Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aBuAubFyvt7An_DYq1QJVkCTRn0.roa
File: aBuAubFyvt7An_DYq1QJVkCTRn0.roa (raw, json)
Hash identifier: f6EbtVkMt/fh3Y7i0eRKQPzL1cDXRviLRbxn3KMl1SY=
Subject key identifier: 68:1B:80:B9:B1:72:BE:DE:C0:9F:F0:D8:AB:54:09:56:40:93:46:7D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187097443BE065358E883C47B496B07D47A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aBuAubFyvt7An_DYq1QJVkCTRn0.roa
Signing time: Wed 22 Mar 2023 13:13:47 +0000
ROA not before: Wed 22 Mar 2023 13:13:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:09:74:43:be:06:53:58:e8:83:c4:7b:49:6b:07:d4:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 22 13:13:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=681b80b9b172bedec09ff0d8ab5409564093467d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:de:56:6c:54:d8:bd:82:3b:3b:5d:d9:5d:c3:
02:09:af:be:a9:4c:0d:ca:48:ea:b0:ea:2a:94:10:
c2:90:0d:36:5d:f2:0c:21:db:6e:e0:55:c5:a5:21:
02:b0:9f:7d:d6:52:77:ab:fc:3e:af:47:4d:a4:60:
6a:77:50:79:82:3b:f4:d9:7e:2c:ee:1d:39:2f:fe:
6f:9b:92:f2:44:8b:9b:94:7f:8a:17:cf:a9:31:94:
f4:ab:14:09:08:94:79:1b:b4:57:7d:99:83:23:0f:
45:7d:a4:0f:af:be:e7:32:43:c2:fe:3c:b6:8c:8a:
80:cb:d0:0d:c2:a7:87:d3:3d:3d:51:17:70:ab:c8:
a6:f5:7e:76:13:79:a6:05:72:59:5d:e6:a7:54:84:
4e:2e:d1:57:15:0c:8f:23:01:be:5b:24:57:78:02:
f7:0e:32:d4:ee:5f:04:51:06:55:38:f9:41:fb:59:
16:21:ac:ba:a9:24:24:3b:6c:00:3f:65:24:9f:82:
f0:04:ab:21:d9:23:d5:5f:6c:37:ca:6e:ab:3e:5f:
d8:8a:19:97:e9:26:8c:b1:77:c1:db:6e:42:1e:1c:
2f:2e:60:c2:1a:1f:f9:a7:d9:ea:cc:d1:47:27:17:
bf:9d:98:0c:41:9f:88:5f:36:4e:af:f2:3d:9a:45:
e0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:1B:80:B9:B1:72:BE:DE:C0:9F:F0:D8:AB:54:09:56:40:93:46:7D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aBuAubFyvt7An_DYq1QJVkCTRn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:4a:b4:f2:81:b1:ce:e2:35:dc:10:af:ae:9f:1b:a2:da:da:
99:a9:20:1a:46:73:e1:b3:d1:71:f4:ba:44:3e:19:75:78:59:
5c:0b:9d:67:c8:e5:03:c6:13:3c:39:d7:93:af:e8:ae:63:60:
03:e2:b7:30:bb:84:f0:16:c3:50:7e:a7:1f:63:fc:2e:fd:54:
c5:da:a0:11:27:c2:31:e1:b0:c8:b0:a5:12:b3:71:77:01:42:
90:da:b6:a2:1f:3b:e9:1d:be:f3:2f:b1:97:e3:ad:95:ab:eb:
f5:54:f4:46:3a:f3:14:29:67:c5:82:58:ec:87:d5:a0:fb:c1:
67:b4:2f:1a:58:0a:6b:b1:eb:22:55:73:f4:92:65:02:a9:0c:
d4:e7:be:ce:1c:14:d0:59:a7:2f:1a:23:58:21:16:aa:c3:1d:
6f:4b:e2:7c:a0:d9:14:b5:9a:d4:4f:10:58:94:5b:a7:64:33:
aa:75:a5:07:40:a1:c9:38:63:b4:1a:68:05:a7:42:33:fa:a8:
aa:d3:12:30:cd:2b:07:72:c2:54:03:ac:2c:eb:26:79:73:e4:
99:5b:ef:5a:19:6b:a6:e5:5a:ef:27:d7:c2:5e:8f:40:c8:65:
9f:90:b4:61:b2:22:35:77:9c:e6:30:d3:d4:61:2a:57:48:2b:
73:14:9f:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcJdEO+BlNY6IPEe0lrB9R6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzIyMTMxMzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODFiODBiOWIxNzJiZWRlYzA5ZmYwZDhhYjU0MDk1NjQwOTM0NjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjt5WbFTYvYI7O13ZXcMCCa++qUwN
ykjqsOoqlBDCkA02XfIMIdtu4FXFpSECsJ991lJ3q/w+r0dNpGBqd1B5gjv02X4s
7h05L/5vm5LyRIublH+KF8+pMZT0qxQJCJR5G7RXfZmDIw9FfaQPr77nMkPC/jy2
jIqAy9ANwqeH0z09URdwq8im9X52E3mmBXJZXeanVIROLtFXFQyPIwG+WyRXeAL3
DjLU7l8EUQZVOPlB+1kWIay6qSQkO2wAP2Ukn4LwBKsh2SPVX2w3ym6rPl/YihmX
6SaMsXfB225CHhwvLmDCGh/5p9nqzNFHJxe/nZgMQZ+IXzZOr/I9mkXg9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGgbgLmxcr7ewJ/w2KtUCVZAk0Z9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYUJ1QXViRnl2dDdBbl9EWXExUUpWa0NUUm4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ9KtPKBsc7iNdwQr66f
G6La2pmpIBpGc+Gz0XH0ukQ+GXV4WVwLnWfI5QPGEzw515Ov6K5jYAPitzC7hPAW
w1B+px9j/C79VMXaoBEnwjHhsMiwpRKzcXcBQpDatqIfO+kdvvMvsZfjrZWr6/VU
9EY68xQpZ8WCWOyH1aD7wWe0LxpYCmux6yJVc/SSZQKpDNTnvs4cFNBZpy8aI1gh
FqrDHW9L4nyg2RS1mtRPEFiUW6dkM6p1pQdAock4Y7QaaAWnQjP6qKrTEjDNKwdy
wlQDrCzrJnlz5Jlb71oZa6blWu8n18Jej0DIZZ+QtGGyIjV3nOYw09RhKldIK3MU
n/Y=
-----END CERTIFICATE-----
Generated at Thu May 1 00:58:59 2025 by rpki-client