Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_1nhowpB--JYmcB6V6a5DUoPApg.roa
File: _1nhowpB--JYmcB6V6a5DUoPApg.roa (raw, json)
Hash identifier: PjjQU5l2FZbGGg6ba3DFuGK0jjXlzme55TmnpzySUk0=
Subject key identifier: FF:59:E1:A3:0A:41:FB:E2:58:99:C0:7A:57:A6:B9:0D:4A:0F:02:98
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A26D704BD002BEA696C332E687473FFD4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_1nhowpB--JYmcB6V6a5DUoPApg.roa
Signing time: Thu 24 Aug 2023 09:19:00 +0000
ROA not before: Thu 24 Aug 2023 09:19:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:d7:04:bd:00:2b:ea:69:6c:33:2e:68:74:73:ff:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 24 09:19:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff59e1a30a41fbe25899c07a57a6b90d4a0f0298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:00:7e:e8:d3:10:47:a9:f6:98:f2:d5:48:df:
a7:93:ba:c8:c2:89:eb:38:71:01:92:58:49:d3:ee:
f9:b7:aa:ee:21:bf:d0:73:e5:fa:30:2f:ab:e1:50:
80:8e:72:cd:29:31:90:d0:23:b4:e0:c5:d4:44:89:
98:02:a6:b4:ff:01:0d:a6:1a:dd:62:2b:cc:53:2a:
dd:f3:a4:80:7c:25:78:19:c7:2f:f9:b4:02:46:d8:
8d:3a:15:96:0b:ba:a5:e2:ab:c3:3b:e8:9c:6c:40:
5d:52:37:8d:4c:fb:c4:a4:40:9b:17:3a:7e:40:e3:
c3:70:54:14:a7:ba:e8:4f:e9:62:0c:ab:45:f7:39:
67:d7:f2:24:03:8f:de:32:e8:50:ab:e0:b7:f3:c2:
20:a0:b5:00:ef:63:07:32:d3:d3:8f:77:c0:bb:29:
f9:f4:2e:7c:55:7a:bd:54:a1:8e:ab:78:95:70:14:
5d:28:9d:ea:62:f0:f7:b9:63:54:6e:e0:5c:64:d1:
d8:03:e5:06:40:3a:f1:ff:07:1d:a4:fe:9b:5f:5b:
79:1a:76:30:ed:0b:b3:bb:c6:1f:f7:a5:ed:47:59:
d3:f8:07:23:b7:34:7d:6d:f7:dc:50:10:9f:1f:a7:
61:7a:8d:a1:57:f6:e2:c2:d0:13:57:b9:50:82:c4:
56:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:59:E1:A3:0A:41:FB:E2:58:99:C0:7A:57:A6:B9:0D:4A:0F:02:98
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_1nhowpB--JYmcB6V6a5DUoPApg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:0c:65:66:24:f1:35:51:f7:34:3c:8e:b8:94:43:81:b1:9d:
06:12:10:38:33:38:76:8b:bc:2b:b2:1b:32:88:95:38:73:e1:
bb:85:bb:28:ce:f4:7b:10:c1:1f:35:f2:6f:15:94:85:d6:ba:
0d:fe:70:76:12:4a:3d:f8:56:2d:d4:aa:d4:b7:6b:5d:e3:f1:
d9:53:77:09:dc:f7:fd:1f:6c:e6:f8:78:ba:2c:f8:2d:65:92:
31:3d:9b:07:1a:e6:d5:f3:c0:0e:68:b2:45:de:16:03:be:ed:
74:ef:85:1f:5b:e7:c3:f7:01:50:96:f3:39:f2:54:2d:e6:62:
2d:69:dd:0e:96:fe:83:77:b9:c0:ac:a0:13:b2:59:b6:4d:07:
6d:63:de:da:7b:3d:52:f5:90:83:af:bc:95:cc:dd:b2:dd:0c:
8d:c3:d6:e5:26:9d:c8:0a:2c:ac:d6:c4:0b:0c:42:de:0e:b1:
76:40:93:62:e9:cb:64:4f:33:de:9f:21:da:0c:95:1f:e5:5f:
b5:9f:e2:34:14:b5:9c:95:8a:4d:5f:26:c4:9a:4b:dd:5a:3d:
93:d6:36:cb:5f:40:fa:6f:0b:95:f9:62:e6:99:ff:ed:c6:79:
32:f1:d1:32:8e:6d:ee:b9:84:44:85:ad:c1:2d:0d:e9:14:ea:
ee:5e:50:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYom1wS9ACvqaWwzLmh0c//UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI0MDkxOTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjU5ZTFhMzBhNDFmYmUyNTg5OWMwN2E1N2E2YjkwZDRhMGYwMjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowB+6NMQR6n2mPLVSN+nk7rIwonr
OHEBklhJ0+75t6ruIb/Qc+X6MC+r4VCAjnLNKTGQ0CO04MXURImYAqa0/wENphrd
YivMUyrd86SAfCV4Gccv+bQCRtiNOhWWC7ql4qvDO+icbEBdUjeNTPvEpECbFzp+
QOPDcFQUp7roT+liDKtF9zln1/IkA4/eMuhQq+C388IgoLUA72MHMtPTj3fAuyn5
9C58VXq9VKGOq3iVcBRdKJ3qYvD3uWNUbuBcZNHYA+UGQDrx/wcdpP6bX1t5GnYw
7Quzu8Yf96XtR1nT+AcjtzR9bffcUBCfH6dheo2hV/biwtATV7lQgsRW8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP9Z4aMKQfviWJnAelemuQ1KDwKYMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvXzFuaG93cEItLUpZbWNCNlY2YTVEVW9QQXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAMMZWYk8TVR9zQ8jriU
Q4GxnQYSEDgzOHaLvCuyGzKIlThz4buFuyjO9HsQwR818m8VlIXWug3+cHYSSj34
Vi3UqtS3a13j8dlTdwnc9/0fbOb4eLos+C1lkjE9mwca5tXzwA5oskXeFgO+7XTv
hR9b58P3AVCW8znyVC3mYi1p3Q6W/oN3ucCsoBOyWbZNB21j3tp7PVL1kIOvvJXM
3bLdDI3D1uUmncgKLKzWxAsMQt4OsXZAk2Lpy2RPM96fIdoMlR/lX7Wf4jQUtZyV
ik1fJsSaS91aPZPWNstfQPpvC5X5YuaZ/+3GeTLx0TKObe65hESFrcEtDekU6u5e
UIk=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:25:27 2025 by rpki-client