Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aF8b7L12ZpXCQlTbtAVxcOcL0Zg.roa
File: aF8b7L12ZpXCQlTbtAVxcOcL0Zg.roa (raw, json)
Hash identifier: Vq0/hc/ashFODT0PAyBdOzDWDS8DUHNB27rM1XbwLXQ=
Subject key identifier: 68:5F:1B:EC:BD:76:66:95:C2:42:54:DB:B4:05:71:70:E7:0B:D1:98
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186B590F2DAE88D808967344CA486E5540E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aF8b7L12ZpXCQlTbtAVxcOcL0Zg.roa
Signing time: Mon 06 Mar 2023 06:17:00 +0000
ROA not before: Mon 06 Mar 2023 06:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b5:90:f2:da:e8:8d:80:89:67:34:4c:a4:86:e5:54:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 6 06:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=685f1becbd766695c24254dbb4057170e70bd198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7e:4c:c8:7a:fd:cd:41:c9:53:a8:1b:7d:cf:
49:3c:27:a4:b2:49:2f:df:c2:18:bf:ac:02:7d:1b:
31:5a:f1:47:e8:fd:d7:10:24:14:57:70:7d:87:a7:
f5:5f:ef:67:8f:98:5d:3f:3e:65:2e:92:96:21:e3:
6b:60:93:a6:0c:40:86:ed:33:3f:ef:b3:2b:af:fc:
be:41:88:38:eb:b0:5b:23:65:64:41:03:5a:f2:3e:
c5:c4:11:70:63:85:11:13:20:d6:32:2b:ee:d0:13:
23:94:e9:b2:cc:6e:4f:7a:9f:93:d7:2b:88:ee:a0:
25:e7:a3:c5:e4:a9:4a:90:30:f0:d0:02:19:ad:bc:
2e:4a:d1:e0:70:13:0f:cf:d7:13:cc:04:40:de:54:
3b:96:78:eb:e7:c7:d2:63:e1:6c:2b:c8:59:12:59:
5a:b4:8b:34:2e:02:c4:1f:3e:03:1f:ca:8a:bd:5d:
86:ac:d1:69:d1:7a:e1:15:88:82:f3:fa:7e:f5:b7:
50:80:b5:d7:37:71:a6:43:56:bd:ac:1a:9c:53:68:
90:b7:e6:81:04:bd:ad:08:77:71:c6:37:5c:4c:c2:
a5:49:e9:65:eb:63:3a:30:5d:e0:a2:a7:bf:06:ce:
ea:d7:5e:73:96:fe:b4:ee:c1:37:4c:63:2e:45:73:
b6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5F:1B:EC:BD:76:66:95:C2:42:54:DB:B4:05:71:70:E7:0B:D1:98
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aF8b7L12ZpXCQlTbtAVxcOcL0Zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:41:8b:6b:0f:33:e9:80:a1:83:8e:90:d7:c8:11:55:08:d0:
4f:92:2f:d0:51:2a:8d:11:91:ed:a6:b7:d4:c0:7f:fe:b3:42:
e3:77:0b:d5:92:f6:fc:71:8a:8f:52:32:fd:cd:8c:bd:22:75:
29:fc:e5:a8:3c:08:d3:68:de:95:ee:58:22:ff:2e:d1:ee:ca:
51:97:58:cd:7b:9c:9d:dd:d9:bb:67:51:45:28:73:bd:ac:17:
29:8d:f6:51:08:40:64:de:ae:15:2c:89:da:8d:4c:4d:f4:6c:
aa:24:15:8b:3c:0f:85:1a:6b:c2:82:3c:31:d1:90:93:ab:62:
4f:f7:a2:4a:88:fb:fe:72:cd:c6:50:fc:c8:73:10:fa:50:6b:
e3:57:f7:c5:27:7d:a7:e7:42:7b:24:0d:06:83:2f:47:99:b2:
e6:cf:25:c5:0b:1c:57:3e:4e:45:fe:53:24:6d:b0:f7:85:d5:
f8:61:af:7f:43:67:0b:0e:5f:54:f7:e1:bf:43:73:ae:a7:97:
96:91:4e:9e:b8:43:b9:ee:f7:2b:21:22:09:9f:c3:3c:4c:0b:
74:d7:df:48:1b:ba:61:09:56:3c:76:ce:23:88:c7:d0:f1:e4:
20:6a:3f:cf:9f:78:f5:e7:ca:01:ab:f4:e7:52:dc:b8:e8:25:
e6:d7:4b:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYa1kPLa6I2AiWc0TKSG5VQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA2MDYxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODVmMWJlY2JkNzY2Njk1YzI0MjU0ZGJiNDA1NzE3MGU3MGJkMTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh35MyHr9zUHJU6gbfc9JPCekskkv
38IYv6wCfRsxWvFH6P3XECQUV3B9h6f1X+9nj5hdPz5lLpKWIeNrYJOmDECG7TM/
77Mrr/y+QYg467BbI2VkQQNa8j7FxBFwY4UREyDWMivu0BMjlOmyzG5Pep+T1yuI
7qAl56PF5KlKkDDw0AIZrbwuStHgcBMPz9cTzARA3lQ7lnjr58fSY+FsK8hZElla
tIs0LgLEHz4DH8qKvV2GrNFp0XrhFYiC8/p+9bdQgLXXN3GmQ1a9rBqcU2iQt+aB
BL2tCHdxxjdcTMKlSell62M6MF3goqe/Bs7q115zlv607sE3TGMuRXO2rwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGhfG+y9dmaVwkJU27QFcXDnC9GYMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYUY4YjdMMTJacFhDUWxUYnRBVnhjT2NMMFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJVBi2sPM+mAoYOOkNfI
EVUI0E+SL9BRKo0Rke2mt9TAf/6zQuN3C9WS9vxxio9SMv3NjL0idSn85ag8CNNo
3pXuWCL/LtHuylGXWM17nJ3d2btnUUUoc72sFymN9lEIQGTerhUsidqNTE30bKok
FYs8D4Uaa8KCPDHRkJOrYk/3okqI+/5yzcZQ/MhzEPpQa+NX98UnfafnQnskDQaD
L0eZsubPJcULHFc+TkX+UyRtsPeF1fhhr39DZwsOX1T34b9Dc66nl5aRTp64Q7nu
9yshIgmfwzxMC3TX30gbumEJVjx2ziOIx9Dx5CBqP8+fePXnygGr9OdS3LjoJebX
Szo=
-----END CERTIFICATE-----
Generated at Thu May 1 01:47:11 2025 by rpki-client