Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/f7PVvm00FYNQxpE1cN8HibZ3deA.roa
File: f7PVvm00FYNQxpE1cN8HibZ3deA.roa (raw, json)
Hash identifier: jwa2vJX9LYbJRICg3kI/eZJsadmQ3zDAO1mwvRVeZqI=
Subject key identifier: 7F:B3:D5:BE:6D:34:15:83:50:C6:91:35:70:DF:07:89:B6:77:75:E0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018689C94938D0DCE559A0112604F86E51A0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/f7PVvm00FYNQxpE1cN8HibZ3deA.roa
Signing time: Sat 25 Feb 2023 18:15:15 +0000
ROA not before: Sat 25 Feb 2023 18:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:89:c9:49:38:d0:dc:e5:59:a0:11:26:04:f8:6e:51:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 18:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fb3d5be6d34158350c6913570df0789b67775e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f3:41:65:99:de:27:06:a5:a2:9a:1c:cc:8b:
6c:e2:bb:1c:00:82:64:d1:ce:01:46:91:13:30:34:
8d:a5:2a:55:15:9f:6d:33:9f:64:df:97:4a:f5:68:
41:f6:0a:f7:09:1d:24:38:e1:96:be:ef:3d:8f:c8:
67:be:a3:6d:10:f7:37:77:63:94:76:76:df:23:4a:
bb:ff:38:86:5b:43:3a:cb:b5:81:4d:75:d8:4e:7d:
21:9e:b0:a1:70:d2:d9:11:4a:f4:8f:78:4c:ac:78:
5f:a6:14:73:78:f4:76:1c:f5:07:a4:36:3e:a3:70:
74:8a:77:ca:1a:c9:fa:24:7e:8e:2d:7c:14:80:64:
fa:4b:cf:a1:20:70:6f:fd:81:05:23:59:31:34:04:
b9:e3:76:1d:e4:11:52:71:6d:2d:d1:31:60:e9:56:
89:0b:4b:01:b9:8a:1d:ab:e7:66:82:1c:fd:d8:0c:
b7:42:7b:27:f4:0d:ab:3e:32:cc:55:4d:a3:4e:5b:
06:6d:30:06:ed:37:eb:e5:51:88:86:ce:25:96:91:
0c:72:d4:8b:35:22:ed:94:59:ee:53:a1:a6:51:2a:
78:f0:a4:fd:5a:a8:b8:32:58:b3:6c:0f:3d:27:c5:
d2:db:98:c0:dc:57:21:75:19:9d:7c:a7:01:35:9a:
0c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B3:D5:BE:6D:34:15:83:50:C6:91:35:70:DF:07:89:B6:77:75:E0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/f7PVvm00FYNQxpE1cN8HibZ3deA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:4d:04:7a:92:0f:ec:96:54:23:56:f1:9b:95:98:1b:3f:b7:
a1:af:8e:fe:79:78:83:85:f0:71:52:ed:cd:24:32:c9:f5:9c:
41:bf:a4:bd:6c:34:a9:84:78:5a:53:09:21:a2:e7:79:42:c5:
78:ac:80:3b:4d:19:a4:d3:21:50:ba:68:b5:0c:f6:c6:f6:dc:
0c:1a:bd:ab:f1:eb:01:b9:88:9e:4b:d7:92:b7:1b:d9:0e:60:
84:8e:7a:90:81:80:d5:27:8b:74:1b:97:a3:2f:11:d7:b5:78:
4a:ef:de:d3:dc:f8:72:8f:7d:ae:07:77:a8:7c:d0:a1:f5:82:
53:9e:48:26:a4:d8:85:22:5b:0f:b7:63:14:8b:2d:84:8c:41:
6c:88:a7:b8:fe:03:15:94:17:49:48:84:ea:3c:3f:e8:fb:22:
b8:71:66:ac:9d:04:31:a0:ab:8f:b1:ec:5d:7d:af:9c:6b:9c:
2f:0c:57:b4:65:fd:3c:24:c7:46:12:89:53:55:9f:ac:f9:e0:
c5:a1:b9:eb:73:f4:07:29:cb:63:b7:3f:23:34:dc:dd:c4:48:
86:26:3b:3d:14:b1:c1:ca:77:03:58:13:c6:dd:77:dd:76:4f:
b9:dc:ea:3c:fb:2e:aa:e5:ab:5b:24:99:1b:f2:f2:b6:92:45:
b5:6e:6c:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaJyUk40NzlWaARJgT4blGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MTgxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmIzZDViZTZkMzQxNTgzNTBjNjkxMzU3MGRmMDc4OWI2Nzc3NWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofNBZZneJwalopoczIts4rscAIJk
0c4BRpETMDSNpSpVFZ9tM59k35dK9WhB9gr3CR0kOOGWvu89j8hnvqNtEPc3d2OU
dnbfI0q7/ziGW0M6y7WBTXXYTn0hnrChcNLZEUr0j3hMrHhfphRzePR2HPUHpDY+
o3B0infKGsn6JH6OLXwUgGT6S8+hIHBv/YEFI1kxNAS543Yd5BFScW0t0TFg6VaJ
C0sBuYodq+dmghz92Ay3Qnsn9A2rPjLMVU2jTlsGbTAG7Tfr5VGIhs4llpEMctSL
NSLtlFnuU6GmUSp48KT9Wqi4MlizbA89J8XS25jA3FchdRmdfKcBNZoM0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH+z1b5tNBWDUMaRNXDfB4m2d3XgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZjdQVnZtMDBGWU5ReHBFMWNOOEhpYlozZGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAFNBHqSD+yWVCNW8ZuV
mBs/t6Gvjv55eIOF8HFS7c0kMsn1nEG/pL1sNKmEeFpTCSGi53lCxXisgDtNGaTT
IVC6aLUM9sb23Awavavx6wG5iJ5L15K3G9kOYISOepCBgNUni3Qbl6MvEde1eErv
3tPc+HKPfa4Hd6h80KH1glOeSCak2IUiWw+3YxSLLYSMQWyIp7j+AxWUF0lIhOo8
P+j7IrhxZqydBDGgq4+x7F19r5xrnC8MV7Rl/Twkx0YSiVNVn6z54MWhuetz9Acp
y2O3PyM03N3ESIYmOz0UscHKdwNYE8bdd912T7nc6jz7Lqrlq1skmRvy8raSRbVu
bC0=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:27:35 2025 by rpki-client