Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Z4fKoL2CZx0ik8q12vM7HWDvXQc.roa
File: Z4fKoL2CZx0ik8q12vM7HWDvXQc.roa (raw, json)
Hash identifier: 3c2SY4PBTnXMZeAJfTUKPamfj+g7Bj/zLOH5IoEiKMI=
Subject key identifier: 67:87:CA:A0:BD:82:67:1D:22:93:CA:B5:DA:F3:3B:1D:60:EF:5D:07
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018677B9E9DAA5F882ECDE0C37E9F7D74021
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Z4fKoL2CZx0ik8q12vM7HWDvXQc.roa
Signing time: Wed 22 Feb 2023 06:05:17 +0000
ROA not before: Wed 22 Feb 2023 06:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:77b9:5ced/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:77:b9:e9:da:a5:f8:82:ec:de:0c:37:e9:f7:d7:40:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 06:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6787caa0bd82671d2293cab5daf33b1d60ef5d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8c:49:1c:55:b8:77:e4:7a:41:af:3a:7c:35:
7d:df:de:3d:bb:51:d8:27:9d:bc:73:91:a7:10:2b:
64:c1:f5:b2:97:af:59:61:a5:ab:b3:15:68:c3:cd:
51:e2:e9:a9:59:7b:ac:29:ea:b5:4e:96:56:7e:b2:
97:cb:84:85:65:dd:20:fa:1a:31:77:af:52:e2:73:
31:9b:c8:ef:fd:c2:49:e9:fa:43:b1:34:21:3a:f2:
7a:5e:b7:57:d6:22:bc:d5:ab:f4:82:23:fd:92:cb:
67:3d:59:48:85:42:de:57:5b:ac:88:96:e8:ed:fe:
fb:be:1a:73:e9:d4:1e:0a:32:98:dd:da:08:b4:08:
ef:a3:a2:61:07:ee:1f:84:e7:95:54:fb:4e:5d:a9:
51:5c:1b:66:44:26:6c:12:fc:c6:52:39:4d:a7:d4:
33:56:c0:c9:3a:64:da:42:af:25:79:9a:9e:6c:a3:
0d:85:24:79:24:9b:c8:cc:13:bd:00:2f:6b:d2:de:
48:83:7f:50:f7:92:7e:6f:e0:60:f8:4a:85:a3:8c:
2d:db:ad:47:ef:80:9a:4d:01:c7:4b:72:69:48:2a:
06:2b:26:4b:eb:cd:46:d9:00:73:1b:87:28:82:a4:
f8:8e:a5:a1:53:51:ee:0a:8a:fa:e2:fa:90:b7:e4:
8c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:87:CA:A0:BD:82:67:1D:22:93:CA:B5:DA:F3:3B:1D:60:EF:5D:07
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Z4fKoL2CZx0ik8q12vM7HWDvXQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:a4:88:e5:2f:1a:28:83:cc:17:9d:52:da:c9:5d:ed:78:32:
70:c8:c4:ab:76:ee:5a:a0:5f:3a:2e:35:6f:82:45:02:8e:23:
51:bb:18:28:7d:33:94:dd:71:2c:30:68:bf:ef:08:53:03:7e:
70:7d:03:f2:11:47:91:7f:ac:fd:ed:0d:60:c7:cc:c1:e6:86:
0f:fe:fa:f1:ed:c0:c4:e4:e8:fa:f7:54:34:76:ac:97:c1:9c:
61:5b:65:48:40:7a:4a:cb:b2:77:43:7f:6f:62:16:75:5f:23:
26:78:49:fc:8f:29:52:bb:fc:88:0d:3f:ba:1b:41:5a:79:28:
ff:9f:40:b3:0f:c8:24:c6:0b:b3:61:e2:eb:ec:b8:f1:a6:ef:
20:ea:a8:1f:61:ad:88:6b:65:c1:9b:95:20:4e:47:43:55:9d:
75:df:9f:86:9a:0f:05:29:12:d1:01:a8:af:08:93:42:40:c9:
78:96:53:6b:9b:e2:08:e2:e2:e9:a2:f6:34:6f:e8:ce:d7:7b:
df:65:05:06:72:42:86:df:f3:ef:19:c7:f4:3b:e8:ac:72:74:
f5:85:6f:3d:51:1a:44:19:55:cc:e6:7e:c9:9a:81:c3:6c:8e:
bb:65:1b:c7:b2:ee:9b:80:4d:78:ba:12:81:30:0b:5e:fb:13:
53:99:c7:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ3uenapfiC7N4MN+n310AhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMDYwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzg3Y2FhMGJkODI2NzFkMjI5M2NhYjVkYWYzM2IxZDYwZWY1ZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4xJHFW4d+R6Qa86fDV93949u1HY
J528c5GnECtkwfWyl69ZYaWrsxVow81R4umpWXusKeq1TpZWfrKXy4SFZd0g+hox
d69S4nMxm8jv/cJJ6fpDsTQhOvJ6XrdX1iK81av0giP9kstnPVlIhULeV1usiJbo
7f77vhpz6dQeCjKY3doItAjvo6JhB+4fhOeVVPtOXalRXBtmRCZsEvzGUjlNp9Qz
VsDJOmTaQq8leZqebKMNhSR5JJvIzBO9AC9r0t5Ig39Q95J+b+Bg+EqFo4wt261H
74CaTQHHS3JpSCoGKyZL681G2QBzG4cogqT4jqWhU1HuCor64vqQt+SMjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGeHyqC9gmcdIpPKtdrzOx1g710HMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWjRmS29MMkNaeDBpazhxMTJ2TTdIV0R2WFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGCkiOUvGiiDzBedUtrJ
Xe14MnDIxKt27lqgXzouNW+CRQKOI1G7GCh9M5TdcSwwaL/vCFMDfnB9A/IRR5F/
rP3tDWDHzMHmhg/++vHtwMTk6Pr3VDR2rJfBnGFbZUhAekrLsndDf29iFnVfIyZ4
SfyPKVK7/IgNP7obQVp5KP+fQLMPyCTGC7Nh4uvsuPGm7yDqqB9hrYhrZcGblSBO
R0NVnXXfn4aaDwUpEtEBqK8Ik0JAyXiWU2ub4gji4umi9jRv6M7Xe99lBQZyQobf
8+8Zx/Q76KxydPWFbz1RGkQZVczmfsmagcNsjrtlG8ey7puATXi6EoEwC177E1OZ
x+8=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:34:33 2025 by rpki-client