Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/czA1jMCMS8RoLdyUz7aT2xC09BA.roa
File: czA1jMCMS8RoLdyUz7aT2xC09BA.roa (raw, json)
Hash identifier: QHs4jdf1pWmSREK3toMBeZLE1SdUAAAvLsm/spEmMXQ=
Subject key identifier: 73:30:35:8C:C0:8C:4B:C4:68:2D:DC:94:CF:B6:93:DB:10:B4:F4:10
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186E2D3594DB4EB006D81A52404CDB16F37
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/czA1jMCMS8RoLdyUz7aT2xC09BA.roa
Signing time: Wed 15 Mar 2023 01:12:27 +0000
ROA not before: Wed 15 Mar 2023 01:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e2:d3:59:4d:b4:eb:00:6d:81:a5:24:04:cd:b1:6f:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 15 01:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7330358cc08c4bc4682ddc94cfb693db10b4f410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3e:4e:78:61:51:9e:5b:52:d1:df:a1:66:48:
a1:63:c1:b8:27:7a:ee:d9:ef:6f:64:a0:0c:00:0d:
91:f8:52:30:d4:3e:d9:cf:5b:8d:06:06:5b:47:14:
1d:ec:7f:da:75:ee:1c:a0:2f:e6:24:17:fa:bc:4d:
0c:80:44:93:04:a8:e5:a4:fe:09:e7:62:04:3b:ec:
80:40:08:a2:63:d0:0f:ad:15:0e:a8:b9:4e:79:4a:
2d:cd:e9:67:46:16:2a:78:a7:b9:43:4d:93:54:31:
e3:4e:48:92:ae:85:65:f2:95:99:e8:3c:42:af:6c:
c4:a1:56:df:74:b5:f8:fb:55:52:96:7f:2f:5c:4e:
0c:68:8c:60:6c:5d:83:68:61:86:44:60:ec:e6:34:
93:6e:ed:b7:5e:69:45:8e:c0:5b:72:37:08:35:df:
11:0e:5d:1d:2b:08:7c:e2:67:9a:12:ef:a4:70:19:
b3:78:93:42:19:2c:19:3c:04:ad:d9:98:80:53:ef:
48:cc:e0:fd:8d:7e:fc:8b:9e:07:b5:5a:72:0a:6b:
db:4c:3a:78:ea:31:3f:96:c9:86:86:d6:3b:49:2a:
34:57:a3:ef:0a:4f:1b:f6:45:11:18:a5:7f:e4:e5:
e9:03:aa:5a:1b:a8:af:9c:3c:17:c8:35:f2:c7:fa:
44:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:30:35:8C:C0:8C:4B:C4:68:2D:DC:94:CF:B6:93:DB:10:B4:F4:10
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/czA1jMCMS8RoLdyUz7aT2xC09BA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
54:05:ab:bb:65:56:14:0f:1d:cd:ac:8e:8e:d5:35:90:ba:76:
b1:20:9b:5a:d7:62:46:0f:c9:c4:fd:40:8b:bd:2b:34:04:37:
3b:1e:33:cd:b7:81:b1:c9:1a:bc:50:20:6f:8c:8c:a6:f6:a0:
bf:a4:cb:05:fe:60:15:84:15:44:88:ef:37:f2:85:f0:32:87:
32:7b:11:a1:e6:49:b3:1e:28:be:fe:26:ad:cb:d7:97:a4:5f:
51:a5:45:2c:a2:c4:be:6a:63:06:47:02:e0:aa:1f:08:cd:93:
53:27:4b:ba:f5:02:64:2a:d5:0c:18:ed:0a:b8:5e:cc:fb:78:
02:ac:4c:8d:e1:db:90:a9:32:e8:ce:af:f5:48:14:9e:b8:96:
a5:49:70:6e:b6:6f:16:8c:a0:8a:ff:75:b4:be:ac:a8:48:52:
5a:e6:c7:ef:52:21:5f:6b:f6:79:39:3f:cc:11:7c:9f:4b:43:
fd:92:d5:8a:bd:fb:9d:e9:5c:70:b6:f7:0c:f5:a3:41:7c:20:
8c:14:c8:f6:3c:d1:e7:59:10:02:3c:b1:9f:79:b3:e4:22:68:
9c:a0:8b:14:f8:94:4d:c8:b1:40:c8:bd:43:e7:f5:76:86:54:
42:4a:bc:57:75:f3:3a:6d:a2:b7:6e:6e:92:94:e3:c6:a6:54:
f8:35:0a:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbi01lNtOsAbYGlJATNsW83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE1MDExMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzMwMzU4Y2MwOGM0YmM0NjgyZGRjOTRjZmI2OTNkYjEwYjRmNDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiz5OeGFRnltS0d+hZkihY8G4J3ru
2e9vZKAMAA2R+FIw1D7Zz1uNBgZbRxQd7H/ade4coC/mJBf6vE0MgESTBKjlpP4J
52IEO+yAQAiiY9APrRUOqLlOeUotzelnRhYqeKe5Q02TVDHjTkiSroVl8pWZ6DxC
r2zEoVbfdLX4+1VSln8vXE4MaIxgbF2DaGGGRGDs5jSTbu23XmlFjsBbcjcINd8R
Dl0dKwh84meaEu+kcBmzeJNCGSwZPASt2ZiAU+9IzOD9jX78i54HtVpyCmvbTDp4
6jE/lsmGhtY7SSo0V6PvCk8b9kURGKV/5OXpA6paG6ivnDwXyDXyx/pEAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHMwNYzAjEvEaC3clM+2k9sQtPQQMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvY3pBMWpNQ01TOFJvTGR5VXo3YVQyeEMwOUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFQFq7tlVhQPHc2sjo7V
NZC6drEgm1rXYkYPycT9QIu9KzQENzseM823gbHJGrxQIG+MjKb2oL+kywX+YBWE
FUSI7zfyhfAyhzJ7EaHmSbMeKL7+Jq3L15ekX1GlRSyixL5qYwZHAuCqHwjNk1Mn
S7r1AmQq1QwY7Qq4Xsz7eAKsTI3h25CpMujOr/VIFJ64lqVJcG62bxaMoIr/dbS+
rKhIUlrmx+9SIV9r9nk5P8wRfJ9LQ/2S1Yq9+53pXHC29wz1o0F8IIwUyPY80edZ
EAI8sZ95s+QiaJygixT4lE3IsUDIvUPn9XaGVEJKvFd18zptordubpKU48amVPg1
CtU=
-----END CERTIFICATE-----
Generated at Thu May 1 01:48:19 2025 by rpki-client