Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/f20IDCUN8Mdggph0GojmgzGdq30.roa
File: f20IDCUN8Mdggph0GojmgzGdq30.roa (raw, json)
Hash identifier: ECHB01trChGF+HB1DudvNP4rVZAnchKq6p2BRO8uld0=
Subject key identifier: 7F:6D:08:0C:25:0D:F0:C7:60:82:98:74:1A:88:E6:83:31:9D:AB:7D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187C079353BF0E316E7CA85E128B99D6D01
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/f20IDCUN8Mdggph0GojmgzGdq30.roa
Signing time: Thu 27 Apr 2023 02:09:41 +0000
ROA not before: Thu 27 Apr 2023 02:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c0:79:35:3b:f0:e3:16:e7:ca:85:e1:28:b9:9d:6d:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 27 02:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f6d080c250df0c7608298741a88e683319dab7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f0:bf:aa:da:f6:a8:f5:43:b5:a1:40:9d:cb:
39:05:cd:07:24:cf:d9:7b:d4:d3:91:48:a3:72:89:
d9:79:fa:eb:43:08:86:34:2b:8e:61:b6:26:ae:d7:
25:48:e5:3b:17:14:61:08:1d:1d:e9:2f:9d:f6:08:
35:b9:95:0b:01:a5:f1:44:14:e2:78:37:c0:33:6d:
c2:bc:9d:d4:ee:3c:9a:3f:7c:0d:d4:ad:88:8c:22:
e9:69:95:7f:0e:33:45:43:f9:2f:31:8c:99:ed:b0:
da:e2:83:e0:9e:74:31:06:71:89:34:d1:1f:80:f1:
ca:b4:1b:0d:d5:3d:77:9e:a6:56:95:46:4e:b9:42:
dc:68:bf:47:af:ae:6d:e7:43:8e:38:2a:7c:c6:94:
0a:e4:82:39:cf:54:96:3b:58:a2:96:59:fb:ed:90:
21:ba:93:b8:37:cd:e9:4f:d5:ac:54:15:e0:48:83:
25:ab:24:26:e8:56:8b:d2:7d:37:35:d7:cd:c4:b8:
8f:98:63:dc:51:ba:69:92:3a:98:5c:4e:f7:8f:12:
11:ba:4f:b4:7e:4b:f5:08:a4:e8:d2:b8:38:78:da:
7b:69:c1:fc:9a:3c:02:b4:0f:0e:05:28:81:a1:ef:
93:00:4f:36:3d:2c:48:1b:cb:49:05:53:4c:a4:f0:
bf:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:6D:08:0C:25:0D:F0:C7:60:82:98:74:1A:88:E6:83:31:9D:AB:7D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/f20IDCUN8Mdggph0GojmgzGdq30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
00:a9:2e:30:a9:7e:b1:32:6c:c8:eb:03:7f:c0:2a:28:47:ae:
2b:c6:d3:0f:1a:08:08:f2:14:24:6c:a6:68:de:97:56:85:5a:
94:c4:bb:f7:30:83:90:f4:4b:d8:4a:72:81:d5:0f:38:d1:95:
3c:5d:8b:67:be:98:7c:93:5b:f2:aa:8a:53:4d:69:ad:c9:d9:
b9:31:62:50:d4:b1:d4:d0:5e:c6:a0:7a:88:24:44:cf:a4:87:
44:41:67:f5:68:b1:c2:7e:f9:13:67:e3:07:87:29:b8:d8:c3:
a6:74:e9:00:65:3d:63:f2:d6:57:00:a7:b2:3c:c5:74:e3:4d:
f3:bc:a5:8b:28:9d:ea:24:6d:57:2c:57:e1:b2:c4:f1:8f:f0:
7a:f9:a0:e6:95:7f:8f:0f:21:35:90:5b:63:8a:c8:75:a3:27:
87:f6:4e:dd:68:05:28:28:74:d6:d8:cb:56:c9:f7:e1:3b:52:
bb:a1:e2:8c:ba:d6:21:2e:7e:b5:11:20:2c:62:e2:b9:b0:f3:
99:49:9c:15:31:65:35:53:0e:38:dc:8e:ca:84:fe:3e:f9:13:
ac:ce:9e:31:7a:a3:f2:1b:76:c2:5f:fb:f0:09:88:1f:3b:81:
26:14:f2:c3:83:9b:99:8f:d5:74:1a:29:42:24:9b:cf:f1:fa:
78:ac:15:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfAeTU78OMW58qF4Si5nW0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDI3MDIwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjZkMDgwYzI1MGRmMGM3NjA4Mjk4NzQxYTg4ZTY4MzMxOWRhYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/C/qtr2qPVDtaFAncs5Bc0HJM/Z
e9TTkUijconZefrrQwiGNCuOYbYmrtclSOU7FxRhCB0d6S+d9gg1uZULAaXxRBTi
eDfAM23CvJ3U7jyaP3wN1K2IjCLpaZV/DjNFQ/kvMYyZ7bDa4oPgnnQxBnGJNNEf
gPHKtBsN1T13nqZWlUZOuULcaL9Hr65t50OOOCp8xpQK5II5z1SWO1iilln77ZAh
upO4N83pT9WsVBXgSIMlqyQm6FaL0n03NdfNxLiPmGPcUbppkjqYXE73jxIRuk+0
fkv1CKTo0rg4eNp7acH8mjwCtA8OBSiBoe+TAE82PSxIG8tJBVNMpPC/HQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH9tCAwlDfDHYIKYdBqI5oMxnat9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZjIwSURDVU44TWRnZ3BoMEdvam1nekdkcTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAACpLjCpfrEybMjrA3/A
KihHrivG0w8aCAjyFCRspmjel1aFWpTEu/cwg5D0S9hKcoHVDzjRlTxdi2e+mHyT
W/KqilNNaa3J2bkxYlDUsdTQXsageogkRM+kh0RBZ/VoscJ++RNn4weHKbjYw6Z0
6QBlPWPy1lcAp7I8xXTjTfO8pYsoneokbVcsV+GyxPGP8Hr5oOaVf48PITWQW2OK
yHWjJ4f2Tt1oBSgodNbYy1bJ9+E7Uruh4oy61iEufrURICxi4rmw85lJnBUxZTVT
DjjcjsqE/j75E6zOnjF6o/IbdsJf+/AJiB87gSYU8sODm5mP1XQaKUIkm8/x+nis
FbA=
-----END CERTIFICATE-----
Generated at Thu May 1 09:57:34 2025 by rpki-client