Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/c7NTbH0l6VGefufcIkEkcXAmaNU.roa
File: c7NTbH0l6VGefufcIkEkcXAmaNU.roa (raw, json)
Hash identifier: TCG0RQ0VEPwlF/RQN09Lf7gCkJsTIaPGL8ctr2oHF4o=
Subject key identifier: 73:B3:53:6C:7D:25:E9:51:9E:7E:E7:DC:22:41:24:71:70:26:68:D5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869D7EF8D0B08C144A8C7580D78C113CC9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/c7NTbH0l6VGefufcIkEkcXAmaNU.roa
Signing time: Wed 01 Mar 2023 14:06:29 +0000
ROA not before: Wed 01 Mar 2023 14:06:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9d7e:2658/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9d:7e:f8:d0:b0:8c:14:4a:8c:75:80:d7:8c:11:3c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 1 14:06:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73b3536c7d25e9519e7ee7dc22412471702668d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:be:af:48:4a:60:93:33:fc:9c:3c:69:3f:cf:
8c:d7:5a:db:e3:86:d9:b9:6c:c2:e5:0f:18:48:c1:
c7:b1:87:b9:2e:a8:78:6d:e3:07:f6:a7:8b:cd:82:
26:48:8e:9f:d3:d0:d6:55:f4:ea:b1:01:e2:63:5b:
38:03:a1:45:e3:86:99:30:d8:7b:f2:b0:fd:d8:5e:
66:23:f8:e2:ea:25:90:97:ee:d9:73:38:c8:9a:bd:
76:c9:f2:1c:49:aa:b3:62:92:f9:2d:37:eb:ec:1a:
de:94:3d:eb:15:9b:57:fe:ff:37:95:95:77:08:cd:
a0:64:16:22:16:30:99:71:f7:87:64:a3:de:de:fb:
d9:18:fe:6d:40:2b:9d:e5:5e:b0:29:35:7a:56:5d:
94:47:db:df:d9:03:cd:25:d1:94:b6:ec:5a:7d:b1:
ed:3b:68:3a:42:2a:e9:ff:c1:b3:a8:05:10:36:c6:
46:93:c9:8b:bc:6b:b8:c7:32:17:b8:fc:4e:d8:da:
42:c5:73:bf:e0:85:be:86:4e:5d:e2:06:1e:51:c5:
d9:2f:e4:dc:4f:3a:2b:f8:84:90:91:c8:27:fe:92:
87:dd:b5:1c:09:88:e1:49:dd:2d:28:50:98:14:96:
d3:92:66:e8:d8:56:ec:e8:20:7b:fb:21:09:7b:9c:
20:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B3:53:6C:7D:25:E9:51:9E:7E:E7:DC:22:41:24:71:70:26:68:D5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/c7NTbH0l6VGefufcIkEkcXAmaNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:5c:8c:25:d9:90:2f:39:7b:93:d9:4f:8e:e7:a6:77:cd:bb:
5b:ce:15:32:d1:eb:5e:a1:81:64:cf:b0:ad:34:80:22:b0:5e:
df:70:f6:c2:fe:6f:57:06:30:e1:79:d7:02:96:5a:ff:af:00:
a0:60:c3:23:21:04:a1:e4:7d:8c:74:11:14:51:aa:ce:e3:7c:
2b:4e:4d:c0:df:24:9f:94:4c:4b:79:77:34:e6:d8:40:19:9f:
77:76:cb:d2:c3:59:04:a0:4c:05:31:a9:5c:12:27:12:93:f9:
d9:96:7f:76:5d:17:73:28:00:f9:9e:44:be:93:2c:58:d7:97:
6e:25:a0:8c:d5:b4:50:43:1e:6b:5b:f3:36:f8:cf:50:ad:bc:
8c:bf:a3:01:e2:60:16:2a:ac:d5:e5:da:a7:38:99:af:f8:89:
3c:57:f8:e9:7e:7c:35:c0:de:00:4e:92:f5:7b:3d:27:fa:37:
47:b8:6b:39:e4:a5:90:0d:69:4d:3f:47:58:46:75:59:df:3b:
63:62:1d:cf:dc:da:59:68:bb:07:5a:8a:87:ba:29:af:59:8a:
66:66:af:10:00:d8:e9:30:bb:a4:d8:f6:86:84:25:19:e1:b7:
93:f3:f2:d7:af:e0:25:5e:8b:c3:cd:86:05:52:1e:d7:e7:e5:
a5:b5:f1:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYadfvjQsIwUSox1gNeMETzJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAxMTQwNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2IzNTM2YzdkMjVlOTUxOWU3ZWU3ZGMyMjQxMjQ3MTcwMjY2OGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz76vSEpgkzP8nDxpP8+M11rb44bZ
uWzC5Q8YSMHHsYe5Lqh4beMH9qeLzYImSI6f09DWVfTqsQHiY1s4A6FF44aZMNh7
8rD92F5mI/ji6iWQl+7ZczjImr12yfIcSaqzYpL5LTfr7BrelD3rFZtX/v83lZV3
CM2gZBYiFjCZcfeHZKPe3vvZGP5tQCud5V6wKTV6Vl2UR9vf2QPNJdGUtuxafbHt
O2g6Qirp/8GzqAUQNsZGk8mLvGu4xzIXuPxO2NpCxXO/4IW+hk5d4gYeUcXZL+Tc
Tzor+ISQkcgn/pKH3bUcCYjhSd0tKFCYFJbTkmbo2Fbs6CB7+yEJe5wgNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHOzU2x9JelRnn7n3CJBJHFwJmjVMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYzdOVGJIMGw2VkdlZnVmY0lrRWtjWEFtYU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF9cjCXZkC85e5PZT47n
pnfNu1vOFTLR616hgWTPsK00gCKwXt9w9sL+b1cGMOF51wKWWv+vAKBgwyMhBKHk
fYx0ERRRqs7jfCtOTcDfJJ+UTEt5dzTm2EAZn3d2y9LDWQSgTAUxqVwSJxKT+dmW
f3ZdF3MoAPmeRL6TLFjXl24loIzVtFBDHmtb8zb4z1CtvIy/owHiYBYqrNXl2qc4
ma/4iTxX+Ol+fDXA3gBOkvV7PSf6N0e4aznkpZANaU0/R1hGdVnfO2NiHc/c2llo
uwdaioe6Ka9ZimZmrxAA2Okwu6TY9oaEJRnht5Pz8tev4CVei8PNhgVSHtfn5aW1
8X4=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:38:08 2025 by rpki-client