Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dpaNTazJrV9JEmM_jpRcAo8zE48.roa
File: dpaNTazJrV9JEmM_jpRcAo8zE48.roa (raw, json)
Hash identifier: ihNLZ/tElL56KiP0fRq4Q0PQK2SPIf/lSHiL0KFR5iQ=
Subject key identifier: 76:96:8D:4D:AC:C9:AD:5F:49:12:63:3F:8E:94:5C:02:8F:33:13:8F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189AC43BC7F268D424987DC646ADE5BA00B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dpaNTazJrV9JEmM_jpRcAo8zE48.roa
Signing time: Mon 31 Jul 2023 14:04:27 +0000
ROA not before: Mon 31 Jul 2023 14:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:189:ac43:aeb0/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:43:bc:7f:26:8d:42:49:87:dc:64:6a:de:5b:a0:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 31 14:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76968d4dacc9ad5f4912633f8e945c028f33138f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ce:a7:bb:25:28:b6:99:56:b2:0c:46:44:21:
db:ac:c1:e3:08:e3:66:7f:dd:e5:cb:dd:e3:42:17:
1b:c4:fb:c2:1a:81:99:d0:6c:4f:e8:53:67:72:e6:
cd:93:ec:5f:3e:f3:ce:99:00:10:9e:c6:3d:e1:02:
12:07:df:54:ee:89:34:4b:21:25:ac:fa:78:73:25:
f8:d2:07:0f:0a:0c:af:db:fa:86:8b:51:87:f8:37:
20:cd:48:75:a9:82:11:f5:33:e9:ea:f6:ca:07:5e:
76:0d:fd:87:31:90:9a:7e:46:e1:c7:70:1e:ea:ba:
41:42:ea:5e:12:82:a7:d9:31:0e:d8:1a:32:23:d5:
39:76:ad:55:7c:44:77:6f:45:5b:e0:b3:5d:0d:80:
36:cc:4e:0d:a9:eb:86:ab:2b:de:f9:c3:77:7a:59:
e7:f2:a8:f9:36:21:ee:10:bd:b8:25:96:f9:54:87:
f7:a8:46:84:1f:88:49:c5:db:bf:26:c4:d5:4c:3e:
e1:bb:7f:a0:77:8f:cf:74:f7:05:e8:39:ca:43:58:
2a:c3:54:d2:a7:58:a4:84:f9:25:b5:aa:a8:00:4a:
ad:04:3e:eb:7c:22:fd:70:8e:a8:78:79:6e:be:52:
51:62:7b:db:24:67:4f:aa:e5:f8:bd:28:2c:3e:a4:
22:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:96:8D:4D:AC:C9:AD:5F:49:12:63:3F:8E:94:5C:02:8F:33:13:8F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dpaNTazJrV9JEmM_jpRcAo8zE48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:13:b3:32:f3:da:de:ce:a6:b8:8a:76:68:f5:7e:14:e1:00:
9b:3e:94:93:c6:88:96:c1:88:70:73:c2:1e:69:ec:74:a4:ee:
d4:87:d1:90:40:9f:19:d4:16:b5:44:53:29:73:eb:23:d7:ac:
ad:d4:ba:da:18:8b:fc:25:b4:9d:8a:e9:4d:07:3f:03:38:f5:
1d:20:fe:aa:ae:07:27:79:80:66:01:a0:20:37:25:6d:92:e4:
c3:9f:f3:27:b2:80:83:4a:26:f2:12:76:13:e6:40:be:bc:67:
da:26:32:5b:37:e0:71:17:36:cf:2e:01:70:1b:3b:7c:17:55:
0e:c9:c1:77:23:6f:0d:d9:fc:f1:15:06:0a:23:6d:2e:a1:86:
41:96:8a:2d:89:01:a9:f5:e3:d0:9b:32:7b:e3:f2:86:91:dc:
a2:54:82:1c:ea:0b:d4:9d:7b:1c:79:c3:79:b5:01:1d:f9:77:
40:d0:c9:7a:b8:5e:29:ae:a9:a4:6b:34:4a:f3:ba:9a:cf:c5:
2f:52:83:e4:5b:44:76:fd:13:01:95:8c:d5:34:88:57:49:04:
ee:f3:65:91:d9:2e:1c:da:a1:89:6f:a7:45:60:76:e1:8d:6c:
04:4f:c2:1a:24:33:2b:df:c6:7b:cb:5a:5b:a2:55:1e:95:cb:
1b:2a:c9:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmsQ7x/Jo1CSYfcZGreW6ALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMxMTQwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njk2OGQ0ZGFjYzlhZDVmNDkxMjYzM2Y4ZTk0NWMwMjhmMzMxMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc6nuyUotplWsgxGRCHbrMHjCONm
f93ly93jQhcbxPvCGoGZ0GxP6FNncubNk+xfPvPOmQAQnsY94QISB99U7ok0SyEl
rPp4cyX40gcPCgyv2/qGi1GH+DcgzUh1qYIR9TPp6vbKB152Df2HMZCafkbhx3Ae
6rpBQupeEoKn2TEO2BoyI9U5dq1VfER3b0Vb4LNdDYA2zE4NqeuGqyve+cN3elnn
8qj5NiHuEL24JZb5VIf3qEaEH4hJxdu/JsTVTD7hu3+gd4/PdPcF6DnKQ1gqw1TS
p1ikhPkltaqoAEqtBD7rfCL9cI6oeHluvlJRYnvbJGdPquX4vSgsPqQi4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHaWjU2sya1fSRJjP46UXAKPMxOPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZHBhTlRhekpyVjlKRW1NX2pwUmNBbzh6RTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABITszLz2t7OpriKdmj1
fhThAJs+lJPGiJbBiHBzwh5p7HSk7tSH0ZBAnxnUFrVEUylz6yPXrK3UutoYi/wl
tJ2K6U0HPwM49R0g/qquByd5gGYBoCA3JW2S5MOf8yeygINKJvISdhPmQL68Z9om
Mls34HEXNs8uAXAbO3wXVQ7JwXcjbw3Z/PEVBgojbS6hhkGWii2JAan149CbMnvj
8oaR3KJUghzqC9Sdexx5w3m1AR35d0DQyXq4XimuqaRrNErzuprPxS9Sg+RbRHb9
EwGVjNU0iFdJBO7zZZHZLhzaoYlvp0VgduGNbARPwhokMyvfxnvLWluiVR6Vyxsq
yfQ=
-----END CERTIFICATE-----
Generated at Thu May 1 06:04:42 2025 by rpki-client