Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a9h6B8KMl0cEQsiADnFe9Uugvq4.roa
File: a9h6B8KMl0cEQsiADnFe9Uugvq4.roa (raw, json)
Hash identifier: +VLGSj0OM9YLe1uqwjwICS0faGJ6EpzKgKCNj0v+hw8=
Subject key identifier: 6B:D8:7A:07:C2:8C:97:47:04:42:C8:80:0E:71:5E:F5:4B:A0:BE:AE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186CD2AB5140AD37431394F07D148550CA4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a9h6B8KMl0cEQsiADnFe9Uugvq4.roa
Signing time: Fri 10 Mar 2023 20:16:13 +0000
ROA not before: Fri 10 Mar 2023 20:16:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cd:2a:b5:14:0a:d3:74:31:39:4f:07:d1:48:55:0c:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 10 20:16:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bd87a07c28c97470442c8800e715ef54ba0beae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c9:95:22:57:fa:df:9b:a7:44:9c:6e:14:c6:
02:ae:f3:24:ca:aa:b7:67:e2:70:b9:87:8a:07:77:
dc:a1:8b:01:87:5b:54:68:ec:e4:a2:99:fe:d8:4b:
fa:24:06:ff:b7:fb:d2:ad:fc:17:0a:ed:42:14:83:
d8:da:b0:6d:e6:a5:9d:20:e1:7e:a9:82:bb:23:f3:
29:79:64:8c:29:06:db:5e:0d:0e:d7:87:98:6c:e9:
fd:c5:f7:36:3f:4d:cf:cb:70:0c:ef:03:7f:1f:2b:
16:e0:6e:ff:4b:ee:0a:22:e0:36:b7:d6:30:e5:6c:
9e:e6:4f:30:bd:5a:eb:8e:6a:b6:7b:5a:dd:55:fa:
74:19:37:b5:80:39:d3:cf:b2:c2:36:62:ef:a2:df:
d7:77:fd:21:bb:ee:09:96:e4:62:8d:74:fb:83:3e:
32:dc:6f:a3:64:d4:15:e5:f4:1c:31:ee:bf:7b:11:
fa:0b:5e:43:5b:a1:62:a2:24:5f:4e:20:81:75:1c:
34:de:f4:5b:c9:18:16:e1:be:1b:11:2e:78:43:7f:
27:08:91:f9:39:31:34:35:e8:b2:c8:ab:aa:b5:ed:
ed:8e:ec:58:0c:bd:81:c3:13:84:06:74:c7:2e:8c:
fc:17:12:2f:46:31:61:58:69:7a:70:ba:15:2c:f5:
41:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D8:7A:07:C2:8C:97:47:04:42:C8:80:0E:71:5E:F5:4B:A0:BE:AE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/a9h6B8KMl0cEQsiADnFe9Uugvq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:c3:1d:2e:d9:c6:89:e6:cb:19:cd:f0:24:b2:d1:f3:82:f8:
3c:4c:4e:ee:09:62:f6:ad:39:e4:53:e2:cb:7b:8e:03:2e:e2:
a2:ef:00:36:81:ae:6e:1e:5d:e7:e9:7b:64:30:2e:ab:cd:1a:
8e:f7:6b:8d:0e:84:7f:a4:2f:2d:eb:a7:50:2a:7c:4a:8f:a6:
c8:94:41:a1:7f:bc:96:62:c9:67:1b:fd:9b:be:19:09:2f:90:
b3:37:4e:5d:ba:04:ff:c4:78:a7:96:f4:bb:d5:56:93:3a:bc:
34:91:c4:4c:39:7f:4a:23:be:5b:f4:ae:65:ce:f1:eb:59:6a:
b2:9d:b4:3f:37:34:dc:6d:d4:a3:36:fd:8e:f8:c7:2e:04:ae:
65:21:6d:9e:2d:1f:99:f0:7e:60:d4:00:6a:2d:47:d4:da:3b:
84:e6:c0:01:43:74:42:c3:81:16:e0:cf:9e:20:e2:d7:a4:41:
c4:b6:b9:54:a6:c3:22:65:f6:5b:ae:57:cd:cb:97:68:f1:85:
5b:25:04:56:c8:41:cd:0f:32:f3:49:3d:19:4d:14:33:77:37:
03:dd:5e:8e:0e:e6:9f:b8:e3:14:8e:c5:81:8f:b1:ef:c7:8d:
83:a8:29:74:a3:01:10:c8:b9:f7:b2:d0:f7:50:0d:3a:77:65:
e6:09:b6:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbNKrUUCtN0MTlPB9FIVQykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzEwMjAxNjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmQ4N2EwN2MyOGM5NzQ3MDQ0MmM4ODAwZTcxNWVmNTRiYTBiZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusmVIlf635unRJxuFMYCrvMkyqq3
Z+JwuYeKB3fcoYsBh1tUaOzkopn+2Ev6JAb/t/vSrfwXCu1CFIPY2rBt5qWdIOF+
qYK7I/MpeWSMKQbbXg0O14eYbOn9xfc2P03Py3AM7wN/HysW4G7/S+4KIuA2t9Yw
5Wye5k8wvVrrjmq2e1rdVfp0GTe1gDnTz7LCNmLvot/Xd/0hu+4JluRijXT7gz4y
3G+jZNQV5fQcMe6/exH6C15DW6FioiRfTiCBdRw03vRbyRgW4b4bES54Q38nCJH5
OTE0NeiyyKuqte3tjuxYDL2BwxOEBnTHLoz8FxIvRjFhWGl6cLoVLPVBxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGvYegfCjJdHBELIgA5xXvVLoL6uMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYTloNkI4S01sMGNFUXNpQURuRmU5VXVndnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIXDHS7ZxonmyxnN8CSy
0fOC+DxMTu4JYvatOeRT4st7jgMu4qLvADaBrm4eXefpe2QwLqvNGo73a40OhH+k
Ly3rp1AqfEqPpsiUQaF/vJZiyWcb/Zu+GQkvkLM3Tl26BP/EeKeW9LvVVpM6vDSR
xEw5f0ojvlv0rmXO8etZarKdtD83NNxt1KM2/Y74xy4ErmUhbZ4tH5nwfmDUAGot
R9TaO4TmwAFDdELDgRbgz54g4tekQcS2uVSmwyJl9luuV83Ll2jxhVslBFbIQc0P
MvNJPRlNFDN3NwPdXo4O5p+44xSOxYGPse/HjYOoKXSjARDIufey0PdQDTp3ZeYJ
tmY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:15:33 2025 by rpki-client