Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZiyV3pu0M-xlWD9jyp5FONUZkto.roa
File: ZiyV3pu0M-xlWD9jyp5FONUZkto.roa (raw, json)
Hash identifier: QAQJpH1zipsomfpvzQ4OP/G4gCSMVplN8HW0vxcpfRA=
Subject key identifier: 66:2C:95:DE:9B:B4:33:EC:65:58:3F:63:CA:9E:45:38:D5:19:92:DA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018570E2AE914EC47CD905DC7BD79CCD1216
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZiyV3pu0M-xlWD9jyp5FONUZkto.roa
Signing time: Mon 02 Jan 2023 05:09:42 +0000
ROA not before: Mon 02 Jan 2023 05:09:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e2:ae:91:4e:c4:7c:d9:05:dc:7b:d7:9c:cd:12:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 2 05:09:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=662c95de9bb433ec65583f63ca9e4538d51992da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:88:87:7f:20:20:89:2d:78:f6:e3:66:16:64:
07:77:f1:5b:30:3e:71:c3:53:1c:1c:20:35:98:f2:
b7:1b:78:65:dc:40:be:86:d9:45:f4:ce:4b:9d:c6:
9b:8e:f9:f2:d5:99:d2:06:db:00:d6:d8:ad:6c:12:
40:35:03:72:ca:61:ee:93:d4:53:76:39:68:af:fb:
8f:c1:5f:21:dd:df:59:c1:1c:d3:bd:0c:9f:e0:77:
bb:39:91:16:6e:b0:b9:f9:6f:ae:86:d1:bd:ff:08:
5e:17:87:28:9a:68:af:1a:01:e9:cb:38:2c:82:49:
6a:27:2f:3b:a4:88:86:31:33:d4:ab:d2:1f:83:28:
df:c9:98:a2:f0:52:05:df:f2:ba:d8:9f:f8:d0:6b:
9c:38:e2:51:21:18:4a:97:c3:70:8e:c9:c2:85:22:
27:6f:99:cc:2e:e9:a2:7e:77:1e:96:e5:bd:f5:6f:
23:25:11:26:15:a2:84:27:8a:93:09:31:42:a6:c0:
22:5b:4d:49:de:c4:bd:7d:73:84:c7:6f:2d:eb:59:
31:64:cb:04:fb:de:f8:f0:34:f3:e0:d6:b7:f7:55:
49:3c:8e:2a:12:4d:c9:e7:73:f2:3a:57:7f:a7:de:
69:54:ed:c3:ee:35:ea:66:92:3a:c5:b4:40:06:f6:
ba:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2C:95:DE:9B:B4:33:EC:65:58:3F:63:CA:9E:45:38:D5:19:92:DA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZiyV3pu0M-xlWD9jyp5FONUZkto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:05:df:6f:05:b1:ce:e6:bb:cd:3a:d7:5d:63:3a:0d:d7:3f:
01:66:92:7b:bd:e5:95:84:9d:e5:0e:43:8c:af:19:cf:e7:05:
ee:f9:b7:fa:78:11:e8:1a:79:a0:9a:0f:e3:f0:a6:f7:ee:cc:
17:b0:44:bf:31:48:9f:35:75:f3:08:a3:29:47:34:d1:25:41:
ff:9c:0e:d4:fb:61:50:30:e3:ab:85:fa:0b:66:09:68:ea:55:
5b:8d:94:0a:52:a4:2a:72:63:90:bc:02:68:10:fc:07:21:de:
56:ea:0d:7a:02:9d:f2:61:96:31:dc:7c:2d:90:72:19:e9:f6:
b2:46:c9:9f:58:92:e2:b4:61:02:5a:4b:69:ab:75:b3:0c:78:
4f:14:d1:5a:56:cb:70:1c:f3:5b:6d:1a:e4:84:ff:0a:07:d3:
38:a1:30:23:59:f7:33:ea:3f:26:48:62:1f:84:27:5d:c2:83:
ee:50:72:69:76:c3:1d:32:9d:c8:c4:01:72:d4:60:a5:dd:e1:
d3:dc:51:24:7b:00:fb:33:81:9d:67:33:38:94:c4:07:eb:1a:
a5:9b:af:32:3b:a1:b3:b1:5f:1b:4c:16:2f:b3:1e:9e:ff:75:
e6:7f:9b:37:cc:76:a3:28:f1:33:e9:c7:07:15:75:19:8b:81:
17:a7:70:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVw4q6RTsR82QXce9eczRIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAyMDUwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjJjOTVkZTliYjQzM2VjNjU1ODNmNjNjYTllNDUzOGQ1MTk5MmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54iHfyAgiS149uNmFmQHd/FbMD5x
w1McHCA1mPK3G3hl3EC+htlF9M5Lncabjvny1ZnSBtsA1titbBJANQNyymHuk9RT
djlor/uPwV8h3d9ZwRzTvQyf4He7OZEWbrC5+W+uhtG9/wheF4commivGgHpyzgs
gklqJy87pIiGMTPUq9IfgyjfyZii8FIF3/K62J/40GucOOJRIRhKl8NwjsnChSIn
b5nMLumifnceluW99W8jJREmFaKEJ4qTCTFCpsAiW01J3sS9fXOEx28t61kxZMsE
+9748DTz4Na391VJPI4qEk3J53PyOld/p95pVO3D7jXqZpI6xbRABva6yQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGYsld6btDPsZVg/Y8qeRTjVGZLaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWml5VjNwdTBNLXhsV0Q5anlwNUZPTlVaa3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKsF328Fsc7mu806111j
Og3XPwFmknu95ZWEneUOQ4yvGc/nBe75t/p4EegaeaCaD+PwpvfuzBewRL8xSJ81
dfMIoylHNNElQf+cDtT7YVAw46uF+gtmCWjqVVuNlApSpCpyY5C8AmgQ/Ach3lbq
DXoCnfJhljHcfC2Qchnp9rJGyZ9YkuK0YQJaS2mrdbMMeE8U0VpWy3Ac81ttGuSE
/woH0zihMCNZ9zPqPyZIYh+EJ13Cg+5Qcml2wx0yncjEAXLUYKXd4dPcUSR7APsz
gZ1nMziUxAfrGqWbrzI7obOxXxtMFi+zHp7/deZ/mzfMdqMo8TPpxwcVdRmLgRen
cAE=
-----END CERTIFICATE-----
Generated at Sat May 3 06:50:07 2025 by rpki-client