f9:8e:85:38:b7:ea:b7:7d:d1:e0:
1a:6d:6d:86:5f:79:94:7f:19:64:10:ba:91:1a:62:
2d:ca:17:4f:72:6e:8b:1d:0d:4c:57:bf:0e:b6:fb:
b4:a4:4c:3c:f0:30:03:92:02:40:96:88:0c:ea:85:
60:32:3d:f0:a5:ac:e0:a4:96:32:66:27:2f:d0:29:
21:87:b1:21:b0:44:48:19:61:ad:3b:9c:2e:10:5f:
e0:e3:fb:b0:4e:f2:0b:1d:fd:d8:03:2b:34:ba:3b:
78:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:1F:F1:9F:57:30:51:E8:50:9B:E8:70:F3:FE:52:68:80:C9:AB:7D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/WR_xn1cwUehQm-hw8_5SaIDJq30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ac:95:84:84:3a:26:7a:2f:56:54:c0:02:22:5a:cf:19:c0:4e:
f2:f3:4b:36:89:5e:13:4a:02:d3:77:09:5b:41:f7:74:79:0e:
01:44:b5:78:9d:c6:8a:df:01:63:62:1e:98:5d:7d:75:37:0f:
6c:85:36:43:83:f1:23:ac:cb:05:b7:2b:ce:54:42:01:7c:04:
91:59:59:b0:5a:17:8c:92:97:2e:35:ef:07:ff:d8:8e:ce:18:
f1:16:f0:fc:34:64:29:87:10:6f:a3:39:ad:14:aa:1f:c8:fd:
38:53:5e:15:25:9f:46:74:c7:fd:16:aa:17:b3:d4:7b:e6:27:
bd:ed:d6:3f:90:cf:91:d8:b5:12:e2:0f:a4:c2:b4:2a:1b:c6:
31:43:cc:42:1f:2f:37:56:bf:50:0e:44:12:7c:6d:2d:6d:31:
d9:69:1c:2e:ac:e8:80:a6:55:18:81:dd:84:28:67:d9:d4:e3:
a1:f9:f1:9a:e3:de:98:20:58:22:83:d2:0a:56:2e:1a:c7:8b:
d2:2f:01:0e:63:79:c8:46:b5:55:b9:b1:5d:ba:e1:38:f5:1a:
56:f5:bf:21:89:7b:c4:be:6f:ca:db:e2:bb:10:f2:6a:17:38:
43:68:25:61:67:51:d3:c5:0a:a5:2a:c3:11:46:41:48:ea:ec:
6e:e7:78:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYomk0TeQsunZqAe2lER6WODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI0MDgwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTFmZjE5ZjU3MzA1MWU4NTA5YmU4NzBmM2ZlNTI2ODgwYzlhYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmxmSBAZDghCVTJsxTsRj2yzJx+1
l930OrhUjs1WZKGOj203FniXMNn0zYYB2kah37mj8aSP9tmj1Vs380mSQKYPP7Fr
N37C3YbKMUIYntydOJyvdq5mnltAV0P8iuoX4WsKb4511KAvWk/Rn9imtgXGxVYW
SXShDo1cuWuVwRusfGIM7QJhll56WfOLnoOH9wuhikPeN6wKovmOhTi36rd90eAa
bW2GX3mUfxlkELqRGmItyhdPcm6LHQ1MV78Otvu0pEw88DADkgJAlogM6oVgMj3w
pazgpJYyZicv0Ckhh7EhsERIGWGtO5wuEF/g4/uwTvILHf3YAys0ujt4zwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFkf8Z9XMFHoUJvocPP+UmiAyat9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvV1JfeG4xY3dVZWhRbS1odzhfNVNhSURKcTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKyVhIQ6JnovVlTAAiJa
zxnATvLzSzaJXhNKAtN3CVtB93R5DgFEtXidxorfAWNiHphdfXU3D2yFNkOD8SOs
ywW3K85UQgF8BJFZWbBaF4ySly417wf/2I7OGPEW8Pw0ZCmHEG+jOa0Uqh/I/ThT
XhUln0Z0x/0Wqhez1HvmJ73t1j+Qz5HYtRLiD6TCtCobxjFDzEIfLzdWv1AORBJ8
bS1tMdlpHC6s6ICmVRiB3YQoZ9nU46H58Zrj3pggWCKD0gpWLhrHi9IvAQ5jechG
tVW5sV264Tj1Glb1vyGJe8S+b8rb4rsQ8moXOENoJWFnUdPFCqUqwxFGQUjq7G7n
eBI=
-----END CERTIFICATE-----
Generated at Thu May 1 04:28:03 2025 by rpki-client