Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bl8VvUVpEQdfBSp82qsCEtXRREk.roa
File: bl8VvUVpEQdfBSp82qsCEtXRREk.roa (raw, json)
Hash identifier: US/CA/Qa7DeCSwER1wjfwBW8Oe/qXZYL6OGJFgDlXhg=
Subject key identifier: 6E:5F:15:BD:45:69:11:07:5F:05:2A:7C:DA:AB:02:12:D5:D1:44:49
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01836AB2886C919C196D673B64DA80E93AA4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bl8VvUVpEQdfBSp82qsCEtXRREk.roa
Signing time: Fri 23 Sep 2022 14:13:48 +0000
ROA not before: Fri 23 Sep 2022 14:13:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:50b3:5643/128 maxlen: 128
2001:67c:64:ffff:0:183:5f81:ab13/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6a:b2:88:6c:91:9c:19:6d:67:3b:64:da:80:e9:3a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 23 14:13:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e5f15bd456911075f052a7cdaab0212d5d14449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:51:32:77:a3:16:2f:29:ad:41:f1:b2:7e:06:
3e:76:e6:9a:a2:da:3e:2c:02:b0:f0:2d:92:2e:80:
e6:21:83:42:5c:fc:72:31:7a:43:61:47:aa:5f:0e:
6b:5d:db:2c:4f:4e:e1:4c:8e:27:a9:4e:9d:47:04:
db:a1:d4:f2:d8:0c:da:11:c7:af:31:bd:72:f9:2f:
f0:23:db:9d:c0:08:02:1a:4c:d5:c0:e2:b0:20:71:
fc:58:a0:97:e7:db:a3:73:54:8f:69:3c:77:f6:e5:
f5:59:0a:5e:a3:b2:78:95:74:0a:1b:a5:95:0c:f5:
e7:ae:68:3f:cb:20:52:ec:98:22:fe:61:f8:03:81:
5d:03:50:32:02:0b:a4:4f:88:c5:e8:d5:2a:98:8f:
2d:bf:44:4a:d6:bd:73:46:8d:5e:c6:29:9d:8e:25:
a0:f0:6a:14:e3:1e:93:e1:34:69:ad:9e:0c:42:fc:
3b:8a:60:22:8c:28:cf:e6:38:81:e1:b1:b3:f9:06:
2b:ea:43:d0:81:6b:e4:80:5c:9c:f5:88:de:e4:f7:
ec:a0:6f:d3:0b:11:39:7d:96:d3:72:39:d4:19:43:
e5:d3:b8:b8:a8:d6:1a:68:d8:d0:69:7c:c6:04:56:
ab:f9:67:ee:e7:de:2b:f6:7e:ab:da:79:00:b2:72:
61:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:5F:15:BD:45:69:11:07:5F:05:2A:7C:DA:AB:02:12:D5:D1:44:49
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bl8VvUVpEQdfBSp82qsCEtXRREk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:26:85:94:df:0b:53:8e:76:55:8d:00:f0:1e:db:32:f8:87:
e9:f6:60:ce:39:55:b9:c0:1b:90:e1:01:d7:05:7f:0d:dd:06:
49:9c:ee:6a:a0:82:6b:86:25:50:40:34:92:83:d3:9b:a4:5b:
8e:e2:52:a3:e9:36:98:fa:5b:ad:45:41:a0:a9:80:db:48:8f:
7e:ed:a0:9c:51:e1:cf:53:88:96:dd:95:23:86:f0:1d:8b:89:
f3:ee:16:4f:a6:84:73:69:29:3f:75:08:08:05:e6:ca:e6:45:
81:20:36:b0:7f:e4:dd:59:5e:33:ed:b0:f3:a1:3d:50:be:1b:
c0:7b:fc:1f:0d:48:d4:4a:80:5e:a5:b2:82:90:b8:fd:67:d6:
69:8f:eb:47:60:b0:ae:ab:37:30:d4:3a:69:e7:02:b1:68:10:
d5:a0:ae:bf:65:e8:1a:1b:13:cc:bb:4c:65:43:7a:d3:ff:df:
fa:c3:64:51:61:f1:c8:fa:3d:22:f3:cf:9f:1b:79:62:61:95:
f5:d4:87:54:8a:c9:91:6b:23:9c:24:bf:dc:84:a5:1f:ce:2b:
f6:6f:2e:38:cc:12:69:f5:4d:38:8f:dc:e9:7d:55:8e:20:d8:
8b:8f:4e:db:62:51:c4:bc:a7:8f:cd:79:11:f8:a3:73:d9:90:
c2:4e:54:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYNqsohskZwZbWc7ZNqA6TqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTIzMTQxMzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTVmMTViZDQ1NjkxMTA3NWYwNTJhN2NkYWFiMDIxMmQ1ZDE0NDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlEyd6MWLymtQfGyfgY+duaaoto+
LAKw8C2SLoDmIYNCXPxyMXpDYUeqXw5rXdssT07hTI4nqU6dRwTbodTy2AzaEcev
Mb1y+S/wI9udwAgCGkzVwOKwIHH8WKCX59ujc1SPaTx39uX1WQpeo7J4lXQKG6WV
DPXnrmg/yyBS7Jgi/mH4A4FdA1AyAgukT4jF6NUqmI8tv0RK1r1zRo1eximdjiWg
8GoU4x6T4TRprZ4MQvw7imAijCjP5jiB4bGz+QYr6kPQgWvkgFyc9Yje5PfsoG/T
CxE5fZbTcjnUGUPl07i4qNYaaNjQaXzGBFar+Wfu594r9n6r2nkAsnJhEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG5fFb1FaREHXwUqfNqrAhLV0URJMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYmw4VnZVVnBFUWRmQlNwODJxc0NFdFhSUkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF8mhZTfC1OOdlWNAPAe
2zL4h+n2YM45VbnAG5DhAdcFfw3dBkmc7mqggmuGJVBANJKD05ukW47iUqPpNpj6
W61FQaCpgNtIj37toJxR4c9TiJbdlSOG8B2LifPuFk+mhHNpKT91CAgF5srmRYEg
NrB/5N1ZXjPtsPOhPVC+G8B7/B8NSNRKgF6lsoKQuP1n1mmP60dgsK6rNzDUOmnn
ArFoENWgrr9l6BobE8y7TGVDetP/3/rDZFFh8cj6PSLzz58beWJhlfXUh1SKyZFr
I5wkv9yEpR/OK/ZvLjjMEmn1TTiP3Ol9VY4g2IuPTttiUcS8p4/NeRH4o3PZkMJO
VCo=
-----END CERTIFICATE-----
Generated at Thu May 1 00:52:42 2025 by rpki-client