Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dQTozGssdrxwaFlODJAqLaM9-nQ.roa
File: dQTozGssdrxwaFlODJAqLaM9-nQ.roa (raw, json)
Hash identifier: Fi0aSLRvc4AF3LBxMqinovVdnyyxFr0NRxK/LDeGmDQ=
Subject key identifier: 75:04:E8:CC:6B:2C:76:BC:70:68:59:4E:0C:90:2A:2D:A3:3D:FA:74
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018712A6153D6EC0E5B3E026962080B94293
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dQTozGssdrxwaFlODJAqLaM9-nQ.roa
Signing time: Fri 24 Mar 2023 08:04:46 +0000
ROA not before: Fri 24 Mar 2023 08:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:187:12a5:8263/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:12:a6:15:3d:6e:c0:e5:b3:e0:26:96:20:80:b9:42:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 24 08:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7504e8cc6b2c76bc7068594e0c902a2da33dfa74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:16:14:c9:c4:3e:bc:8e:a1:9f:8d:ed:6a:2b:
76:2a:da:85:85:37:dd:97:31:1d:53:18:e4:71:44:
3f:d0:93:eb:af:5a:b7:d2:8b:18:8c:a0:71:d3:15:
48:13:5f:0a:e8:e8:5e:72:5b:a7:82:b3:73:3e:95:
c7:21:be:59:97:57:21:a0:49:8c:1e:b0:b2:f5:54:
cc:a2:81:74:30:bf:8a:9c:90:d2:a6:7a:7b:78:95:
00:85:68:e8:7e:af:0b:3e:02:fd:71:ed:72:ec:14:
ea:d0:9d:b2:46:1d:01:28:b6:5c:b3:35:41:a5:77:
79:f4:44:7a:df:d4:28:4b:5b:60:48:16:41:c9:6d:
4b:1d:46:72:47:ff:46:72:bb:f3:97:2f:eb:e4:db:
4a:66:ee:46:7b:ae:0c:87:9f:8e:5a:bc:60:1c:c6:
db:7b:b3:1a:9a:de:01:a2:4b:df:7f:f8:39:62:ed:
46:17:dd:57:ba:ba:d0:fc:19:89:7f:ca:71:3c:6e:
bc:c7:d6:51:0d:2a:e3:6e:34:27:14:bd:af:06:7d:
28:cc:0c:4f:e3:9c:24:8e:b6:4e:81:8e:ba:14:06:
e0:d1:be:0f:78:4e:85:0f:5f:19:18:43:8d:6a:48:
9c:15:15:ee:3d:88:64:be:61:bb:94:14:0e:6c:aa:
1d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:04:E8:CC:6B:2C:76:BC:70:68:59:4E:0C:90:2A:2D:A3:3D:FA:74
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dQTozGssdrxwaFlODJAqLaM9-nQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:9a:1c:82:18:25:18:da:c6:41:57:fb:27:d1:8d:59:54:2e:
a1:66:09:83:9d:e0:ac:a2:a8:7e:e8:a8:5b:3e:f6:2c:f7:cd:
fe:0d:75:50:ba:73:1d:e8:70:4f:74:09:56:34:e0:54:e1:f8:
25:98:5d:dd:5b:3f:c8:a0:eb:fb:a0:7a:09:b5:53:7f:4c:e3:
80:8a:3d:59:a8:4d:bc:ac:27:b4:23:18:92:43:c8:6c:47:2e:
9d:3e:9d:c7:57:82:9e:05:bd:b1:b9:70:f9:1e:f0:27:ed:59:
8b:af:a8:0d:0b:90:d1:69:63:cc:72:c9:e6:10:06:0e:e1:ae:
f7:17:65:0d:7a:f4:8c:92:35:60:44:f4:12:79:04:f7:8a:89:
4c:8e:08:1d:02:39:09:c0:a0:08:2a:e6:97:19:00:75:c4:d2:
57:e3:d0:40:f6:a8:0e:2b:b4:03:2b:d8:60:a3:6e:7c:11:29:
28:4c:25:51:f0:29:8a:19:f5:28:3e:f1:c1:55:ba:28:ca:6b:
75:2d:ac:76:d2:a3:c3:e6:80:97:36:c9:ec:4f:14:68:af:7e:
db:0b:f6:7b:5a:a5:5c:ec:b3:ec:04:ca:0c:ca:cf:08:94:a8:
18:b6:1d:e7:e2:bb:47:0c:f0:8b:23:ee:c8:44:55:0b:e0:56:
e2:0d:e0:9c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcSphU9bsDls+AmliCAuUKTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI0MDgwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTA0ZThjYzZiMmM3NmJjNzA2ODU5NGUwYzkwMmEyZGEzM2RmYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBYUycQ+vI6hn43tait2KtqFhTfd
lzEdUxjkcUQ/0JPrr1q30osYjKBx0xVIE18K6OheclungrNzPpXHIb5Zl1choEmM
HrCy9VTMooF0ML+KnJDSpnp7eJUAhWjofq8LPgL9ce1y7BTq0J2yRh0BKLZcszVB
pXd59ER639QoS1tgSBZByW1LHUZyR/9Gcrvzly/r5NtKZu5Ge64Mh5+OWrxgHMbb
e7Mamt4Bokvff/g5Yu1GF91XurrQ/BmJf8pxPG68x9ZRDSrjbjQnFL2vBn0ozAxP
45wkjrZOgY66FAbg0b4PeE6FD18ZGEONakicFRXuPYhkvmG7lBQObKodZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHUE6MxrLHa8cGhZTgyQKi2jPfp0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZFFUb3pHc3Nkcnh3YUZsT0RKQXFMYU05LW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE2aHIIYJRjaxkFX+yfR
jVlULqFmCYOd4KyiqH7oqFs+9iz3zf4NdVC6cx3ocE90CVY04FTh+CWYXd1bP8ig
6/ugegm1U39M44CKPVmoTbysJ7QjGJJDyGxHLp0+ncdXgp4FvbG5cPke8CftWYuv
qA0LkNFpY8xyyeYQBg7hrvcXZQ169IySNWBE9BJ5BPeKiUyOCB0COQnAoAgq5pcZ
AHXE0lfj0ED2qA4rtAMr2GCjbnwRKShMJVHwKYoZ9Sg+8cFVuijKa3UtrHbSo8Pm
gJc2yexPFGivftsL9ntapVzss+wEygzKzwiUqBi2Hefiu0cM8Isj7shEVQvgVuIN
4Jw=
-----END CERTIFICATE-----
Generated at Fri May 2 18:40:24 2025 by rpki-client