Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aTYrbCwKEYqPplPDCzYS16gCoko.roa
File: aTYrbCwKEYqPplPDCzYS16gCoko.roa (raw, json)
Hash identifier: inLXBPmbCHHaw1Kl1Upfe2gL1zM5Gd2LC81+FbZgACc=
Subject key identifier: 69:36:2B:6C:2C:0A:11:8A:8F:A6:53:C3:0B:36:12:D7:A8:02:A2:4A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187E14D784D2AF0D1DBF9748EE8A918C188
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aTYrbCwKEYqPplPDCzYS16gCoko.roa
Signing time: Wed 03 May 2023 11:09:23 +0000
ROA not before: Wed 03 May 2023 11:09:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:4d:78:4d:2a:f0:d1:db:f9:74:8e:e8:a9:18:c1:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 3 11:09:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69362b6c2c0a118a8fa653c30b3612d7a802a24a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:50:04:d6:29:4f:43:1a:61:aa:57:bb:07:32:
9c:25:23:7b:e8:d5:7c:45:bb:a2:c4:c2:cf:8c:5b:
5c:36:65:24:83:65:4d:a6:50:02:49:81:bf:aa:f4:
49:49:cb:c3:52:48:fd:12:57:07:0d:82:8c:d2:fb:
7e:6b:f1:d6:45:d3:18:8b:ff:9c:a1:d2:f1:f5:0e:
39:b1:11:b9:a5:83:58:9c:a5:48:2a:2a:2f:c3:23:
ee:5e:28:9b:29:62:3e:2a:7d:6f:d9:32:50:47:ea:
15:22:7c:f4:b4:de:b9:08:ff:67:16:aa:f4:8f:3c:
df:bf:f5:28:21:61:aa:12:88:de:ea:0d:8c:54:95:
66:f0:80:56:b8:d3:94:e9:a8:1a:1e:11:d6:c5:65:
b1:a7:6e:31:11:2c:87:bf:ca:5e:ca:ea:30:72:a7:
f1:44:b7:b2:54:eb:54:9e:98:c5:09:e2:ad:70:cb:
d1:63:68:06:d5:ff:8a:66:77:5e:cb:b5:ef:12:e4:
3d:47:c3:ed:a9:70:0f:11:1f:5d:16:9c:b0:b8:3e:
fe:d3:38:6e:ae:f8:f7:df:7b:b8:62:45:a2:b8:44:
ce:06:10:f0:6e:69:f2:6b:ae:6f:6e:d1:37:ec:25:
66:79:2c:74:44:91:4b:1e:64:48:55:ae:ab:05:e2:
a7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:36:2B:6C:2C:0A:11:8A:8F:A6:53:C3:0B:36:12:D7:A8:02:A2:4A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aTYrbCwKEYqPplPDCzYS16gCoko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:95:c1:bf:5b:4a:16:51:9e:68:f2:66:e0:e0:77:40:83:1f:
2a:f8:41:7d:d9:29:07:34:62:c5:58:5a:ed:ca:c2:d3:67:6c:
59:05:e1:ba:99:ae:97:de:25:ae:9d:73:ee:98:61:9c:c7:ba:
7d:9b:9e:db:d7:ed:cf:96:fd:4a:52:60:e0:a4:d0:ad:66:88:
89:5a:49:83:6a:cc:04:ac:f0:67:a2:59:fd:2c:b0:f5:ba:f3:
a7:43:ef:40:66:d8:bb:65:f6:2b:2c:ff:71:35:0b:50:1f:65:
c7:1a:31:72:f7:89:c3:52:2f:8e:b4:47:93:05:41:93:75:d4:
03:f8:4d:05:3d:70:f1:b7:5b:d4:38:9f:4d:22:e4:60:50:3d:
6a:a6:3a:2a:06:5e:52:6f:bd:36:79:1a:bb:c6:70:36:26:38:
e1:0c:bd:aa:1f:ec:b2:08:8d:95:b5:c9:68:be:25:f8:61:5f:
31:31:f1:06:2b:20:3b:97:92:bc:61:e4:83:0f:e6:27:e3:b2:
a4:fd:6b:d6:3a:5f:08:b3:f8:a3:86:0b:4b:e5:63:eb:c4:7c:
e6:0a:f3:c9:79:2b:e8:95:ff:18:3e:e4:51:b4:a7:75:f7:5a:
df:0e:5c:d9:8b:0e:2a:d2:6f:30:5e:f6:0a:01:32:26:76:7d:
95:4e:e8:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfhTXhNKvDR2/l0juipGMGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTAzMTEwOTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTM2MmI2YzJjMGExMThhOGZhNjUzYzMwYjM2MTJkN2E4MDJhMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVAE1ilPQxphqle7BzKcJSN76NV8
RbuixMLPjFtcNmUkg2VNplACSYG/qvRJScvDUkj9ElcHDYKM0vt+a/HWRdMYi/+c
odLx9Q45sRG5pYNYnKVIKiovwyPuXiibKWI+Kn1v2TJQR+oVInz0tN65CP9nFqr0
jzzfv/UoIWGqEoje6g2MVJVm8IBWuNOU6agaHhHWxWWxp24xESyHv8peyuowcqfx
RLeyVOtUnpjFCeKtcMvRY2gG1f+KZndey7XvEuQ9R8PtqXAPER9dFpywuD7+0zhu
rvj333u4YkWiuETOBhDwbmnya65vbtE37CVmeSx0RJFLHmRIVa6rBeKnGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGk2K2wsChGKj6ZTwws2EteoAqJKMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYVRZcmJDd0tFWXFQcGxQREN6WVMxNmdDb2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAASVwb9bShZRnmjyZuDg
d0CDHyr4QX3ZKQc0YsVYWu3KwtNnbFkF4bqZrpfeJa6dc+6YYZzHun2bntvX7c+W
/UpSYOCk0K1miIlaSYNqzASs8GeiWf0ssPW686dD70Bm2Ltl9iss/3E1C1AfZcca
MXL3icNSL460R5MFQZN11AP4TQU9cPG3W9Q4n00i5GBQPWqmOioGXlJvvTZ5GrvG
cDYmOOEMvaof7LIIjZW1yWi+JfhhXzEx8QYrIDuXkrxh5IMP5ifjsqT9a9Y6Xwiz
+KOGC0vlY+vEfOYK88l5K+iV/xg+5FG0p3X3Wt8OXNmLDirSbzBe9goBMiZ2fZVO
6HQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:45:21 2025 by rpki-client