Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Wcsb8gjdxSy6B41qrU3da8896-0.roa
File: Wcsb8gjdxSy6B41qrU3da8896-0.roa (raw, json)
Hash identifier: njYE3a+VhceaE11WHpXqmPJlbxqm42MYPcGhQvWvTn8=
Subject key identifier: 59:CB:1B:F2:08:DD:C5:2C:BA:07:8D:6A:AD:4D:DD:6B:CF:3D:EB:ED
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867C43B4FCB9DE85624EBA03FD189FA8A6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Wcsb8gjdxSy6B41qrU3da8896-0.roa
Signing time: Thu 23 Feb 2023 03:14:17 +0000
ROA not before: Thu 23 Feb 2023 03:14:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7c:43:b4:fc:b9:de:85:62:4e:ba:03:fd:18:9f:a8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 23 03:14:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59cb1bf208ddc52cba078d6aad4ddd6bcf3debed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6e:4b:32:59:ce:9e:60:26:53:c3:54:c5:6f:
48:f9:cf:12:d4:09:1f:ca:a2:a8:bc:27:d4:19:31:
35:27:5f:e2:ae:75:8a:e5:73:b8:3c:01:49:c2:5d:
84:08:26:fd:b5:7a:d0:66:1e:9e:4c:63:94:f1:4a:
c9:14:bb:47:1d:ba:70:7f:b2:e4:d3:70:3d:aa:0b:
6c:f5:ad:cc:84:1e:77:a9:65:5b:a0:23:6f:c1:be:
3a:a6:be:18:35:87:6e:41:34:d9:e5:26:0c:e2:41:
a2:43:69:12:05:cb:93:1b:27:76:70:c0:1d:38:ae:
65:b9:b6:40:98:19:97:f1:9c:6b:5a:32:b6:40:97:
de:3e:a3:dc:80:bb:77:0e:92:b3:40:14:0b:eb:82:
52:b8:cc:67:ee:67:01:23:01:0e:c5:f1:0c:54:a4:
53:84:64:f9:65:56:95:6e:67:14:23:ea:ae:99:0b:
35:82:ce:ed:c1:a7:55:5e:84:a7:1a:94:d7:15:b9:
01:05:c7:37:3d:cb:5d:4a:d9:62:8f:6b:ba:9d:d9:
b0:e3:5b:0b:14:ff:1a:45:55:8e:be:90:bd:0c:55:
d4:00:97:11:43:ea:70:f3:0a:ad:b5:c3:8f:d8:c0:
03:19:3b:33:a2:a5:3c:0d:be:0f:2d:7a:5f:e5:01:
9d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:CB:1B:F2:08:DD:C5:2C:BA:07:8D:6A:AD:4D:DD:6B:CF:3D:EB:ED
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Wcsb8gjdxSy6B41qrU3da8896-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:49:f6:89:12:6b:87:51:23:06:c3:2b:f5:99:b8:00:4b:04:
bd:9a:77:06:bb:9d:23:12:04:a0:38:de:d2:b6:23:8f:58:26:
3d:0e:c9:5a:a3:e6:a3:ec:e9:0c:13:a7:63:0e:1b:66:c3:84:
da:12:7e:0e:98:86:2b:18:a3:03:00:a9:bf:73:17:10:40:07:
d8:26:f0:10:89:2b:82:c0:ae:da:2a:14:e9:4a:4e:f4:ec:59:
dc:86:c9:69:64:31:2d:c4:77:bf:0d:23:a1:0b:5c:02:5e:1b:
45:fa:ed:aa:b1:28:3e:9a:13:3b:4a:0a:25:da:17:40:16:20:
89:02:cb:ca:51:42:80:c7:44:d3:25:ab:13:1e:1e:89:5e:44:
cc:28:72:71:ee:19:d7:62:d0:b6:ea:f8:02:cf:43:75:7b:bc:
54:ea:0e:4f:9f:54:63:0f:15:86:3e:11:58:15:98:99:ff:69:
37:f8:96:64:8e:ba:e8:35:3e:46:26:ff:1a:14:61:f5:3b:4f:
ee:ad:ef:f2:83:1a:d1:45:33:ca:18:c2:75:f2:ac:08:53:a2:
81:bf:9b:be:4a:e0:a8:b2:01:f4:68:5c:cb:00:fc:6e:d9:b8:
2e:60:ef:20:69:99:0e:cb:ad:ad:6c:48:43:f0:8e:0d:16:23:
cd:2a:fc:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ8Q7T8ud6FYk66A/0Yn6imMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIzMDMxNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWNiMWJmMjA4ZGRjNTJjYmEwNzhkNmFhZDRkZGQ2YmNmM2RlYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiG5LMlnOnmAmU8NUxW9I+c8S1Akf
yqKovCfUGTE1J1/irnWK5XO4PAFJwl2ECCb9tXrQZh6eTGOU8UrJFLtHHbpwf7Lk
03A9qgts9a3MhB53qWVboCNvwb46pr4YNYduQTTZ5SYM4kGiQ2kSBcuTGyd2cMAd
OK5lubZAmBmX8ZxrWjK2QJfePqPcgLt3DpKzQBQL64JSuMxn7mcBIwEOxfEMVKRT
hGT5ZVaVbmcUI+qumQs1gs7twadVXoSnGpTXFbkBBcc3PctdStlij2u6ndmw41sL
FP8aRVWOvpC9DFXUAJcRQ+pw8wqttcOP2MADGTszoqU8Db4PLXpf5QGdtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFnLG/II3cUsugeNaq1N3WvPPevtMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvV2NzYjhnamR4U3k2QjQxcXJVM2RhODg5Ni0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADpJ9okSa4dRIwbDK/WZ
uABLBL2adwa7nSMSBKA43tK2I49YJj0OyVqj5qPs6QwTp2MOG2bDhNoSfg6YhisY
owMAqb9zFxBAB9gm8BCJK4LArtoqFOlKTvTsWdyGyWlkMS3Ed78NI6ELXAJeG0X6
7aqxKD6aEztKCiXaF0AWIIkCy8pRQoDHRNMlqxMeHoleRMwocnHuGddi0Lbq+ALP
Q3V7vFTqDk+fVGMPFYY+EVgVmJn/aTf4lmSOuug1PkYm/xoUYfU7T+6t7/KDGtFF
M8oYwnXyrAhTooG/m75K4KiyAfRoXMsA/G7ZuC5g7yBpmQ7Lra1sSEPwjg0WI80q
/LQ=
-----END CERTIFICATE-----
Generated at Thu May 1 11:15:32 2025 by rpki-client