Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/f3z1hiGoNiC-NuqvIy49kYIDQ7w.roa
File: f3z1hiGoNiC-NuqvIy49kYIDQ7w.roa (raw, json)
Hash identifier: 28N+p310k0Mps1lqdJhrbAM3+njgGZ9+04TDWWqgQlw=
Subject key identifier: 7F:7C:F5:86:21:A8:36:20:BE:36:EA:AF:23:2E:3D:91:82:03:43:BC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018711D0C36E877171C11AED315DF5F615D1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/f3z1hiGoNiC-NuqvIy49kYIDQ7w.roa
Signing time: Fri 24 Mar 2023 04:11:46 +0000
ROA not before: Fri 24 Mar 2023 04:11:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:11:d0:c3:6e:87:71:71:c1:1a:ed:31:5d:f5:f6:15:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 24 04:11:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f7cf58621a83620be36eaaf232e3d91820343bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:27:2e:ae:4a:31:f8:39:1f:65:ae:11:c1:a8:
33:8c:f0:1d:03:78:99:75:2b:f4:05:70:f0:f8:0e:
f1:f5:1d:be:60:45:36:c0:9d:c6:fd:b0:98:2e:a0:
21:a5:04:c9:94:d6:a7:f9:6a:16:a3:72:ee:48:41:
78:13:b1:7a:95:2f:d7:f9:5e:f0:3d:ab:15:7b:9f:
6c:97:e0:dc:dd:1e:a2:0f:19:5a:fa:a1:65:77:f7:
21:68:75:da:d4:7d:ac:3b:c1:dc:f1:a4:d3:ca:78:
f1:77:bd:49:0d:ce:79:25:df:42:f3:0a:da:01:c6:
8c:04:8f:88:b3:a5:dc:3d:47:91:85:df:75:40:b9:
58:36:0f:1f:58:57:ea:9f:55:b8:1d:55:16:a3:a9:
29:3a:1f:4a:b0:86:c7:6d:94:51:38:22:fa:82:95:
a8:8a:07:8d:2d:02:56:ac:51:e3:99:b0:75:7a:a4:
48:50:95:7c:80:86:df:5a:4c:30:df:53:85:ed:77:
dc:f0:07:e4:ee:5c:f3:86:ed:5d:67:d0:db:d0:35:
05:78:7f:8d:62:0a:d6:1b:34:c0:1a:41:3d:ea:06:
a0:a0:d1:98:d5:b3:ed:d3:d5:d0:ee:e1:a6:d7:04:
4a:ad:70:5f:bc:5e:56:4c:c2:3f:5a:12:bc:10:7c:
4a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:7C:F5:86:21:A8:36:20:BE:36:EA:AF:23:2E:3D:91:82:03:43:BC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/f3z1hiGoNiC-NuqvIy49kYIDQ7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:89:fc:60:b4:c3:d7:d5:f5:12:82:7e:44:aa:9b:d3:cc:9c:
6f:19:c9:93:a4:67:4a:4e:b0:a2:04:19:54:80:81:cb:18:bc:
4a:0c:a1:4c:23:5f:60:3a:6b:26:68:ab:e2:4b:53:9e:4d:90:
a8:e0:88:21:69:3e:3d:45:ae:55:29:69:63:43:b2:36:67:95:
73:3a:a2:e7:dd:8b:47:aa:b5:76:07:5d:c9:18:8c:9f:ba:b1:
7c:9a:ed:db:41:c0:b4:54:b4:39:cb:f7:39:ed:fa:ef:d2:3f:
c3:d0:af:8a:68:34:74:7e:7d:b8:d9:bf:05:0d:e8:53:d3:57:
79:8b:90:2a:7e:50:9a:2a:4f:9b:5f:a4:f3:1c:1e:1e:f4:c9:
b8:76:23:33:45:72:9e:bb:1d:72:df:de:20:1f:5d:f1:e2:33:
af:0d:e2:84:8a:75:21:de:ed:6e:52:b4:20:bd:32:40:23:0f:
42:b6:9d:25:52:07:52:71:72:a1:38:27:56:2a:56:00:b9:ae:
dc:71:99:f7:e9:8f:fd:a1:e6:d9:cc:fa:8d:8b:2e:12:20:c3:
3d:f4:4f:ae:2d:5b:93:74:13:df:dc:fb:2a:3e:c2:ef:d9:ef:
f8:9d:c7:80:a6:a8:cf:e7:03:b7:fb:c4:21:d3:0c:f0:53:b8:
c3:92:f5:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcR0MNuh3FxwRrtMV319hXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI0MDQxMTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjdjZjU4NjIxYTgzNjIwYmUzNmVhYWYyMzJlM2Q5MTgyMDM0M2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiScurkox+DkfZa4RwagzjPAdA3iZ
dSv0BXDw+A7x9R2+YEU2wJ3G/bCYLqAhpQTJlNan+WoWo3LuSEF4E7F6lS/X+V7w
PasVe59sl+Dc3R6iDxla+qFld/chaHXa1H2sO8Hc8aTTynjxd71JDc55Jd9C8wra
AcaMBI+Is6XcPUeRhd91QLlYNg8fWFfqn1W4HVUWo6kpOh9KsIbHbZRROCL6gpWo
igeNLQJWrFHjmbB1eqRIUJV8gIbfWkww31OF7Xfc8Afk7lzzhu1dZ9Db0DUFeH+N
YgrWGzTAGkE96gagoNGY1bPt09XQ7uGm1wRKrXBfvF5WTMI/WhK8EHxKcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH989YYhqDYgvjbqryMuPZGCA0O8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZjN6MWhpR29OaUMtTnVxdkl5NDlrWUlEUTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA2J/GC0w9fV9RKCfkSq
m9PMnG8ZyZOkZ0pOsKIEGVSAgcsYvEoMoUwjX2A6ayZoq+JLU55NkKjgiCFpPj1F
rlUpaWNDsjZnlXM6oufdi0eqtXYHXckYjJ+6sXya7dtBwLRUtDnL9znt+u/SP8PQ
r4poNHR+fbjZvwUN6FPTV3mLkCp+UJoqT5tfpPMcHh70ybh2IzNFcp67HXLf3iAf
XfHiM68N4oSKdSHe7W5StCC9MkAjD0K2nSVSB1JxcqE4J1YqVgC5rtxxmffpj/2h
5tnM+o2LLhIgwz30T64tW5N0E9/c+yo+wu/Z7/idx4CmqM/nA7f7xCHTDPBTuMOS
9Vc=
-----END CERTIFICATE-----
Generated at Fri May 2 14:24:31 2025 by rpki-client