Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/daRtl4mhSbkHcP3aF-2PkEDtsqM.roa
File: daRtl4mhSbkHcP3aF-2PkEDtsqM.roa (raw, json)
Hash identifier: Za4GXjbgj059pX9A203YCjUJVDCzgKHwKV5d6NVnfoU=
Subject key identifier: 75:A4:6D:97:89:A1:49:B9:07:70:FD:DA:17:ED:8F:90:40:ED:B2:A3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189D689BD14BF349D05F90C709327ED237D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/daRtl4mhSbkHcP3aF-2PkEDtsqM.roa
Signing time: Tue 08 Aug 2023 19:04:58 +0000
ROA not before: Tue 08 Aug 2023 19:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:189:d689:1b15/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d6:89:bd:14:bf:34:9d:05:f9:0c:70:93:27:ed:23:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 8 19:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75a46d9789a149b90770fdda17ed8f9040edb2a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:73:6a:5d:a6:c6:1f:e9:59:ac:17:83:29:c8:
53:27:ca:65:ef:d5:8a:c2:e6:fb:38:88:1c:2e:3c:
28:f3:82:7b:17:cb:db:02:1e:eb:e0:91:2f:a6:75:
50:5a:1f:20:f3:78:a3:17:a5:ba:54:0b:39:59:e7:
5c:99:1c:c1:e5:18:dd:0e:32:f1:59:03:9d:36:bb:
59:38:ee:66:d2:81:00:bc:49:4c:3b:cb:e8:5b:64:
77:4e:eb:17:d8:ce:ae:bd:b0:28:3f:52:fb:b2:5e:
73:54:8f:fe:5b:5a:19:e0:4e:f2:2a:fc:f9:12:3e:
1b:ae:7f:0f:05:b7:01:0d:4c:17:20:5f:6e:3f:1c:
38:4a:ae:1a:10:67:5e:50:f6:16:99:97:9d:6d:80:
48:d0:b6:09:26:9d:9b:90:e2:25:55:d9:43:33:54:
6e:c6:09:9a:06:1f:94:19:f5:12:c3:d3:47:09:f9:
d4:a7:1c:06:29:a5:c7:20:18:2a:8e:d7:4b:cc:fa:
93:d7:88:a6:39:cc:73:92:51:9d:c5:5e:89:c9:16:
4c:02:90:a5:e0:47:77:8a:1a:f9:0e:f0:d0:2c:9d:
e3:63:98:45:76:07:b8:a4:cf:21:74:1f:21:f7:f4:
67:be:2e:68:47:ed:fd:94:0c:d3:b6:d3:cd:d1:86:
b3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A4:6D:97:89:A1:49:B9:07:70:FD:DA:17:ED:8F:90:40:ED:B2:A3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/daRtl4mhSbkHcP3aF-2PkEDtsqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:86:55:15:a8:2e:2e:00:5c:4a:10:06:d4:e1:81:b8:2d:b9:
cb:f5:c0:c3:9e:bd:6e:13:47:15:c9:11:1a:e7:18:6b:19:bf:
51:ee:a7:59:32:fb:2b:02:a1:c9:aa:71:29:ef:b4:94:a2:78:
1c:dd:9b:30:a2:62:15:7a:05:ad:5e:0f:e5:d9:af:11:89:3c:
cf:46:d7:42:d3:1b:41:84:2b:5b:40:8e:e4:a4:5a:ef:17:22:
81:23:3f:21:1f:70:dd:f0:cb:83:1b:0c:26:c6:b3:b9:e3:ed:
6f:81:0a:22:00:7f:00:5f:dc:61:ef:d0:17:77:75:8d:1d:bb:
9c:43:b2:d5:52:31:11:98:10:9e:a7:b6:9a:d6:5f:98:35:6b:
ee:9e:6d:88:5c:04:54:5a:1b:68:50:c5:50:2e:02:50:3b:1e:
3d:63:dd:92:27:a8:6d:0f:30:d0:97:0e:59:8b:a7:8a:6a:f3:
96:86:e1:b1:ff:17:3a:df:77:8a:44:62:d9:bf:6a:6e:50:72:
e8:24:27:30:6b:1f:eb:b8:51:5c:5a:79:43:f0:ac:8b:4d:e4:
22:8f:18:ba:40:e1:35:cf:71:8b:11:91:26:c0:06:cd:18:ef:
79:e5:77:9f:a2:c0:65:a4:6e:52:f0:ec:4a:87:79:9b:6d:92:
7b:26:73:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnWib0UvzSdBfkMcJMn7SN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA4MTkwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWE0NmQ5Nzg5YTE0OWI5MDc3MGZkZGExN2VkOGY5MDQwZWRiMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3NqXabGH+lZrBeDKchTJ8pl79WK
wub7OIgcLjwo84J7F8vbAh7r4JEvpnVQWh8g83ijF6W6VAs5WedcmRzB5RjdDjLx
WQOdNrtZOO5m0oEAvElMO8voW2R3TusX2M6uvbAoP1L7sl5zVI/+W1oZ4E7yKvz5
Ej4brn8PBbcBDUwXIF9uPxw4Sq4aEGdeUPYWmZedbYBI0LYJJp2bkOIlVdlDM1Ru
xgmaBh+UGfUSw9NHCfnUpxwGKaXHIBgqjtdLzPqT14imOcxzklGdxV6JyRZMApCl
4Ed3ihr5DvDQLJ3jY5hFdge4pM8hdB8h9/Rnvi5oR+39lAzTttPN0YazlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHWkbZeJoUm5B3D92hftj5BA7bKjMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZGFSdGw0bWhTYmtIY1AzYUYtMlBrRUR0c3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADmGVRWoLi4AXEoQBtTh
gbgtucv1wMOevW4TRxXJERrnGGsZv1Hup1ky+ysCocmqcSnvtJSieBzdmzCiYhV6
Ba1eD+XZrxGJPM9G10LTG0GEK1tAjuSkWu8XIoEjPyEfcN3wy4MbDCbGs7nj7W+B
CiIAfwBf3GHv0Bd3dY0du5xDstVSMRGYEJ6ntprWX5g1a+6ebYhcBFRaG2hQxVAu
AlA7Hj1j3ZInqG0PMNCXDlmLp4pq85aG4bH/Fzrfd4pEYtm/am5QcugkJzBrH+u4
UVxaeUPwrItN5CKPGLpA4TXPcYsRkSbABs0Y73nld5+iwGWkblLw7EqHeZttknsm
c8Y=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:39:22 2025 by rpki-client