Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_YIOCcD1qfOAXo2r9vBcMp1YvUg.roa
File: _YIOCcD1qfOAXo2r9vBcMp1YvUg.roa (raw, json)
Hash identifier: vCKTfWPoWm7v9LK2i2vAtUhxnQ3NfnvyibUOwI8Sn2M=
Subject key identifier: FD:82:0E:09:C0:F5:A9:F3:80:5E:8D:AB:F6:F0:5C:32:9D:58:BD:48
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186B44B04947F46E238AD920CEABE63E603
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_YIOCcD1qfOAXo2r9vBcMp1YvUg.roa
Signing time: Mon 06 Mar 2023 00:21:00 +0000
ROA not before: Mon 06 Mar 2023 00:21:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b4:4b:04:94:7f:46:e2:38:ad:92:0c:ea:be:63:e6:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 6 00:21:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd820e09c0f5a9f3805e8dabf6f05c329d58bd48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:61:f6:f6:5f:c6:2c:2d:61:b7:73:00:3d:2f:
83:f5:8f:34:fa:96:41:57:2d:e8:9b:e7:54:17:58:
1d:38:97:63:12:0c:03:8b:a9:e2:2f:ee:f0:08:e0:
dd:07:36:8a:96:ea:a4:b2:7f:1b:24:86:8d:37:d3:
41:39:c7:ee:2c:f8:54:b5:55:5f:80:2f:d0:1c:58:
a7:b6:9b:66:f4:3e:a7:c2:3e:15:99:4a:fd:0d:7b:
02:dc:9b:12:e4:1d:41:ca:46:66:1e:f2:29:7e:60:
e9:80:bd:da:f6:a6:58:97:7d:c2:14:01:f1:4e:89:
ea:cc:1e:15:5c:95:f3:60:39:be:8b:2c:b6:84:16:
66:2e:e7:08:f7:ae:5a:57:67:4b:83:5f:bf:9e:2d:
a4:3a:bd:ba:bb:d3:9c:2f:e7:69:9a:0f:26:9d:cd:
3e:0d:9f:65:5d:69:f9:96:3a:77:9f:86:55:5c:48:
04:2b:77:ba:53:95:f5:37:43:46:4d:97:06:58:14:
13:42:bd:b3:23:88:8a:c7:ec:ff:aa:6f:54:87:78:
5e:ea:58:aa:3f:70:62:e9:83:c4:58:9b:c0:ac:14:
12:68:e5:4a:55:6d:e8:59:ac:1b:cb:a7:ea:10:df:
97:1c:9e:5c:b0:1c:e3:20:1e:ff:be:d1:ac:04:e1:
00:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:82:0E:09:C0:F5:A9:F3:80:5E:8D:AB:F6:F0:5C:32:9D:58:BD:48
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_YIOCcD1qfOAXo2r9vBcMp1YvUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:a7:be:73:1b:d8:a4:8b:b3:26:93:c7:4f:b5:ad:c2:81:1f:
87:5a:3a:07:61:2a:cb:cf:39:de:77:38:56:6e:8f:80:41:69:
70:45:f2:a3:ae:d6:a9:21:33:ca:31:e6:ef:37:d6:3e:4f:26:
23:e2:d8:84:d0:2f:f4:e1:ca:ad:37:c8:9f:f5:c5:37:e3:c5:
e0:cc:33:99:68:ac:26:81:56:11:02:df:18:63:e5:88:d3:5d:
22:ba:aa:d5:8b:d0:9e:0f:88:19:af:29:97:14:55:03:fd:62:
92:55:00:f8:ba:4e:49:f2:af:f4:c7:8f:54:41:48:8f:db:99:
f8:a8:59:3e:05:3e:99:36:3f:6f:49:0b:57:37:ee:a7:56:1e:
5f:8c:b1:a9:24:c1:5e:1c:d8:d8:fb:71:c8:50:18:ab:16:f2:
4f:fc:57:4c:22:8d:88:77:02:d5:3b:02:10:85:34:7a:1b:55:
73:8a:44:41:56:a3:d4:7e:f9:83:e9:80:8b:c8:fb:49:dc:e0:
a1:03:29:c6:29:1d:53:77:fb:bc:ae:2c:3f:f4:b2:7b:05:a8:
3d:47:1a:e2:80:2e:e2:a1:0a:54:c1:c9:6d:0f:4f:92:1a:71:
e5:cf:94:a2:72:27:89:74:78:da:ba:d5:e6:39:5c:d6:ef:4f:
90:d1:a3:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYa0SwSUf0biOK2SDOq+Y+YDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA2MDAyMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDgyMGUwOWMwZjVhOWYzODA1ZThkYWJmNmYwNWMzMjlkNThiZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGH29l/GLC1ht3MAPS+D9Y80+pZB
Vy3om+dUF1gdOJdjEgwDi6niL+7wCODdBzaKluqksn8bJIaNN9NBOcfuLPhUtVVf
gC/QHFintptm9D6nwj4VmUr9DXsC3JsS5B1BykZmHvIpfmDpgL3a9qZYl33CFAHx
TonqzB4VXJXzYDm+iyy2hBZmLucI965aV2dLg1+/ni2kOr26u9OcL+dpmg8mnc0+
DZ9lXWn5ljp3n4ZVXEgEK3e6U5X1N0NGTZcGWBQTQr2zI4iKx+z/qm9Uh3he6liq
P3Bi6YPEWJvArBQSaOVKVW3oWawby6fqEN+XHJ5csBzjIB7/vtGsBOEAZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP2CDgnA9anzgF6Nq/bwXDKdWL1IMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvX1lJT0NjRDFxZk9BWG8ycjl2QmNNcDFZdlVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAGnvnMb2KSLsyaTx0+1
rcKBH4daOgdhKsvPOd53OFZuj4BBaXBF8qOu1qkhM8ox5u831j5PJiPi2ITQL/Th
yq03yJ/1xTfjxeDMM5lorCaBVhEC3xhj5YjTXSK6qtWL0J4PiBmvKZcUVQP9YpJV
APi6Tknyr/THj1RBSI/bmfioWT4FPpk2P29JC1c37qdWHl+MsakkwV4c2Nj7cchQ
GKsW8k/8V0wijYh3AtU7AhCFNHobVXOKREFWo9R++YPpgIvI+0nc4KEDKcYpHVN3
+7yuLD/0snsFqD1HGuKALuKhClTByW0PT5IaceXPlKJyJ4l0eNq61eY5XNbvT5DR
o08=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:39:38 2025 by rpki-client