Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d4u-MpYyRZW8I9JDqdMIQbYZ4sQ.roa
File: d4u-MpYyRZW8I9JDqdMIQbYZ4sQ.roa (raw, json)
Hash identifier: lCralRqabmB/TqIe22ySPMgrAIf4E6vFDLZQL36nFtk=
Subject key identifier: 77:8B:BE:32:96:32:45:95:BC:23:D2:43:A9:D3:08:41:B6:19:E2:C4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A0BCA5887E00C02E3A25323DFE717F6A6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d4u-MpYyRZW8I9JDqdMIQbYZ4sQ.roa
Signing time: Sat 19 Aug 2023 03:15:24 +0000
ROA not before: Sat 19 Aug 2023 03:15:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0b:ca:58:87:e0:0c:02:e3:a2:53:23:df:e7:17:f6:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 19 03:15:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=778bbe3296324595bc23d243a9d30841b619e2c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6a:9d:5a:6f:3b:a8:e3:68:5a:54:96:0c:fc:
73:9b:d2:4c:71:39:5e:9b:63:16:83:92:e3:b2:0b:
11:42:42:2b:2e:ba:ed:91:86:0c:d1:8f:2f:77:3a:
f5:e8:58:40:ca:b1:98:74:8d:eb:4b:23:36:74:42:
38:6d:87:34:9f:77:30:22:8a:ce:ab:7d:04:aa:11:
1a:f1:ef:25:07:51:59:79:f9:7a:11:27:ff:74:e5:
99:f3:44:09:65:bd:3f:f9:c4:06:0a:25:64:0e:12:
8a:c7:e8:b3:24:b5:0a:7d:d1:44:1a:35:d7:65:f9:
f6:dd:68:39:09:01:21:07:02:19:65:15:2c:39:78:
03:09:a5:89:99:b5:5a:ee:c2:cc:b0:77:5e:ff:88:
c5:99:ea:a2:65:bb:75:9e:c8:da:86:3b:72:ba:97:
1b:54:0f:c0:a2:38:2c:a8:59:e4:33:8a:1d:46:02:
58:a4:57:27:b5:27:c1:f3:42:9d:ce:87:a0:4d:4e:
93:d1:4c:34:d1:68:b8:af:d5:55:7c:c2:79:01:84:
b4:f3:91:08:a7:fe:a2:c5:53:06:ad:fa:ec:7f:96:
bf:24:11:5b:37:cb:6f:9b:13:ab:ef:85:9f:9e:c6:
1d:86:2c:aa:68:24:bc:49:2d:db:8f:7a:8f:a9:7e:
c3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:8B:BE:32:96:32:45:95:BC:23:D2:43:A9:D3:08:41:B6:19:E2:C4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d4u-MpYyRZW8I9JDqdMIQbYZ4sQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:10:07:9f:96:da:2f:f7:cc:14:07:ab:a1:5c:28:b6:74:94:
65:8a:53:5d:65:31:52:e7:5a:29:dd:80:64:97:b1:4c:84:92:
a0:27:1c:25:7e:86:c0:80:25:d7:5a:5c:e7:9d:c2:50:a1:a7:
7d:12:49:7b:f5:7e:03:55:c5:0f:cb:36:fd:12:27:d9:0f:bd:
8f:6d:b4:ed:da:38:b8:fc:fc:21:1f:ee:2f:0a:af:19:fb:f2:
75:9b:f2:5c:c7:3a:d0:1e:0d:91:13:b3:13:1a:b6:58:61:ed:
bf:2a:4e:a8:58:9f:d0:06:57:be:9c:2e:5e:66:86:be:ac:df:
f5:aa:e5:09:ca:fe:ed:6d:cd:e3:0a:e3:f7:40:ec:5d:5d:44:
25:5e:12:1a:17:bb:42:8f:6a:fb:64:22:f6:e5:92:f6:75:b7:
14:24:f6:40:15:84:2b:24:63:45:7f:16:13:23:d3:93:cb:2c:
61:d8:9c:e6:9a:4a:41:cd:92:b1:25:e1:17:63:ac:fe:3b:fe:
92:9a:af:13:a6:bd:dd:f9:23:85:a3:50:cc:35:18:e3:75:b6:
a4:c3:b2:60:9d:05:a0:13:02:d2:31:a6:ed:d8:8f:c3:e9:34:
85:67:29:74:da:6a:96:64:6e:c0:1a:ca:bd:9c:ed:5a:73:d2:
f2:67:b1:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoLyliH4AwC46JTI9/nF/amMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE5MDMxNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzhiYmUzMjk2MzI0NTk1YmMyM2QyNDNhOWQzMDg0MWI2MTllMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWqdWm87qONoWlSWDPxzm9JMcTle
m2MWg5LjsgsRQkIrLrrtkYYM0Y8vdzr16FhAyrGYdI3rSyM2dEI4bYc0n3cwIorO
q30EqhEa8e8lB1FZefl6ESf/dOWZ80QJZb0/+cQGCiVkDhKKx+izJLUKfdFEGjXX
Zfn23Wg5CQEhBwIZZRUsOXgDCaWJmbVa7sLMsHde/4jFmeqiZbt1nsjahjtyupcb
VA/AojgsqFnkM4odRgJYpFcntSfB80KdzoegTU6T0Uw00Wi4r9VVfMJ5AYS085EI
p/6ixVMGrfrsf5a/JBFbN8tvmxOr74WfnsYdhiyqaCS8SS3bj3qPqX7DdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHeLvjKWMkWVvCPSQ6nTCEG2GeLEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZDR1LU1wWXlSWlc4STlKRHFkTUlRYllaNHNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGQQB5+W2i/3zBQHq6Fc
KLZ0lGWKU11lMVLnWindgGSXsUyEkqAnHCV+hsCAJddaXOedwlChp30SSXv1fgNV
xQ/LNv0SJ9kPvY9ttO3aOLj8/CEf7i8Krxn78nWb8lzHOtAeDZETsxMatlhh7b8q
TqhYn9AGV76cLl5mhr6s3/Wq5QnK/u1tzeMK4/dA7F1dRCVeEhoXu0KPavtkIvbl
kvZ1txQk9kAVhCskY0V/FhMj05PLLGHYnOaaSkHNkrEl4RdjrP47/pKarxOmvd35
I4WjUMw1GON1tqTDsmCdBaATAtIxpu3Yj8PpNIVnKXTaapZkbsAayr2c7Vpz0vJn
sd4=
-----END CERTIFICATE-----
Generated at Fri May 2 13:13:12 2025 by rpki-client