Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Y03e9Z4Pg2DF5I6BoclURP8qW5s.roa
File: Y03e9Z4Pg2DF5I6BoclURP8qW5s.roa (raw, json)
Hash identifier: x2RSx6jcE6qQpimlNmeLrkzXT+SCtIrtZsCCy10yRsc=
Subject key identifier: 63:4D:DE:F5:9E:0F:83:60:C5:E4:8E:81:A1:C9:54:44:FF:2A:5B:9B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018687DBCF60826E3F5BD4E018B279AD8BB6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Y03e9Z4Pg2DF5I6BoclURP8qW5s.roa
Signing time: Sat 25 Feb 2023 09:16:15 +0000
ROA not before: Sat 25 Feb 2023 09:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:87:db:cf:60:82:6e:3f:5b:d4:e0:18:b2:79:ad:8b:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 09:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=634ddef59e0f8360c5e48e81a1c95444ff2a5b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:9b:dc:6b:1c:44:94:ce:f8:2b:f5:83:76:b9:
da:75:90:e3:be:c3:a6:cd:a1:a1:43:0f:76:2a:f3:
eb:21:be:bc:41:54:0b:36:8f:0f:cb:41:8e:54:5a:
24:6b:d5:a7:e6:cc:12:2e:c6:8a:4a:2e:c6:77:a7:
8e:0f:e9:bc:6f:05:67:ee:1c:a5:1c:42:cb:57:a6:
5d:70:0d:e4:92:b0:d4:8c:f1:e4:44:fd:47:b6:e0:
af:82:0e:23:d6:a8:8e:4f:18:96:b9:60:cb:fe:c4:
6c:b5:9e:d4:3a:73:32:d8:b7:0c:cb:8e:ac:a1:b7:
fb:5e:5b:54:32:33:db:7f:c8:9d:b9:fb:2a:0e:5b:
bc:ac:2f:3f:0e:3b:89:97:dd:5e:1d:98:f5:f2:5e:
3e:c6:05:f3:e0:0d:ef:cf:78:ec:d9:6d:e2:46:0a:
8d:26:be:a7:58:aa:02:92:a1:45:91:d3:d4:0d:54:
12:f8:ff:95:43:9e:74:29:3c:7e:f1:ab:aa:f4:04:
d7:55:00:8b:89:a9:62:b7:36:e8:62:25:ec:c9:a7:
52:b5:08:bf:be:b4:eb:ab:2b:5d:48:30:34:0b:cb:
7f:c4:6f:a1:ff:56:a3:a6:8e:d4:35:9e:3b:55:81:
72:95:f4:09:c1:24:01:2a:23:b7:da:d8:f8:f8:a5:
14:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4D:DE:F5:9E:0F:83:60:C5:E4:8E:81:A1:C9:54:44:FF:2A:5B:9B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Y03e9Z4Pg2DF5I6BoclURP8qW5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:bd:ed:5c:e5:4c:0d:11:a7:94:ff:4d:13:50:0f:03:30:fd:
e9:db:1f:29:8a:58:89:31:8c:08:dd:2c:d9:91:1f:df:21:b0:
13:1a:27:f1:d5:e5:94:f4:2a:ca:32:ef:ca:b3:0c:a6:1b:94:
e2:2f:d4:86:f7:b8:07:59:af:0d:bc:e8:6c:7e:17:41:92:ab:
50:45:d9:2e:dc:3a:f1:ff:53:97:c9:32:52:91:0d:77:ed:41:
ff:2b:5c:2b:94:57:25:5c:84:40:57:df:48:e0:b7:ea:d6:f6:
3e:dd:ac:3c:dc:65:ef:31:f2:a2:b3:c3:d4:9d:26:c6:fc:03:
76:05:5d:02:7b:18:a7:ca:99:14:55:a5:ed:be:b9:ad:c4:c6:
a1:10:2f:ad:d0:76:02:bb:d5:92:24:85:08:ae:6b:9e:b9:6a:
5b:0a:34:16:25:6f:bc:cd:dc:bb:d1:92:da:84:b1:72:e5:84:
f4:b4:55:64:5e:a8:4d:39:83:95:43:7b:67:09:70:d7:bc:ba:
e1:9f:37:b4:8e:dd:fb:f4:58:c6:0e:dd:bf:4f:44:cc:5c:8c:
b8:8e:45:d8:fa:c0:2d:a0:c2:b3:44:74:11:ed:29:bf:b7:66:
5d:68:fa:a7:a4:0c:01:90:e2:64:36:47:67:74:48:04:a5:b3:
f7:25:ce:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaH289ggm4/W9TgGLJ5rYu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MDkxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzRkZGVmNTllMGY4MzYwYzVlNDhlODFhMWM5NTQ0NGZmMmE1YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJvcaxxElM74K/WDdrnadZDjvsOm
zaGhQw92KvPrIb68QVQLNo8Py0GOVFoka9Wn5swSLsaKSi7Gd6eOD+m8bwVn7hyl
HELLV6ZdcA3kkrDUjPHkRP1HtuCvgg4j1qiOTxiWuWDL/sRstZ7UOnMy2LcMy46s
obf7XltUMjPbf8idufsqDlu8rC8/DjuJl91eHZj18l4+xgXz4A3vz3js2W3iRgqN
Jr6nWKoCkqFFkdPUDVQS+P+VQ550KTx+8auq9ATXVQCLialitzboYiXsyadStQi/
vrTrqytdSDA0C8t/xG+h/1ajpo7UNZ47VYFylfQJwSQBKiO32tj4+KUUjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGNN3vWeD4NgxeSOgaHJVET/KlubMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWTAzZTlaNFBnMkRGNUk2Qm9jbFVSUDhxVzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE297VzlTA0Rp5T/TRNQ
DwMw/enbHymKWIkxjAjdLNmRH98hsBMaJ/HV5ZT0Ksoy78qzDKYblOIv1Ib3uAdZ
rw286Gx+F0GSq1BF2S7cOvH/U5fJMlKRDXftQf8rXCuUVyVchEBX30jgt+rW9j7d
rDzcZe8x8qKzw9SdJsb8A3YFXQJ7GKfKmRRVpe2+ua3ExqEQL63QdgK71ZIkhQiu
a565alsKNBYlb7zN3LvRktqEsXLlhPS0VWReqE05g5VDe2cJcNe8uuGfN7SO3fv0
WMYO3b9PRMxcjLiORdj6wC2gwrNEdBHtKb+3Zl1o+qekDAGQ4mQ2R2d0SASls/cl
zgw=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:35:48 2025 by rpki-client