Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Zwl7XvF6BwbuEbYAL6tWchBO9Mw.roa
File: Zwl7XvF6BwbuEbYAL6tWchBO9Mw.roa (raw, json)
Hash identifier: WO83tI41WkaM2Wga8PIt3PioVUtWL11LmUthX/A6foY=
Subject key identifier: 67:09:7B:5E:F1:7A:07:06:EE:11:B6:00:2F:AB:56:72:10:4E:F4:CC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E4B33F3E7A3A97EB146BF62D18E3BB5C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Zwl7XvF6BwbuEbYAL6tWchBO9Mw.roa
Signing time: Fri 11 Aug 2023 13:04:59 +0000
ROA not before: Fri 11 Aug 2023 13:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:e4b2:99c8/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e4:b3:3f:3e:7a:3a:97:eb:14:6b:f6:2d:18:e3:bb:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 11 13:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67097b5ef17a0706ee11b6002fab5672104ef4cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f0:f1:20:8f:c6:a3:11:d6:6c:38:0c:96:7d:
fd:63:6a:88:0d:ee:e8:d5:97:e9:32:c4:4a:9c:06:
22:c5:9e:ba:3a:b6:2c:54:42:99:77:58:b7:82:94:
50:67:59:7c:85:41:c8:28:8a:59:e7:cf:6b:95:1a:
f9:e0:10:73:53:d8:d8:2d:08:08:91:6a:84:8a:7c:
07:d7:7e:ff:3a:cc:79:34:de:4c:b2:8b:0a:b3:5e:
71:7d:7d:bb:a1:75:fa:69:27:64:75:09:16:a0:cc:
14:f2:cf:46:b2:90:11:7a:aa:a2:d0:f0:2c:c7:22:
58:b6:b2:90:75:08:a2:c8:88:9d:cf:dd:a1:12:7a:
99:13:a7:1b:cb:88:9b:79:43:d0:0b:79:bf:56:82:
73:70:a6:ee:60:a0:4d:3e:ad:33:35:10:ad:c8:3b:
60:08:45:31:d1:f9:1a:5e:68:a5:bf:62:e9:0a:db:
03:e8:48:54:55:75:48:01:ea:59:ef:c7:4b:e6:22:
7e:52:b2:20:c6:fc:e9:fb:66:b0:78:b6:d2:0b:bc:
80:01:43:d0:da:1f:5d:a3:2e:6f:6d:c6:13:a9:4e:
9e:bf:43:a1:8b:ce:f8:a1:6e:76:3d:cf:9f:12:8d:
a7:cd:58:86:be:4c:c7:ea:c8:5f:a0:84:1b:76:57:
f6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:09:7B:5E:F1:7A:07:06:EE:11:B6:00:2F:AB:56:72:10:4E:F4:CC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Zwl7XvF6BwbuEbYAL6tWchBO9Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:b9:37:d2:fe:d7:21:63:62:a3:0b:da:69:50:32:2c:c2:35:
16:08:31:ef:ab:a9:f9:0e:98:68:ad:33:7f:5f:64:11:bf:44:
92:96:db:67:1e:f2:4d:8b:af:81:07:c6:0a:fa:ef:0c:9e:ae:
5d:ec:fd:97:7f:e4:d7:ac:b9:4f:26:c6:21:e4:07:8f:4e:66:
be:6f:52:3e:80:ef:04:6f:23:23:25:5e:c6:66:db:d2:22:6c:
e4:87:09:63:89:26:56:c9:52:c8:f7:fd:92:7f:0e:56:26:b7:
12:de:6b:69:51:ed:52:d8:c4:bd:65:18:f8:1f:aa:03:c0:aa:
ba:4e:a9:e7:cb:5d:a0:c4:bc:a5:37:38:1b:cf:88:7b:d9:67:
aa:e1:4f:58:67:5b:9a:d3:a2:35:67:c4:20:ae:40:9d:75:9d:
ad:d1:78:db:6e:66:75:2a:75:4d:ce:a5:71:46:a8:5d:30:10:
56:2a:1f:c1:f2:07:63:61:66:c3:50:84:90:62:e5:3c:20:a8:
85:a6:85:67:95:a0:88:ee:b6:e8:8f:7b:a9:95:0c:d2:18:0a:
39:c7:fe:28:9f:28:16:1b:72:2f:56:90:74:de:7e:58:95:7b:
61:f4:d3:36:7d:7b:10:45:d0:32:cc:2c:61:40:6e:d3:ab:2f:
e4:aa:6b:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnksz8+ejqX6xRr9i0Y47tcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODExMTMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzA5N2I1ZWYxN2EwNzA2ZWUxMWI2MDAyZmFiNTY3MjEwNGVmNGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfDxII/GoxHWbDgMln39Y2qIDe7o
1ZfpMsRKnAYixZ66OrYsVEKZd1i3gpRQZ1l8hUHIKIpZ589rlRr54BBzU9jYLQgI
kWqEinwH137/Osx5NN5MsosKs15xfX27oXX6aSdkdQkWoMwU8s9GspAReqqi0PAs
xyJYtrKQdQiiyIidz92hEnqZE6cby4ibeUPQC3m/VoJzcKbuYKBNPq0zNRCtyDtg
CEUx0fkaXmilv2LpCtsD6EhUVXVIAepZ78dL5iJ+UrIgxvzp+2aweLbSC7yAAUPQ
2h9doy5vbcYTqU6ev0Ohi874oW52Pc+fEo2nzViGvkzH6shfoIQbdlf2ywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGcJe17xegcG7hG2AC+rVnIQTvTMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWndsN1h2RjZCd2J1RWJZQUw2dFdjaEJPOU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHG5N9L+1yFjYqML2mlQ
MizCNRYIMe+rqfkOmGitM39fZBG/RJKW22ce8k2Lr4EHxgr67wyerl3s/Zd/5Nes
uU8mxiHkB49OZr5vUj6A7wRvIyMlXsZm29IibOSHCWOJJlbJUsj3/ZJ/DlYmtxLe
a2lR7VLYxL1lGPgfqgPAqrpOqefLXaDEvKU3OBvPiHvZZ6rhT1hnW5rTojVnxCCu
QJ11na3ReNtuZnUqdU3OpXFGqF0wEFYqH8HyB2NhZsNQhJBi5TwgqIWmhWeVoIju
tuiPe6mVDNIYCjnH/iifKBYbci9WkHTefliVe2H00zZ9exBF0DLMLGFAbtOrL+Sq
a4o=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:40:47 2025 by rpki-client