Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZfHbjyFtK9JcQcWddoE4_Nm4y30.roa
File: ZfHbjyFtK9JcQcWddoE4_Nm4y30.roa (raw, json)
Hash identifier: 6chf6NaFKtQwv+ieX6IbyP/dOnLg7JyzxmTEJ1H9FBA=
Subject key identifier: 65:F1:DB:8F:21:6D:2B:D2:5C:41:C5:9D:76:81:38:FC:D9:B8:CB:7D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E2284AB9B4A3D2A282E4CF528931F5F8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZfHbjyFtK9JcQcWddoE4_Nm4y30.roa
Signing time: Fri 11 Aug 2023 01:13:58 +0000
ROA not before: Fri 11 Aug 2023 01:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e2:28:4a:b9:b4:a3:d2:a2:82:e4:cf:52:89:31:f5:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 11 01:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65f1db8f216d2bd25c41c59d768138fcd9b8cb7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2f:dc:43:63:c5:a8:9f:ea:bb:83:96:5f:5a:
2c:2a:18:3b:23:01:11:2c:b5:f9:08:4c:6e:a9:44:
0f:96:5f:2d:cf:81:1c:37:93:a8:d7:f9:72:51:07:
d2:59:d9:f8:cf:d4:81:fb:77:45:86:8f:38:c3:95:
65:50:b2:18:3c:65:5f:93:59:cd:be:d2:f2:d8:82:
8e:36:66:16:35:ab:c4:24:d0:ef:d2:40:d0:a7:e5:
70:59:83:fd:61:0e:79:38:9b:71:98:f6:51:b5:24:
a8:1a:ed:9c:a8:ac:2d:21:ab:c3:71:86:21:8a:3f:
b9:db:43:be:e7:09:00:fa:a3:58:64:eb:ae:ea:b2:
50:3e:4a:25:14:b5:70:5b:ea:a4:a5:cd:3b:cd:9f:
9b:ac:8a:15:8f:aa:c2:d6:08:1f:fc:c6:1f:24:33:
2c:3d:62:06:eb:eb:7a:a0:8c:a0:af:9b:99:74:5b:
52:3c:3f:98:21:e2:3b:b8:cf:7e:7b:f7:66:1e:12:
3f:f6:2b:0b:ef:bd:4f:df:8e:8b:67:b1:6a:0f:e9:
44:76:d8:96:d6:e6:49:43:24:47:86:f6:08:ab:c0:
d3:c1:4f:8c:15:1f:31:c1:78:33:a1:9b:e9:79:15:
5b:b8:8e:33:fc:1c:ee:0e:a6:ac:85:fa:94:a4:d6:
ca:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F1:DB:8F:21:6D:2B:D2:5C:41:C5:9D:76:81:38:FC:D9:B8:CB:7D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZfHbjyFtK9JcQcWddoE4_Nm4y30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:65:47:99:72:01:07:10:25:97:14:31:e3:a7:d0:18:47:1a:
56:b3:8e:14:64:8e:96:7c:b6:3f:55:04:66:7d:9b:6f:a2:3e:
02:ee:46:9e:14:ee:05:7d:1c:28:a8:6f:e5:c7:e0:1b:aa:01:
4d:79:90:36:56:38:a2:58:b7:c7:e1:00:bc:83:d2:d0:36:8e:
0b:28:cf:56:98:fa:3a:4f:bc:75:9c:f9:83:3e:a5:9e:51:8d:
1b:ec:15:de:9c:d4:ae:15:c2:15:93:26:8a:fa:6f:84:58:43:
a9:ad:c5:b8:0f:71:ff:65:e8:81:70:d1:01:db:fe:fc:0e:4c:
d5:0f:ba:18:39:b9:f6:b0:60:f8:a4:e3:5f:d7:01:49:db:90:
a5:57:e1:2a:d3:0d:05:34:ab:b4:9c:0b:5b:4e:c0:15:dd:44:
14:ad:b0:4c:40:f1:0f:1e:63:1d:fe:38:7f:77:58:8c:4c:60:
1d:c6:3c:a4:3c:35:5d:be:cc:2f:51:e7:be:0c:39:10:d9:12:
e8:76:45:22:d2:77:29:67:dd:49:d4:0a:24:c8:78:5c:90:8b:
a5:d0:b4:a8:e0:2b:a1:6e:34:59:dc:18:9e:64:24:fc:cb:d3:
39:13:54:3a:bd:65:70:43:5c:f8:3a:26:1f:3c:da:19:f6:6c:
1c:6b:c7:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYniKEq5tKPSooLkz1KJMfX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODExMDExMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWYxZGI4ZjIxNmQyYmQyNWM0MWM1OWQ3NjgxMzhmY2Q5YjhjYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAny/cQ2PFqJ/qu4OWX1osKhg7IwER
LLX5CExuqUQPll8tz4EcN5Oo1/lyUQfSWdn4z9SB+3dFho84w5VlULIYPGVfk1nN
vtLy2IKONmYWNavEJNDv0kDQp+VwWYP9YQ55OJtxmPZRtSSoGu2cqKwtIavDcYYh
ij+520O+5wkA+qNYZOuu6rJQPkolFLVwW+qkpc07zZ+brIoVj6rC1ggf/MYfJDMs
PWIG6+t6oIygr5uZdFtSPD+YIeI7uM9+e/dmHhI/9isL771P346LZ7FqD+lEdtiW
1uZJQyRHhvYIq8DTwU+MFR8xwXgzoZvpeRVbuI4z/BzuDqashfqUpNbKAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGXx248hbSvSXEHFnXaBOPzZuMt9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWmZIYmp5RnRLOUpjUWNXZGRvRTRfTm00eTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADFlR5lyAQcQJZcUMeOn
0BhHGlazjhRkjpZ8tj9VBGZ9m2+iPgLuRp4U7gV9HCiob+XH4BuqAU15kDZWOKJY
t8fhALyD0tA2jgsoz1aY+jpPvHWc+YM+pZ5RjRvsFd6c1K4VwhWTJor6b4RYQ6mt
xbgPcf9l6IFw0QHb/vwOTNUPuhg5ufawYPik41/XAUnbkKVX4SrTDQU0q7ScC1tO
wBXdRBStsExA8Q8eYx3+OH93WIxMYB3GPKQ8NV2+zC9R574MORDZEuh2RSLSdyln
3UnUCiTIeFyQi6XQtKjgK6FuNFncGJ5kJPzL0zkTVDq9ZXBDXPg6Jh882hn2bBxr
xw8=
-----END CERTIFICATE-----
Generated at Fri May 2 17:01:36 2025 by rpki-client