Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/b1GJLIsEPgJvijJw5Hy9a3VJ5Ag.roa
File: b1GJLIsEPgJvijJw5Hy9a3VJ5Ag.roa (raw, json)
Hash identifier: IMOszfTBF2ffHLh80K3u9LxLbnCvXlx+8Sov+JAkmzw=
Subject key identifier: 6F:51:89:2C:8B:04:3E:02:6F:8A:32:70:E4:7C:BD:6B:75:49:E4:08
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186700A6E9A2D6BB4319AB05EE82CF0CD2F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/b1GJLIsEPgJvijJw5Hy9a3VJ5Ag.roa
Signing time: Mon 20 Feb 2023 18:16:17 +0000
ROA not before: Mon 20 Feb 2023 18:16:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:70:0a:6e:9a:2d:6b:b4:31:9a:b0:5e:e8:2c:f0:cd:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 20 18:16:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f51892c8b043e026f8a3270e47cbd6b7549e408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bd:43:24:d4:33:69:85:fd:34:22:6f:e2:fa:
a6:1b:1a:09:ed:e4:8b:7d:39:af:5e:c6:b2:92:d8:
60:56:1d:db:68:5a:b5:50:a5:78:d9:e3:1a:d3:a8:
6b:4b:3c:dd:42:4b:2d:b6:d0:b9:ca:9c:92:87:0f:
23:0a:3c:04:6c:74:7c:02:f3:b3:91:58:c9:f8:d9:
26:59:a2:02:60:1e:3b:fe:eb:c5:8e:88:0f:4e:2b:
ab:63:6d:75:d7:80:5e:89:e5:97:0f:72:b8:78:74:
75:0f:85:5c:dc:0d:3e:b9:f1:d3:d4:b2:8c:99:b2:
88:b4:4e:a2:87:d2:47:86:df:4d:d4:f1:8a:ff:86:
96:d5:17:38:f8:d6:8e:8e:84:40:6a:87:b9:70:42:
cc:3c:ba:76:ae:9f:03:8b:62:4e:2b:b4:f6:c7:21:
f3:0a:47:af:f1:11:f9:17:22:30:ae:1b:7e:34:5b:
95:45:9f:d6:38:2c:4a:03:bd:04:d3:59:f5:81:ec:
67:4e:99:b6:02:97:3d:c9:db:20:bb:db:44:fa:59:
f3:a4:78:e9:49:04:6a:c7:ca:15:9d:ac:0b:ff:19:
f1:9f:ba:eb:21:08:58:2f:6e:7c:cd:ca:80:19:08:
ba:c4:d0:6c:70:66:91:39:2a:19:38:6d:73:1e:bb:
86:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:51:89:2C:8B:04:3E:02:6F:8A:32:70:E4:7C:BD:6B:75:49:E4:08
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/b1GJLIsEPgJvijJw5Hy9a3VJ5Ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
af:19:18:24:37:d9:94:6d:89:dd:bb:29:a4:5f:76:71:b2:67:
3e:47:c0:26:fa:4f:44:0f:06:f2:a1:d5:7c:5c:25:e9:d6:eb:
11:02:3d:5e:a3:11:84:74:f5:93:fe:6d:07:77:18:41:49:d8:
b8:9b:e0:34:43:96:62:86:75:0d:e5:01:e2:f1:bf:89:7e:f5:
7d:29:3a:12:07:d4:3c:43:7f:49:50:b0:90:e0:76:45:d0:55:
5f:d9:05:22:48:1f:0d:12:16:b8:19:66:3e:62:78:f9:17:28:
f5:b9:06:1e:45:c5:7f:33:16:cd:de:c1:4c:d2:bf:4a:25:16:
53:64:e7:85:9d:3a:ee:bd:b0:ed:f6:cb:12:db:ee:9d:b9:15:
39:79:eb:b9:24:ae:4e:44:bb:72:eb:97:23:ef:7c:40:d4:1c:
28:a1:4b:7e:bc:68:c4:68:d1:ef:b7:b1:9c:b3:db:b1:46:e3:
d5:18:5e:e2:b3:dd:0e:49:3f:c0:f4:55:09:f7:b6:76:85:0a:
7a:fd:e0:48:b0:17:fc:2b:72:7a:d0:45:16:d3:0f:cd:d1:4f:
c5:7f:92:c4:77:31:f3:b6:0d:6d:57:37:0a:51:4e:0a:9c:8f:
aa:8e:84:27:d2:7e:09:c8:08:f8:da:e6:64:85:27:a7:f9:0a:
6f:39:2f:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZwCm6aLWu0MZqwXugs8M0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIwMTgxNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjUxODkyYzhiMDQzZTAyNmY4YTMyNzBlNDdjYmQ2Yjc1NDllNDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo71DJNQzaYX9NCJv4vqmGxoJ7eSL
fTmvXsaykthgVh3baFq1UKV42eMa06hrSzzdQkstttC5ypyShw8jCjwEbHR8AvOz
kVjJ+NkmWaICYB47/uvFjogPTiurY21114BeieWXD3K4eHR1D4Vc3A0+ufHT1LKM
mbKItE6ih9JHht9N1PGK/4aW1Rc4+NaOjoRAaoe5cELMPLp2rp8Di2JOK7T2xyHz
Ckev8RH5FyIwrht+NFuVRZ/WOCxKA70E01n1gexnTpm2Apc9ydsgu9tE+lnzpHjp
SQRqx8oVnawL/xnxn7rrIQhYL258zcqAGQi6xNBscGaROSoZOG1zHruGfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG9RiSyLBD4Cb4oycOR8vWt1SeQIMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYjFHSkxJc0VQZ0p2aWpKdzVIeTlhM1ZKNUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK8ZGCQ32ZRtid27KaRf
dnGyZz5HwCb6T0QPBvKh1XxcJenW6xECPV6jEYR09ZP+bQd3GEFJ2Lib4DRDlmKG
dQ3lAeLxv4l+9X0pOhIH1DxDf0lQsJDgdkXQVV/ZBSJIHw0SFrgZZj5iePkXKPW5
Bh5FxX8zFs3ewUzSv0olFlNk54WdOu69sO32yxLb7p25FTl567kkrk5Eu3LrlyPv
fEDUHCihS368aMRo0e+3sZyz27FG49UYXuKz3Q5JP8D0VQn3tnaFCnr94EiwF/wr
cnrQRRbTD83RT8V/ksR3MfO2DW1XNwpRTgqcj6qOhCfSfgnICPja5mSFJ6f5Cm85
LyU=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:53:35 2025 by rpki-client