Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cWnQNcnU8iufdyU_KK2bruwYeqY.roa
File: cWnQNcnU8iufdyU_KK2bruwYeqY.roa (raw, json)
Hash identifier: tPK4zOThPQof+3v8mAw4Mn4642TBSDCuD6shvBxMenM=
Subject key identifier: 71:69:D0:35:C9:D4:F2:2B:9F:77:25:3F:28:AD:9B:AE:EC:18:7A:A6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01868A3466EB0BFB37C0C26BFA451B2591B4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cWnQNcnU8iufdyU_KK2bruwYeqY.roa
Signing time: Sat 25 Feb 2023 20:12:15 +0000
ROA not before: Sat 25 Feb 2023 20:12:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8a:34:66:eb:0b:fb:37:c0:c2:6b:fa:45:1b:25:91:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 20:12:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7169d035c9d4f22b9f77253f28ad9baeec187aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f2:43:4f:c6:d8:e1:f1:fd:cc:2b:2f:4e:fc:
73:3c:b2:40:e1:db:5a:52:d3:26:f1:ee:f4:70:f1:
a5:00:1b:a2:98:a3:4f:d3:13:22:18:81:38:9c:00:
2b:83:88:96:71:ab:73:dc:00:a8:06:b3:71:3f:ff:
1d:02:88:f2:59:c3:16:aa:c0:68:4f:be:24:d9:13:
90:79:dd:31:5e:ce:3e:6b:b5:28:80:6a:16:13:22:
4c:0f:ee:e7:43:54:68:25:10:bc:c2:02:6e:6d:e4:
da:23:a2:db:53:31:00:d2:ed:48:6b:20:b5:5c:c4:
79:96:b1:36:6f:11:b0:bf:b6:86:6c:5f:14:e3:60:
a2:96:03:8e:60:d5:18:61:bb:95:37:37:02:c9:35:
3c:03:d7:8d:1f:ca:97:45:39:b4:ce:01:44:9a:6f:
ac:e3:ec:00:32:31:a9:9c:44:77:2c:7d:9f:d8:1f:
e3:2c:9a:39:65:9a:c8:07:26:36:30:b8:4a:ba:a4:
47:cb:17:c2:e3:43:ec:7c:44:30:55:55:0e:b4:2c:
f7:4c:27:3e:c8:8e:62:88:63:d1:32:54:9a:5e:f6:
6a:e8:99:42:9b:66:bd:89:77:07:41:32:66:6a:7f:
2e:be:6e:c9:08:6e:5d:51:1a:34:c6:03:6d:35:94:
30:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:69:D0:35:C9:D4:F2:2B:9F:77:25:3F:28:AD:9B:AE:EC:18:7A:A6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cWnQNcnU8iufdyU_KK2bruwYeqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:e3:e2:5a:1e:d6:8f:a9:4c:40:ae:ed:eb:fd:da:9d:28:55:
a0:c5:d2:b9:ab:f3:98:64:a4:22:7c:bc:31:e2:04:91:17:ab:
22:a7:55:69:e7:f2:21:cc:ba:a6:06:95:46:2e:d8:83:fa:23:
9c:17:22:9d:a3:8a:da:2e:e0:09:34:99:d7:3c:7c:ec:bb:ac:
4d:35:42:6e:4b:73:75:5f:47:02:94:0c:c3:d8:b8:3d:89:91:
1d:ef:03:25:7a:2d:97:39:1f:dd:1f:d8:59:13:2f:1d:8b:7b:
b7:ed:3b:ec:44:f5:30:54:c2:f7:9f:54:29:96:6c:d8:b5:c3:
45:9a:54:05:07:e1:d8:98:b2:0d:6b:88:e6:b9:73:31:7c:39:
30:66:ef:21:37:0c:91:c6:44:1c:85:3e:77:de:d9:32:ac:fd:
eb:d5:d5:ec:59:d4:12:b6:c8:20:91:1e:bb:e2:16:30:c6:12:
b8:02:aa:18:68:86:f4:79:f3:8b:c3:7c:7c:36:7c:80:91:e1:
f9:7d:0b:3d:fa:1e:31:a2:59:c6:69:f7:68:cc:45:6c:1a:1b:
06:f0:79:dc:4c:7a:f3:61:fb:21:07:15:14:1f:17:a8:a2:c6:
c1:7f:f2:27:27:e8:9d:c6:58:ab:5a:2c:9a:73:45:55:0b:f5:
f0:13:f3:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaKNGbrC/s3wMJr+kUbJZG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MjAxMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTY5ZDAzNWM5ZDRmMjJiOWY3NzI1M2YyOGFkOWJhZWVjMTg3YWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfJDT8bY4fH9zCsvTvxzPLJA4dta
UtMm8e70cPGlABuimKNP0xMiGIE4nAArg4iWcatz3ACoBrNxP/8dAojyWcMWqsBo
T74k2ROQed0xXs4+a7UogGoWEyJMD+7nQ1RoJRC8wgJubeTaI6LbUzEA0u1IayC1
XMR5lrE2bxGwv7aGbF8U42CilgOOYNUYYbuVNzcCyTU8A9eNH8qXRTm0zgFEmm+s
4+wAMjGpnER3LH2f2B/jLJo5ZZrIByY2MLhKuqRHyxfC40PsfEQwVVUOtCz3TCc+
yI5iiGPRMlSaXvZq6JlCm2a9iXcHQTJman8uvm7JCG5dURo0xgNtNZQwQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHFp0DXJ1PIrn3clPyitm67sGHqmMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvY1duUU5jblU4aXVmZHlVX0tLMmJydXdZZXFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACbj4loe1o+pTECu7ev9
2p0oVaDF0rmr85hkpCJ8vDHiBJEXqyKnVWnn8iHMuqYGlUYu2IP6I5wXIp2jitou
4Ak0mdc8fOy7rE01Qm5Lc3VfRwKUDMPYuD2JkR3vAyV6LZc5H90f2FkTLx2Le7ft
O+xE9TBUwvefVCmWbNi1w0WaVAUH4diYsg1riOa5czF8OTBm7yE3DJHGRByFPnfe
2TKs/evV1exZ1BK2yCCRHrviFjDGErgCqhhohvR584vDfHw2fICR4fl9Cz36HjGi
WcZp92jMRWwaGwbwedxMevNh+yEHFRQfF6iixsF/8icn6J3GWKtaLJpzRVUL9fAT
85g=
-----END CERTIFICATE-----
Generated at Thu May 1 05:04:30 2025 by rpki-client