Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cHZ63sjI2M-Uoo9NAYkPE3cNOns.roa
File: cHZ63sjI2M-Uoo9NAYkPE3cNOns.roa (raw, json)
Hash identifier: grQ2KwHmAyrjbfVLn0Ul71oznkYYu+WfDY5zfkVudcw=
Subject key identifier: 70:76:7A:DE:C8:C8:D8:CF:94:A2:8F:4D:01:89:0F:13:77:0D:3A:7B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01863B04B000AFEAAB2EEC24D9BFC86BCEEE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cHZ63sjI2M-Uoo9NAYkPE3cNOns.roa
Signing time: Fri 10 Feb 2023 11:10:08 +0000
ROA not before: Fri 10 Feb 2023 11:10:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3b:04:b0:00:af:ea:ab:2e:ec:24:d9:bf:c8:6b:ce:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 10 11:10:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70767adec8c8d8cf94a28f4d01890f13770d3a7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:68:d4:c4:1e:eb:82:c0:ad:67:de:8e:84:7c:
b8:b8:3d:18:f5:ef:c8:b4:34:07:3c:0c:4f:86:12:
cc:b0:cf:a1:dc:0a:5f:eb:4f:ff:c4:15:a2:3a:d1:
05:12:c3:b6:83:98:f0:ec:13:ab:96:cb:e6:f1:64:
e4:4a:b7:9f:78:e8:da:d3:ef:fd:74:c4:c4:a2:ad:
b9:01:49:f4:1b:5b:56:45:5d:e5:01:ac:f7:52:ed:
3c:1d:4c:bc:41:b1:b6:10:49:5b:7a:02:d5:fe:c8:
27:b3:ce:59:f5:4f:11:76:6c:0c:94:ab:7d:a5:92:
0a:36:a2:ec:40:77:df:17:c2:38:53:0e:76:aa:45:
00:37:a7:0e:ed:d2:b1:5c:c5:36:8a:96:3d:3f:1b:
d0:63:d6:ed:ca:ad:a3:23:ba:4f:2f:3d:31:74:a9:
b8:de:b9:c1:ca:a5:ba:a5:6c:c8:22:55:4e:e6:f0:
70:e3:a5:e2:82:e1:bc:d2:5e:b1:a3:ea:c9:96:b3:
4b:11:e7:02:32:13:43:7c:61:83:27:49:2b:08:d3:
2a:af:10:82:eb:33:b2:29:ec:b9:a7:b0:10:08:45:
9a:b6:55:bc:e7:a3:43:31:6b:ad:ca:88:e0:37:65:
1a:3b:07:5c:82:f9:a3:e8:8d:92:1f:77:20:a7:57:
a9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:76:7A:DE:C8:C8:D8:CF:94:A2:8F:4D:01:89:0F:13:77:0D:3A:7B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cHZ63sjI2M-Uoo9NAYkPE3cNOns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:5b:38:8a:44:98:60:96:a3:60:17:96:e2:e3:11:c4:1e:ce:
f8:4b:30:e1:2e:68:8e:5f:1d:fd:58:31:4d:af:38:7d:a5:67:
4c:2c:c2:1c:70:30:82:55:86:41:02:91:4a:ae:2a:38:d9:93:
a3:0b:7b:5b:83:3a:89:6b:e2:86:f0:af:74:26:83:ed:70:9a:
31:0f:62:6e:ca:b6:e6:95:6e:d4:b5:15:3e:5e:f3:64:e2:8f:
87:ce:36:c8:67:3c:54:36:2f:77:64:02:60:92:84:b5:1f:c3:
6e:d0:a9:c6:1c:34:91:a0:7d:18:7d:9b:f5:bf:e6:0e:36:c1:
4a:3f:76:4a:d6:40:1e:05:00:6f:eb:f2:36:5a:ca:8b:10:92:
c5:3e:d2:70:a8:e5:c7:b4:77:26:b1:5d:9b:be:3f:95:fb:72:
c7:70:01:20:75:86:24:bf:03:3b:26:82:2e:0d:a5:47:e0:c5:
90:48:45:70:09:57:af:e3:24:25:b6:b2:d8:d7:31:7a:a2:08:
17:42:46:5b:22:31:09:87:99:dc:a7:c2:d3:66:7d:ca:4c:92:
c7:cb:f5:a5:5f:65:46:ad:03:25:ec:73:31:39:33:c6:d7:f1:
d0:3f:66:15:30:9a:b5:99:8a:6c:34:96:2d:74:23:e9:14:43:
a1:ae:16:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYY7BLAAr+qrLuwk2b/Ia87uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEwMTExMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDc2N2FkZWM4YzhkOGNmOTRhMjhmNGQwMTg5MGYxMzc3MGQzYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmjUxB7rgsCtZ96OhHy4uD0Y9e/I
tDQHPAxPhhLMsM+h3Apf60//xBWiOtEFEsO2g5jw7BOrlsvm8WTkSrefeOja0+/9
dMTEoq25AUn0G1tWRV3lAaz3Uu08HUy8QbG2EElbegLV/sgns85Z9U8RdmwMlKt9
pZIKNqLsQHffF8I4Uw52qkUAN6cO7dKxXMU2ipY9PxvQY9btyq2jI7pPLz0xdKm4
3rnByqW6pWzIIlVO5vBw46XiguG80l6xo+rJlrNLEecCMhNDfGGDJ0krCNMqrxCC
6zOyKey5p7AQCEWatlW856NDMWutyojgN2UaOwdcgvmj6I2SH3cgp1epqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHB2et7IyNjPlKKPTQGJDxN3DTp7MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvY0haNjNzakkyTS1Vb285TkFZa1BFM2NOT25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABBbOIpEmGCWo2AXluLj
EcQezvhLMOEuaI5fHf1YMU2vOH2lZ0wswhxwMIJVhkECkUquKjjZk6MLe1uDOolr
4obwr3Qmg+1wmjEPYm7KtuaVbtS1FT5e82Tij4fONshnPFQ2L3dkAmCShLUfw27Q
qcYcNJGgfRh9m/W/5g42wUo/dkrWQB4FAG/r8jZayosQksU+0nCo5ce0dyaxXZu+
P5X7csdwASB1hiS/Azsmgi4NpUfgxZBIRXAJV6/jJCW2stjXMXqiCBdCRlsiMQmH
mdynwtNmfcpMksfL9aVfZUatAyXsczE5M8bX8dA/ZhUwmrWZimw0li10I+kUQ6Gu
Fgs=
-----END CERTIFICATE-----
Generated at Thu May 1 00:38:44 2025 by rpki-client