Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_nYDUSx0CsV206aOksnQtUhmDkE.roa
File: _nYDUSx0CsV206aOksnQtUhmDkE.roa (raw, json)
Hash identifier: Uh9mR2eNFDfl6NiW3Nn8R+EiR0bXqTZoxIEDcDsC2/s=
Subject key identifier: FE:76:03:51:2C:74:0A:C5:76:D3:A6:8E:92:C9:D0:B5:48:66:0E:41
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018742C0F62F5FE4298D22040228F129BED2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_nYDUSx0CsV206aOksnQtUhmDkE.roa
Signing time: Sun 02 Apr 2023 16:15:54 +0000
ROA not before: Sun 02 Apr 2023 16:15:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:42:c0:f6:2f:5f:e4:29:8d:22:04:02:28:f1:29:be:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 2 16:15:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe7603512c740ac576d3a68e92c9d0b548660e41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d3:9e:15:5c:eb:eb:64:df:db:37:53:01:c8:
80:3a:0e:55:d5:ca:1f:52:55:d1:07:d3:05:f0:6f:
74:5f:26:63:d5:51:0b:b4:f7:2d:af:d2:5a:a6:14:
21:eb:81:79:ca:72:09:19:eb:92:be:d0:31:f4:e1:
42:12:de:10:6a:21:15:ad:cf:83:a3:30:a1:55:85:
2e:88:72:08:dd:93:2f:55:90:6f:a7:1a:83:60:af:
63:a6:27:0c:8f:f1:03:0f:d3:c7:8b:33:06:80:c1:
f3:57:76:13:26:79:29:c1:9d:af:b6:73:3e:9a:05:
b5:ed:f7:e0:8c:c7:78:9f:10:d0:ed:aa:82:83:ad:
70:ff:99:5e:83:41:d0:e2:e8:d0:8e:bc:d7:68:8c:
b2:4a:db:35:3e:5d:40:23:01:ae:6e:10:a5:cb:e9:
c2:43:e2:c1:6a:5e:fb:ff:a6:dd:34:7d:a8:b1:c9:
a5:73:99:66:ae:d1:77:7c:7e:b4:3b:8e:b0:ac:14:
94:3b:bd:63:d6:d4:94:5c:c0:c6:49:89:0b:77:68:
54:6f:56:a9:25:dd:77:7e:b0:77:12:23:f8:48:dd:
6e:e4:f8:b4:85:96:17:42:0d:e4:de:4e:a5:1a:94:
f0:d5:ba:d3:1f:1b:7d:eb:fd:ae:f8:f2:78:12:23:
a5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:76:03:51:2C:74:0A:C5:76:D3:A6:8E:92:C9:D0:B5:48:66:0E:41
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_nYDUSx0CsV206aOksnQtUhmDkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:cc:77:58:54:97:22:6e:5e:3b:24:ce:8b:1f:f4:fe:b6:c0:
e4:61:2e:d2:35:ea:a6:38:33:a9:0d:20:48:ba:9a:08:14:10:
52:e9:85:5f:ad:62:7b:90:91:f3:9d:da:db:5f:c4:2b:fb:50:
62:2e:85:5d:d0:e8:c4:e4:7d:2d:e7:81:41:4d:2f:1b:dc:9d:
ca:0b:1a:89:a5:2b:17:52:e2:4c:71:c3:f5:2d:fb:48:0e:28:
8b:1e:b5:05:56:ab:0a:fd:ad:4b:99:95:4c:a7:f0:60:34:68:
40:cb:6f:c9:6b:a1:b3:84:5f:cf:48:c7:9b:05:c2:ee:16:e0:
68:88:a5:5f:6e:e8:b6:23:6e:3c:3d:03:7d:02:60:8a:a2:78:
ac:e5:e9:7d:ec:6a:45:20:7a:69:fd:ca:e7:99:c5:b6:15:4b:
e1:99:33:cb:c9:7d:fc:8a:3d:e7:bb:98:5f:6d:da:fb:c8:c4:
2b:a2:cf:bb:26:c1:fc:fa:1a:1f:83:64:0e:2c:c4:95:b3:fb:
aa:60:a5:33:b9:89:5e:50:45:79:3b:17:75:3a:3c:20:d3:aa:
29:57:9c:24:f5:f7:c3:d9:ce:16:93:db:3e:70:ec:67:43:4f:
c9:9b:1f:e0:9f:a4:22:df:90:81:f4:19:0b:d3:a4:df:54:16:
75:20:6f:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdCwPYvX+QpjSIEAijxKb7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDAyMTYxNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTc2MDM1MTJjNzQwYWM1NzZkM2E2OGU5MmM5ZDBiNTQ4NjYwZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9OeFVzr62Tf2zdTAciAOg5V1cof
UlXRB9MF8G90XyZj1VELtPctr9JaphQh64F5ynIJGeuSvtAx9OFCEt4QaiEVrc+D
ozChVYUuiHII3ZMvVZBvpxqDYK9jpicMj/EDD9PHizMGgMHzV3YTJnkpwZ2vtnM+
mgW17ffgjMd4nxDQ7aqCg61w/5leg0HQ4ujQjrzXaIyySts1Pl1AIwGubhCly+nC
Q+LBal77/6bdNH2oscmlc5lmrtF3fH60O46wrBSUO71j1tSUXMDGSYkLd2hUb1ap
Jd13frB3EiP4SN1u5Pi0hZYXQg3k3k6lGpTw1brTHxt96/2u+PJ4EiOl1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP52A1EsdArFdtOmjpLJ0LVIZg5BMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvX25ZRFVTeDBDc1YyMDZhT2tzblF0VWhtRGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABjMd1hUlyJuXjskzosf
9P62wORhLtI16qY4M6kNIEi6mggUEFLphV+tYnuQkfOd2ttfxCv7UGIuhV3Q6MTk
fS3ngUFNLxvcncoLGomlKxdS4kxxw/Ut+0gOKIsetQVWqwr9rUuZlUyn8GA0aEDL
b8lrobOEX89Ix5sFwu4W4GiIpV9u6LYjbjw9A30CYIqieKzl6X3sakUgemn9yueZ
xbYVS+GZM8vJffyKPee7mF9t2vvIxCuiz7smwfz6Gh+DZA4sxJWz+6pgpTO5iV5Q
RXk7F3U6PCDTqilXnCT198PZzhaT2z5w7GdDT8mbH+CfpCLfkIH0GQvTpN9UFnUg
b3I=
-----END CERTIFICATE-----
Generated at Thu May 1 09:59:36 2025 by rpki-client