Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a1QS4MZefwV7YMAEbpQ_Fwqz9Y8.roa
File: a1QS4MZefwV7YMAEbpQ_Fwqz9Y8.roa (raw, json)
Hash identifier: mzoOycn1vcd18TWm/boromNXg8mKhYM+n+kCyCpr7h0=
Subject key identifier: 6B:54:12:E0:C6:5E:7F:05:7B:60:C0:04:6E:94:3F:17:0A:B3:F5:8F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018724E986A2CFC55B3A9FAB703F7CD76112
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a1QS4MZefwV7YMAEbpQ_Fwqz9Y8.roa
Signing time: Mon 27 Mar 2023 21:11:36 +0000
ROA not before: Mon 27 Mar 2023 21:11:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:24:e9:86:a2:cf:c5:5b:3a:9f:ab:70:3f:7c:d7:61:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 27 21:11:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b5412e0c65e7f057b60c0046e943f170ab3f58f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f1:ab:1e:84:34:d7:42:de:b4:5e:dd:e8:a0:
bf:cd:4c:fb:7f:61:99:21:93:b4:9c:7c:34:13:6f:
0f:7e:26:45:1d:35:af:13:be:f8:f6:45:30:2f:cd:
9a:95:d7:97:53:4e:3e:53:ec:bc:b4:08:85:63:b5:
4c:bf:42:a6:69:93:ca:03:7c:74:ae:a4:d9:01:1f:
30:13:26:48:64:bc:f2:1d:20:a4:8a:94:20:bd:57:
55:cc:66:51:b0:59:fe:f2:76:03:df:b6:dd:5b:f3:
9a:55:2e:e2:0e:42:04:d7:ac:47:8f:fd:ab:5b:5d:
a3:fe:e1:29:bb:fc:b4:14:4e:4c:33:f2:5d:1e:58:
6e:91:35:87:ee:9a:1d:3a:ed:f3:44:be:b4:ad:ba:
58:93:3a:1b:34:1d:81:93:62:37:73:c3:bf:e4:34:
14:6c:ab:d2:22:e9:3b:8e:57:3c:2a:b0:51:20:a2:
7b:34:73:95:ad:02:02:47:12:61:18:e8:00:a4:2a:
60:db:40:1e:35:cc:8c:0a:7e:20:18:9a:d3:05:13:
29:c2:10:a8:75:f7:2d:53:8b:30:03:fe:fb:91:1a:
61:64:49:a1:16:03:b7:35:34:fe:9e:6d:22:41:2e:
3c:ee:36:5f:37:27:65:63:3a:50:22:a7:10:f5:36:
67:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:54:12:E0:C6:5E:7F:05:7B:60:C0:04:6E:94:3F:17:0A:B3:F5:8F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a1QS4MZefwV7YMAEbpQ_Fwqz9Y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:85:c7:a3:b0:1b:75:66:be:52:ee:c9:f3:14:13:94:31:5b:
94:27:f4:c0:7c:d5:0d:a1:ea:18:0d:98:95:19:03:10:78:64:
47:b8:a2:bf:29:71:73:d8:21:aa:89:12:7d:b5:70:da:4c:58:
cb:f6:c7:56:38:cc:b0:60:29:3b:37:c8:e7:02:11:21:dd:ec:
6f:a3:05:87:05:61:81:a9:c7:2b:19:c1:6c:01:fa:4b:e4:22:
2c:7e:d9:ac:41:13:ce:79:7f:31:e2:30:6d:df:c4:7f:4e:f7:
05:33:d6:1d:72:52:9c:46:99:79:a1:fb:09:e4:d9:9f:38:f0:
bd:c4:8d:97:96:c8:44:4c:4a:a0:bc:27:37:1f:6f:cf:2e:1e:
64:40:34:c7:f2:4e:39:66:89:2e:10:a9:c4:bf:0c:e4:73:1c:
51:43:a3:0a:06:c1:01:ea:2c:82:56:95:d2:51:76:c4:2b:e8:
70:51:43:80:bc:07:58:45:8b:18:da:e1:45:54:bd:9a:12:8c:
10:4e:a9:59:79:48:3a:6a:70:41:df:8c:3f:09:4b:5d:e7:4f:
ca:b5:61:e8:6e:81:77:59:fc:4a:c8:fa:02:4b:b9:35:12:c9:
8b:1a:b0:ac:74:29:33:d8:c9:fd:34:80:0e:3f:3b:a5:00:03:
56:69:fc:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYck6Yaiz8VbOp+rcD9812ESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI3MjExMTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjU0MTJlMGM2NWU3ZjA1N2I2MGMwMDQ2ZTk0M2YxNzBhYjNmNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/GrHoQ010LetF7d6KC/zUz7f2GZ
IZO0nHw0E28PfiZFHTWvE7749kUwL82aldeXU04+U+y8tAiFY7VMv0KmaZPKA3x0
rqTZAR8wEyZIZLzyHSCkipQgvVdVzGZRsFn+8nYD37bdW/OaVS7iDkIE16xHj/2r
W12j/uEpu/y0FE5MM/JdHlhukTWH7podOu3zRL60rbpYkzobNB2Bk2I3c8O/5DQU
bKvSIuk7jlc8KrBRIKJ7NHOVrQICRxJhGOgApCpg20AeNcyMCn4gGJrTBRMpwhCo
dfctU4swA/77kRphZEmhFgO3NTT+nm0iQS487jZfNydlYzpQIqcQ9TZnvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGtUEuDGXn8Fe2DABG6UPxcKs/WPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYTFRUzRNWmVmd1Y3WU1BRWJwUV9Gd3F6OVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJmFx6OwG3VmvlLuyfMU
E5QxW5Qn9MB81Q2h6hgNmJUZAxB4ZEe4or8pcXPYIaqJEn21cNpMWMv2x1Y4zLBg
KTs3yOcCESHd7G+jBYcFYYGpxysZwWwB+kvkIix+2axBE855fzHiMG3fxH9O9wUz
1h1yUpxGmXmh+wnk2Z848L3EjZeWyERMSqC8Jzcfb88uHmRANMfyTjlmiS4QqcS/
DORzHFFDowoGwQHqLIJWldJRdsQr6HBRQ4C8B1hFixja4UVUvZoSjBBOqVl5SDpq
cEHfjD8JS13nT8q1YehugXdZ/ErI+gJLuTUSyYsasKx0KTPYyf00gA4/O6UAA1Zp
/CY=
-----END CERTIFICATE-----
Generated at Thu May 1 23:59:17 2025 by rpki-client