Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d6Z12XvzDtgYZeC-Ku8lGqgyJAM.roa
File: d6Z12XvzDtgYZeC-Ku8lGqgyJAM.roa (raw, json)
Hash identifier: Wn1HAZ60mv4TWsf9bkgfyfrliMsb9wK/rl7w8CoG60I=
Subject key identifier: 77:A6:75:D9:7B:F3:0E:D8:18:65:E0:BE:2A:EF:25:1A:A8:32:24:03
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185A57066B31FC39D545FA3FA3E93945317
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d6Z12XvzDtgYZeC-Ku8lGqgyJAM.roa
Signing time: Thu 12 Jan 2023 10:04:44 +0000
ROA not before: Thu 12 Jan 2023 10:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:a570:1e20/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:70:66:b3:1f:c3:9d:54:5f:a3:fa:3e:93:94:53:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 12 10:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77a675d97bf30ed81865e0be2aef251aa8322403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9d:c8:8d:a1:1d:e9:7c:32:37:27:f9:2d:92:
ca:c4:e2:fe:33:7e:87:c5:70:7d:af:c7:bc:65:9b:
06:a0:55:01:af:8b:b3:56:a7:b6:78:d9:49:c4:07:
c7:2f:b1:4c:c4:a9:b7:33:af:54:00:fc:6d:80:64:
c6:a4:4d:47:4f:97:4d:27:02:c4:99:0d:1a:06:81:
08:7f:71:0b:b8:c0:93:ab:1f:6a:14:0f:c6:07:a2:
da:65:8b:52:49:14:77:6c:b8:25:15:3a:f8:cc:50:
45:78:e5:21:79:67:d6:35:73:fb:31:2e:0c:70:f8:
c6:cf:cb:a6:79:67:8d:70:77:50:88:b9:9d:c8:b4:
1f:6f:10:6f:f4:98:ba:be:4c:61:b3:4a:8a:4e:ac:
4a:24:dc:48:a0:c1:d3:5d:de:e3:2a:86:3d:23:ad:
c7:b3:c0:5b:44:d4:7f:d4:39:11:aa:c8:dd:b7:47:
2e:8a:1d:fa:12:0b:f4:4f:6f:18:fa:36:f7:9b:2d:
e4:8f:30:65:f0:2c:fe:07:68:be:df:d2:52:56:6b:
51:e2:e3:19:ec:7b:28:a8:3e:73:e1:1b:1c:25:3d:
cf:d2:7d:d3:e5:67:61:43:7c:d3:8a:5d:fe:be:7f:
16:87:5b:2e:8c:e8:70:bf:8f:16:5b:bc:23:3d:03:
71:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A6:75:D9:7B:F3:0E:D8:18:65:E0:BE:2A:EF:25:1A:A8:32:24:03
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d6Z12XvzDtgYZeC-Ku8lGqgyJAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4c:b0:f3:72:9e:b8:8d:60:ed:f6:29:e4:a3:9d:6f:ea:ef:5d:
d4:25:5d:1f:a8:51:99:88:b3:ae:ba:c4:f1:fe:e7:92:71:d3:
1a:7b:e2:7b:d4:2e:8c:14:cd:9e:ac:c8:7d:70:20:7a:70:3b:
3e:0b:6a:44:53:e6:b9:5c:ba:f0:9d:3f:3b:3b:1a:be:b7:4f:
82:8c:c9:28:e8:95:97:f1:ab:bb:ff:9d:cf:d9:77:d5:cc:50:
f3:59:c9:d8:fb:fd:df:1b:29:04:1d:c2:4d:f3:76:c8:42:e5:
34:2d:fe:60:32:a3:3b:30:a9:8f:b4:40:9c:1a:79:83:11:db:
f4:6d:a8:42:c5:c9:13:38:65:c7:f8:f7:9f:97:7d:08:61:28:
b7:b5:75:1c:af:0e:f7:c0:33:db:3d:82:d2:4d:53:36:36:c0:
fd:67:7b:c3:1f:0c:e2:05:5e:4a:d1:83:73:5a:0f:06:19:a8:
3a:f9:e2:63:b1:75:db:65:5e:97:ee:0c:d0:b2:54:4f:6c:a3:
74:1d:74:bf:f1:4b:4c:97:3a:37:8e:92:d0:88:9a:8c:7f:0a:
b2:d9:67:fa:67:d0:07:f8:f3:8e:c4:89:76:3d:66:9b:c0:7e:
e7:14:6a:f3:1a:c7:d1:ab:28:52:84:de:a3:b2:3e:71:04:1f:
63:a4:5f:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWlcGazH8OdVF+j+j6TlFMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTEyMTAwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2E2NzVkOTdiZjMwZWQ4MTg2NWUwYmUyYWVmMjUxYWE4MzIyNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp3IjaEd6XwyNyf5LZLKxOL+M36H
xXB9r8e8ZZsGoFUBr4uzVqe2eNlJxAfHL7FMxKm3M69UAPxtgGTGpE1HT5dNJwLE
mQ0aBoEIf3ELuMCTqx9qFA/GB6LaZYtSSRR3bLglFTr4zFBFeOUheWfWNXP7MS4M
cPjGz8umeWeNcHdQiLmdyLQfbxBv9Ji6vkxhs0qKTqxKJNxIoMHTXd7jKoY9I63H
s8BbRNR/1DkRqsjdt0cuih36Egv0T28Y+jb3my3kjzBl8Cz+B2i+39JSVmtR4uMZ
7HsoqD5z4RscJT3P0n3T5WdhQ3zTil3+vn8Wh1sujOhwv48WW7wjPQNxgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHemddl78w7YGGXgvirvJRqoMiQDMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZDZaMTJYdnpEdGdZWmVDLUt1OGxHcWd5SkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEyw83KeuI1g7fYp5KOd
b+rvXdQlXR+oUZmIs666xPH+55Jx0xp74nvULowUzZ6syH1wIHpwOz4LakRT5rlc
uvCdPzs7Gr63T4KMySjolZfxq7v/nc/Zd9XMUPNZydj7/d8bKQQdwk3zdshC5TQt
/mAyozswqY+0QJwaeYMR2/RtqELFyRM4Zcf495+XfQhhKLe1dRyvDvfAM9s9gtJN
UzY2wP1ne8MfDOIFXkrRg3NaDwYZqDr54mOxddtlXpfuDNCyVE9so3QddL/xS0yX
OjeOktCImox/CrLZZ/pn0Af4847EiXY9ZpvAfucUavMax9GrKFKE3qOyPnEEH2Ok
X2k=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:37:59 2025 by rpki-client