Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/avk3VTRnl5n2PuyisT7ALAPm3sE.roa
File: avk3VTRnl5n2PuyisT7ALAPm3sE.roa (raw, json)
Hash identifier: myiTt/ivQGBicS6WNJEiohUPG88v1dtYPWqBQQBdvzw=
Subject key identifier: 6A:F9:37:55:34:67:97:99:F6:3E:EC:A2:B1:3E:C0:2C:03:E6:DE:C1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186C8A74E641223B93F0087B17E37D3F232
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/avk3VTRnl5n2PuyisT7ALAPm3sE.roa
Signing time: Thu 09 Mar 2023 23:14:13 +0000
ROA not before: Thu 09 Mar 2023 23:14:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c8:a7:4e:64:12:23:b9:3f:00:87:b1:7e:37:d3:f2:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 9 23:14:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6af9375534679799f63eeca2b13ec02c03e6dec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:07:4c:ba:a8:2f:37:15:16:2e:e0:5b:02:e4:
6d:f2:c5:4f:9f:61:f5:dc:8c:17:3c:16:34:3e:01:
d4:e0:b7:85:b1:74:06:01:da:01:3c:99:30:a1:ea:
9c:bb:b3:fa:b3:11:4c:29:10:9e:82:2e:7e:7d:85:
01:0c:09:4c:51:aa:90:7e:df:a9:9b:4b:14:fb:c7:
fb:f8:fa:f0:0e:ce:79:ac:17:48:73:a3:bc:a4:88:
fe:5d:89:e3:02:04:0a:19:c4:1b:2b:c3:fa:86:4e:
b9:ce:77:bd:19:c8:1b:9b:09:28:57:2d:5e:50:4e:
00:0b:4c:f7:79:b3:f0:91:06:6c:93:af:85:91:0e:
6f:df:9f:d1:26:94:35:bd:8c:e8:22:36:0b:5e:c7:
6c:37:85:74:a2:48:34:52:59:35:b1:3f:91:b7:88:
ca:64:39:2b:73:07:6c:5f:14:9e:f3:79:9d:43:f9:
5a:00:ca:90:d8:f5:0f:17:5c:52:0a:ff:15:dc:3c:
da:c5:fd:48:ee:17:ad:c0:92:25:29:e1:70:69:d4:
5a:d6:1b:b0:28:62:5e:ce:dd:c5:32:3c:1d:9f:56:
71:47:4b:37:bf:3a:7d:09:2e:ce:85:63:f2:39:a1:
e8:cb:5b:14:70:a3:4c:c5:ff:eb:4e:58:ba:5a:b4:
09:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F9:37:55:34:67:97:99:F6:3E:EC:A2:B1:3E:C0:2C:03:E6:DE:C1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/avk3VTRnl5n2PuyisT7ALAPm3sE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:80:72:3f:4f:1a:38:57:49:14:aa:d1:37:21:92:3e:cb:96:
64:b4:36:ed:24:b0:96:2a:c7:3b:4a:1e:81:6f:8b:3e:e9:dc:
aa:af:de:57:8a:c6:16:29:27:bd:cd:cf:e1:43:a7:b7:74:2a:
aa:b4:89:4c:42:16:c3:88:0c:bd:e4:6a:ce:cd:31:3c:c7:5a:
ff:ef:cb:92:57:3f:6f:17:9e:4d:c5:56:0f:50:ac:34:82:54:
1e:ce:2b:40:a4:8c:31:a6:31:29:7e:e9:5b:8c:c0:f9:44:91:
d2:b7:fc:19:4e:60:22:5d:de:5c:0f:5e:0e:5b:94:73:6b:9d:
54:96:e0:c3:e6:fc:82:33:84:58:f9:de:54:c5:e8:29:1e:0f:
ce:ab:d0:c9:1f:b0:5c:ef:f5:a6:79:62:08:d5:c1:f8:da:7c:
91:e4:d3:4c:80:26:f6:23:54:b2:cd:f9:ab:d2:a5:5f:b7:32:
10:f5:1e:1d:30:f3:33:48:34:9e:75:aa:9e:d3:35:01:a8:ad:
30:35:23:e8:9e:d8:73:53:5f:12:66:06:ad:c8:ac:4f:54:8e:
93:f8:23:12:2a:6c:5c:ab:1d:20:94:76:33:01:13:bc:49:6b:
ba:ed:bc:32:51:3d:45:1f:fc:95:78:60:18:65:92:9f:14:ae:
7c:cb:c6:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbIp05kEiO5PwCHsX430/IyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA5MjMxNDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWY5Mzc1NTM0Njc5Nzk5ZjYzZWVjYTJiMTNlYzAyYzAzZTZkZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAdMuqgvNxUWLuBbAuRt8sVPn2H1
3IwXPBY0PgHU4LeFsXQGAdoBPJkwoeqcu7P6sxFMKRCegi5+fYUBDAlMUaqQft+p
m0sU+8f7+PrwDs55rBdIc6O8pIj+XYnjAgQKGcQbK8P6hk65zne9GcgbmwkoVy1e
UE4AC0z3ebPwkQZsk6+FkQ5v35/RJpQ1vYzoIjYLXsdsN4V0okg0Ulk1sT+Rt4jK
ZDkrcwdsXxSe83mdQ/laAMqQ2PUPF1xSCv8V3Dzaxf1I7hetwJIlKeFwadRa1huw
KGJezt3FMjwdn1ZxR0s3vzp9CS7OhWPyOaHoy1sUcKNMxf/rTli6WrQJrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGr5N1U0Z5eZ9j7sorE+wCwD5t7BMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYXZrM1ZUUm5sNW4yUHV5aXNUN0FMQVBtM3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHiAcj9PGjhXSRSq0Tch
kj7LlmS0Nu0ksJYqxztKHoFviz7p3Kqv3leKxhYpJ73Nz+FDp7d0Kqq0iUxCFsOI
DL3kas7NMTzHWv/vy5JXP28Xnk3FVg9QrDSCVB7OK0CkjDGmMSl+6VuMwPlEkdK3
/BlOYCJd3lwPXg5blHNrnVSW4MPm/IIzhFj53lTF6CkeD86r0MkfsFzv9aZ5YgjV
wfjafJHk00yAJvYjVLLN+avSpV+3MhD1Hh0w8zNINJ51qp7TNQGorTA1I+ie2HNT
XxJmBq3IrE9UjpP4IxIqbFyrHSCUdjMBE7xJa7rtvDJRPUUf/JV4YBhlkp8UrnzL
xlw=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:56:24 2025 by rpki-client