Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Z7I_r95-nROrVO3I8BOzCKKwiEM.roa
File: Z7I_r95-nROrVO3I8BOzCKKwiEM.roa (raw, json)
Hash identifier: f80T4b5ceK88nUZose+7VlG+od7s5Ut1UMiz3s5fiVI=
Subject key identifier: 67:B2:3F:AF:DE:7E:9D:13:AB:54:ED:C8:F0:13:B3:08:A2:B0:88:43
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01881C820CC6F71CE75A71D45FF135A2BC59
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Z7I_r95-nROrVO3I8BOzCKKwiEM.roa
Signing time: Sun 14 May 2023 23:04:24 +0000
ROA not before: Sun 14 May 2023 23:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:188:1c82:89b/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1c:82:0c:c6:f7:1c:e7:5a:71:d4:5f:f1:35:a2:bc:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 14 23:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67b23fafde7e9d13ab54edc8f013b308a2b08843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ee:40:20:a0:a1:cf:08:6d:54:06:88:04:bb:
89:27:ad:31:44:7c:64:2a:4d:f2:41:7d:90:66:3d:
80:8b:5b:8c:98:ce:08:9a:e1:27:8f:8e:a6:c4:e5:
f3:f6:5b:f4:09:04:a9:dc:34:ae:e4:69:1f:de:d2:
ea:d8:35:28:2e:fb:a4:c2:d3:39:d7:4c:0d:44:12:
44:fb:20:b6:0b:8d:08:07:c0:e1:97:3c:21:e6:0d:
53:00:3b:c0:3e:39:1e:f8:85:4e:2d:af:f5:9b:1a:
e6:bf:e6:0b:72:49:50:60:92:e1:95:c1:da:f2:f9:
2f:9f:2c:a0:66:99:87:ce:18:b5:bd:b5:49:e1:99:
d2:8e:75:a3:0e:b2:88:68:4c:ca:ff:c7:4f:c1:d5:
2c:3e:20:81:eb:54:72:e5:ac:5f:b2:97:96:69:86:
0f:da:3f:45:e0:d3:15:3a:42:2c:36:75:17:61:81:
6c:0e:bb:62:3d:2f:30:d9:21:25:83:9f:ed:a0:f5:
6c:4a:20:9a:d4:49:dc:0e:31:91:05:73:f6:dd:6a:
72:41:25:ea:fc:f3:15:b1:f1:35:31:57:50:5b:35:
31:f2:00:ae:c5:44:d3:a3:aa:03:89:a7:9d:67:63:
9a:28:dd:c7:e0:d8:b5:b9:0c:15:bf:6f:47:cb:40:
0a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:B2:3F:AF:DE:7E:9D:13:AB:54:ED:C8:F0:13:B3:08:A2:B0:88:43
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Z7I_r95-nROrVO3I8BOzCKKwiEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:9f:e6:08:ab:f8:5d:85:00:29:b5:ba:d3:7e:d7:01:14:6e:
2a:62:95:c9:0b:2b:2e:93:2e:be:b9:39:0b:17:eb:41:ae:39:
f7:93:47:18:49:56:f6:58:44:ab:68:41:6a:d0:4f:62:82:f2:
ff:c0:3f:b0:a0:d9:b1:a4:2f:48:5f:0e:c2:95:b8:ce:b6:ea:
ac:ee:c4:45:c5:9d:1d:3b:b9:54:ab:e0:64:d6:db:d4:9b:53:
49:4e:43:86:57:d0:cc:10:f5:64:ce:be:96:6f:db:29:13:d1:
55:58:74:fe:a4:7d:65:3c:41:98:5d:fa:7c:5f:39:13:35:2b:
ea:86:22:db:c3:7f:b1:d2:cc:dc:1e:d1:06:a8:b6:2a:50:ff:
40:18:34:ce:8d:1c:d4:4f:e3:9c:33:fa:1a:d3:ed:cb:c5:7d:
b8:2f:e9:68:77:10:9c:fa:d6:b8:d6:53:c0:87:c1:08:99:73:
32:bf:92:cd:bc:14:78:09:09:5c:b1:e1:b9:86:23:3a:cf:30:
d3:9f:05:fa:b5:d6:08:26:d4:7d:53:51:3e:52:2a:44:09:15:
79:12:08:99:ac:0d:49:0d:b0:d8:67:40:45:09:de:e2:7a:3e:
52:46:db:cb:45:56:74:a0:e0:68:40:45:a8:be:4f:f6:f3:11:
9a:33:f4:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYgcggzG9xznWnHUX/E1orxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTE0MjMwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2IyM2ZhZmRlN2U5ZDEzYWI1NGVkYzhmMDEzYjMwOGEyYjA4ODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+5AIKChzwhtVAaIBLuJJ60xRHxk
Kk3yQX2QZj2Ai1uMmM4ImuEnj46mxOXz9lv0CQSp3DSu5Gkf3tLq2DUoLvukwtM5
10wNRBJE+yC2C40IB8Dhlzwh5g1TADvAPjke+IVOLa/1mxrmv+YLcklQYJLhlcHa
8vkvnyygZpmHzhi1vbVJ4ZnSjnWjDrKIaEzK/8dPwdUsPiCB61Ry5axfspeWaYYP
2j9F4NMVOkIsNnUXYYFsDrtiPS8w2SElg5/toPVsSiCa1EncDjGRBXP23WpyQSXq
/PMVsfE1MVdQWzUx8gCuxUTTo6oDiaedZ2OaKN3H4Ni1uQwVv29Hy0AKVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGeyP6/efp0Tq1TtyPATswiisIhDMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWjdJX3I5NS1uUk9yVk8zSThCT3pDS0t3aUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIef5gir+F2FACm1utN+
1wEUbipilckLKy6TLr65OQsX60GuOfeTRxhJVvZYRKtoQWrQT2KC8v/AP7Cg2bGk
L0hfDsKVuM626qzuxEXFnR07uVSr4GTW29SbU0lOQ4ZX0MwQ9WTOvpZv2ykT0VVY
dP6kfWU8QZhd+nxfORM1K+qGItvDf7HSzNwe0QaotipQ/0AYNM6NHNRP45wz+hrT
7cvFfbgv6Wh3EJz61rjWU8CHwQiZczK/ks28FHgJCVyx4bmGIzrPMNOfBfq11ggm
1H1TUT5SKkQJFXkSCJmsDUkNsNhnQEUJ3uJ6PlJG28tFVnSg4GhARai+T/bzEZoz
9OE=
-----END CERTIFICATE-----
Generated at Thu May 1 08:26:52 2025 by rpki-client