Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/b3FXRMe7s6zoKMrK3oft4czjLSw.roa
File: b3FXRMe7s6zoKMrK3oft4czjLSw.roa (raw, json)
Hash identifier: fIbNvp4iJq2v+0UrgHgxgHcUD8ATRKmdw7rey50D21k=
Subject key identifier: 6F:71:57:44:C7:BB:B3:AC:E8:28:CA:CA:DE:87:ED:E1:CC:E3:2D:2C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186F72F724163848973FCFF31A1ECBDA14C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/b3FXRMe7s6zoKMrK3oft4czjLSw.roa
Signing time: Sun 19 Mar 2023 00:05:27 +0000
ROA not before: Sun 19 Mar 2023 00:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:f72e:905b/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f7:2f:72:41:63:84:89:73:fc:ff:31:a1:ec:bd:a1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 19 00:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f715744c7bbb3ace828cacade87ede1cce32d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9b:51:d6:93:7a:9f:e8:39:2f:3b:2f:1e:9d:
68:0d:52:6c:c7:a2:c3:68:53:4f:d1:29:7e:99:21:
36:24:6b:ca:d5:44:28:15:4b:92:14:ad:b6:60:70:
d2:f4:fe:9e:c5:67:ae:15:8f:c1:97:70:98:e1:01:
0d:c1:55:0f:15:b8:0a:d0:7c:38:a5:33:87:d7:ef:
a0:1e:71:30:d1:80:86:95:35:24:af:28:3e:fb:2d:
c5:a8:d9:33:83:51:80:ee:8a:fc:28:d6:b7:68:f3:
3d:9b:f2:f9:e7:77:d2:a1:8b:39:ae:f8:ff:f8:b9:
f2:4f:b0:29:c5:2e:8a:fe:7e:53:3b:1c:3c:5b:1b:
23:27:71:c3:35:26:a9:7c:da:a2:06:5a:cb:96:12:
0b:4d:95:77:6c:73:26:fe:a9:b7:43:27:7e:95:e9:
03:d7:ea:f6:b8:82:c0:cd:49:55:c6:9e:5e:8e:ea:
2e:51:77:af:ee:33:59:00:17:c3:93:df:a7:d9:80:
9e:da:3c:5c:07:67:f2:52:26:e5:81:89:a2:11:64:
e2:ef:ef:9e:f5:38:89:03:7a:11:ca:d0:ad:a6:77:
a3:e7:b7:11:16:c6:fa:84:09:41:1c:87:bf:11:e6:
cb:08:ce:7c:36:01:d8:62:fc:40:c7:af:1e:db:5d:
99:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:71:57:44:C7:BB:B3:AC:E8:28:CA:CA:DE:87:ED:E1:CC:E3:2D:2C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/b3FXRMe7s6zoKMrK3oft4czjLSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:88:eb:e1:63:f3:a6:b1:24:9b:e8:c0:37:d8:19:e6:a0:c5:
12:35:66:8e:c6:0b:2e:78:a2:d6:a5:0d:bb:41:db:2a:8b:2b:
b0:56:1f:ca:28:7e:b0:ae:30:58:bb:f8:6a:ed:92:30:e0:22:
3a:fd:c5:77:8f:a4:4b:16:38:e8:9d:93:e5:b4:fd:c2:94:b6:
2e:d7:a9:cf:cf:ad:7c:08:c9:cb:5b:1d:df:db:52:70:ba:61:
a4:c1:a8:ce:d6:95:09:1c:e8:b0:07:97:5e:04:e5:a9:bc:ec:
f5:7b:f6:2d:05:4e:f9:fa:3d:a9:aa:9d:50:2f:c0:bd:cd:dd:
ba:0d:d2:92:29:36:cf:d1:b1:de:4e:7c:8a:71:ec:35:af:76:
23:2b:9d:3b:58:88:35:58:50:65:23:39:0b:72:59:46:28:c5:
06:15:3f:6a:1d:a1:d7:3a:5d:e0:f8:2f:a1:8a:02:d8:04:1d:
1c:b7:f1:67:1d:34:02:58:2f:cf:db:5b:80:54:04:cc:00:3d:
5c:b3:6f:6e:2a:18:9b:34:17:3d:23:32:2f:51:29:9f:e3:58:
9d:9d:79:4a:c7:c0:b2:6b:84:2f:8d:25:42:0d:87:74:20:c8:
37:01:24:58:10:a8:ae:28:58:0d:ac:0a:30:10:0e:0f:00:08:
04:b0:b6:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYb3L3JBY4SJc/z/MaHsvaFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE5MDAwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjcxNTc0NGM3YmJiM2FjZTgyOGNhY2FkZTg3ZWRlMWNjZTMyZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZtR1pN6n+g5LzsvHp1oDVJsx6LD
aFNP0Sl+mSE2JGvK1UQoFUuSFK22YHDS9P6exWeuFY/Bl3CY4QENwVUPFbgK0Hw4
pTOH1++gHnEw0YCGlTUkryg++y3FqNkzg1GA7or8KNa3aPM9m/L553fSoYs5rvj/
+LnyT7ApxS6K/n5TOxw8WxsjJ3HDNSapfNqiBlrLlhILTZV3bHMm/qm3Qyd+lekD
1+r2uILAzUlVxp5ejuouUXev7jNZABfDk9+n2YCe2jxcB2fyUiblgYmiEWTi7++e
9TiJA3oRytCtpnej57cRFsb6hAlBHIe/EebLCM58NgHYYvxAx68e212ZZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG9xV0THu7Os6CjKyt6H7eHM4y0sMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYjNGWFJNZTdzNnpvS01ySzNvZnQ0Y3pqTFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJCI6+Fj86axJJvowDfY
GeagxRI1Zo7GCy54otalDbtB2yqLK7BWH8oofrCuMFi7+GrtkjDgIjr9xXePpEsW
OOidk+W0/cKUti7Xqc/PrXwIyctbHd/bUnC6YaTBqM7WlQkc6LAHl14E5am87PV7
9i0FTvn6PamqnVAvwL3N3boN0pIpNs/Rsd5OfIpx7DWvdiMrnTtYiDVYUGUjOQty
WUYoxQYVP2ododc6XeD4L6GKAtgEHRy38WcdNAJYL8/bW4BUBMwAPVyzb24qGJs0
Fz0jMi9RKZ/jWJ2deUrHwLJrhC+NJUINh3QgyDcBJFgQqK4oWA2sCjAQDg8ACASw
tq4=
-----END CERTIFICATE-----
Generated at Thu May 1 11:13:37 2025 by rpki-client