Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/b9Lk9pbVkH7XfeLVjHYsYn2ar2Y.roa
File: b9Lk9pbVkH7XfeLVjHYsYn2ar2Y.roa (raw, json)
Hash identifier: 30kOln8MGbU9F9Xsx+ACd6GOg/D7kqo3IQkOriluX/E=
Subject key identifier: 6F:D2:E4:F6:96:D5:90:7E:D7:7D:E2:D5:8C:76:2C:62:7D:9A:AF:66
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189F8E4BF22CAE8EED73F7DF02B2111F833
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/b9Lk9pbVkH7XfeLVjHYsYn2ar2Y.roa
Signing time: Tue 15 Aug 2023 11:11:27 +0000
ROA not before: Tue 15 Aug 2023 11:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:e4:bf:22:ca:e8:ee:d7:3f:7d:f0:2b:21:11:f8:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 15 11:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fd2e4f696d5907ed77de2d58c762c627d9aaf66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1a:66:04:9d:8a:90:46:76:d0:f9:40:e0:0c:
27:5b:97:d8:c2:43:17:b9:ef:8e:6b:9f:8b:1a:4d:
28:eb:50:1d:6d:5f:7c:d1:8f:2e:c0:35:61:54:55:
3d:75:98:0d:3a:b9:38:ff:fe:de:2f:33:89:37:32:
9d:bf:b7:9b:eb:bb:0f:47:a8:b9:ec:b6:70:97:47:
db:df:e0:4f:b2:b1:96:27:a4:06:38:a5:f1:2c:97:
49:7d:8d:41:8e:0b:09:29:ce:c9:93:33:58:58:c8:
8d:03:72:62:d0:cc:27:5b:e4:f9:69:3a:17:1b:db:
a1:1c:9d:f1:8b:17:d2:03:af:3c:99:87:0b:11:33:
4c:9f:56:b6:b4:ae:b0:68:3b:97:af:05:fd:cb:74:
94:15:28:bf:4a:ee:a0:df:8a:f5:02:5d:7c:8f:f2:
db:bb:96:d1:50:7f:09:2f:dc:0a:3f:6a:14:22:e8:
0e:59:66:f2:1c:b2:7e:89:2f:5b:8f:3e:de:67:85:
3c:78:9f:a7:d9:9b:aa:b1:78:13:af:fd:60:56:12:
7b:45:86:72:08:b7:70:1e:c1:72:b5:af:76:3f:86:
ac:2b:64:27:43:7f:e1:55:97:b0:ac:0e:e9:14:6d:
cb:fd:8a:72:2b:4a:57:38:6a:3c:f6:74:e7:78:72:
7e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D2:E4:F6:96:D5:90:7E:D7:7D:E2:D5:8C:76:2C:62:7D:9A:AF:66
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/b9Lk9pbVkH7XfeLVjHYsYn2ar2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:d4:16:fa:25:df:07:f7:57:23:33:7b:e2:35:65:5e:8f:d2:
84:11:4b:39:af:7a:92:14:ad:72:02:ed:0a:9a:68:80:0f:cf:
4e:19:46:e4:0d:f5:2e:2d:7f:6d:c6:a3:57:a0:02:6e:f1:d8:
01:7f:5b:f1:09:ff:e4:58:43:b3:e6:5b:24:03:ee:c0:db:06:
80:86:18:88:a6:d9:d0:48:e3:fc:1a:20:6c:ac:31:77:a9:56:
f2:e3:5d:2b:22:de:86:be:7c:99:b8:8b:85:3c:f6:2e:a3:d7:
5a:18:9c:f2:e8:9c:91:5c:fa:40:ad:5c:4a:b6:bc:71:07:45:
db:c6:a3:7f:b4:84:cf:f4:bf:83:53:2a:00:98:d3:91:28:7d:
35:b3:28:a9:fa:13:67:21:a9:04:ec:76:39:38:78:52:94:56:
7b:84:d3:51:a8:b1:7f:b2:88:32:00:bd:1b:4a:39:e2:b9:75:
fa:c9:97:84:f5:10:9b:7a:24:c2:96:73:cc:8e:12:79:04:19:
d6:15:12:10:43:a4:89:34:93:83:5b:4b:96:d2:70:eb:ed:ac:
71:c3:dc:b6:44:0f:a0:0a:e9:12:47:47:9a:97:78:47:ab:00:
fb:fa:6f:3c:2d:e3:d1:8d:dd:23:ed:9a:19:7c:19:19:72:27:
37:02:77:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn45L8iyuju1z998CshEfgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE1MTExMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQyZTRmNjk2ZDU5MDdlZDc3ZGUyZDU4Yzc2MmM2MjdkOWFhZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohpmBJ2KkEZ20PlA4AwnW5fYwkMX
ue+Oa5+LGk0o61AdbV980Y8uwDVhVFU9dZgNOrk4//7eLzOJNzKdv7eb67sPR6i5
7LZwl0fb3+BPsrGWJ6QGOKXxLJdJfY1BjgsJKc7JkzNYWMiNA3Ji0MwnW+T5aToX
G9uhHJ3xixfSA688mYcLETNMn1a2tK6waDuXrwX9y3SUFSi/Su6g34r1Al18j/Lb
u5bRUH8JL9wKP2oUIugOWWbyHLJ+iS9bjz7eZ4U8eJ+n2ZuqsXgTr/1gVhJ7RYZy
CLdwHsFyta92P4asK2QnQ3/hVZewrA7pFG3L/YpyK0pXOGo89nTneHJ+yQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG/S5PaW1ZB+133i1Yx2LGJ9mq9mMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYjlMazlwYlZrSDdYZmVMVmpIWXNZbjJhcjJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC7UFvol3wf3VyMze+I1
ZV6P0oQRSzmvepIUrXIC7QqaaIAPz04ZRuQN9S4tf23Go1egAm7x2AF/W/EJ/+RY
Q7PmWyQD7sDbBoCGGIim2dBI4/waIGysMXepVvLjXSsi3oa+fJm4i4U89i6j11oY
nPLonJFc+kCtXEq2vHEHRdvGo3+0hM/0v4NTKgCY05EofTWzKKn6E2chqQTsdjk4
eFKUVnuE01GosX+yiDIAvRtKOeK5dfrJl4T1EJt6JMKWc8yOEnkEGdYVEhBDpIk0
k4NbS5bScOvtrHHD3LZED6AK6RJHR5qXeEerAPv6bzwt49GN3SPtmhl8GRlyJzcC
d5c=
-----END CERTIFICATE-----
Generated at Sat May 3 10:19:53 2025 by rpki-client