Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fBnuuiRyNmZPF77rK-Y0Ys7mGto.roa
File: fBnuuiRyNmZPF77rK-Y0Ys7mGto.roa (raw, json)
Hash identifier: QhRFJijH2ASWxbWFfDpJyL3VcIMU0WVqbrmqw5YH/NY=
Subject key identifier: 7C:19:EE:BA:24:72:36:66:4F:17:BE:EB:2B:E6:34:62:CE:E6:1A:DA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018682B65D6D98BB7185DCDB409B92CD225A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fBnuuiRyNmZPF77rK-Y0Ys7mGto.roa
Signing time: Fri 24 Feb 2023 09:17:14 +0000
ROA not before: Fri 24 Feb 2023 09:17:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:b6:5d:6d:98:bb:71:85:dc:db:40:9b:92:cd:22:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 24 09:17:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c19eeba247236664f17beeb2be63462cee61ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:79:40:d8:51:cb:d0:cb:5b:af:d3:46:50:3e:
89:2b:d0:40:30:38:ff:36:5b:04:19:07:ff:78:64:
d4:5a:ec:40:75:2a:dc:14:88:09:50:4b:42:dc:d6:
d9:64:9b:a0:94:34:86:73:ea:88:35:7b:b2:be:03:
b5:cc:46:68:11:36:02:92:64:af:79:8a:f9:e8:98:
33:ad:9f:44:22:f7:2f:a2:0f:f4:5f:f9:48:b3:52:
67:fe:a0:21:f3:ec:eb:44:5e:f7:47:b4:8e:7d:b6:
d6:f5:6f:af:29:37:b3:fc:cf:b2:57:68:d0:cb:73:
03:dd:8f:6b:e9:68:20:b1:a7:63:5d:dc:d5:60:86:
b7:8c:3f:fd:9a:fb:16:b7:2e:2d:ad:84:1c:65:72:
20:92:90:2e:f3:2f:21:d5:ea:c9:eb:13:0f:60:9e:
95:98:61:1d:f8:a4:20:99:77:59:d6:32:ac:43:ce:
7c:07:65:84:cd:13:8f:2e:cc:d9:06:16:be:29:c6:
cc:c6:5c:87:7a:c0:c9:3c:77:4a:88:9a:29:5b:ed:
6f:8a:5e:55:65:c1:4a:95:1a:7e:35:59:c6:d6:03:
7f:51:21:e0:1c:ef:db:eb:81:65:18:76:2e:1c:9d:
d5:78:73:a3:23:3c:69:4f:b1:c4:2d:b8:cb:06:6f:
d5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:19:EE:BA:24:72:36:66:4F:17:BE:EB:2B:E6:34:62:CE:E6:1A:DA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fBnuuiRyNmZPF77rK-Y0Ys7mGto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:20:25:76:72:fc:a4:c4:14:a2:2c:16:4e:eb:70:91:c7:a8:
bd:ac:98:bc:d7:45:03:f1:12:93:ea:9e:ab:d5:b1:01:ba:42:
82:8f:d0:5a:26:9a:71:58:12:c8:2c:c2:a5:df:22:e2:54:40:
41:bc:a0:6e:ad:2a:ce:00:9d:14:5e:3c:05:72:24:2b:dd:c1:
6b:9b:0e:2c:c0:1c:fb:4f:8c:c8:45:cb:73:8e:04:66:91:61:
9a:c5:6f:85:69:66:de:12:c5:09:12:9c:db:95:0e:a0:06:3a:
38:ed:73:71:4c:c5:8f:29:b1:cc:90:22:63:78:90:8d:ab:ad:
7d:66:b8:b4:64:13:a9:94:4a:e0:03:65:a3:19:c1:b2:c5:fa:
49:b2:9d:da:5e:6e:93:fd:07:d5:a3:1e:8f:d3:37:3c:80:6b:
8d:8d:51:c2:a9:46:46:dd:b7:91:82:9b:21:1e:c1:82:dc:54:
d9:7b:dc:ac:85:be:7f:86:e5:6b:21:e1:de:9b:7b:2f:29:c1:
c2:45:aa:1d:33:24:0a:82:f7:ae:ed:a6:b6:40:d3:9d:13:b5:
fa:3a:68:ef:08:e4:b2:3a:66:b6:c7:3e:e3:3e:73:de:35:97:
fd:f4:14:c5:9f:d4:a1:cd:a0:d0:db:1e:09:e1:cd:8b:22:1f:
4c:5f:0b:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaCtl1tmLtxhdzbQJuSzSJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI0MDkxNzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzE5ZWViYTI0NzIzNjY2NGYxN2JlZWIyYmU2MzQ2MmNlZTYxYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nlA2FHL0Mtbr9NGUD6JK9BAMDj/
NlsEGQf/eGTUWuxAdSrcFIgJUEtC3NbZZJuglDSGc+qINXuyvgO1zEZoETYCkmSv
eYr56JgzrZ9EIvcvog/0X/lIs1Jn/qAh8+zrRF73R7SOfbbW9W+vKTez/M+yV2jQ
y3MD3Y9r6WggsadjXdzVYIa3jD/9mvsWty4trYQcZXIgkpAu8y8h1erJ6xMPYJ6V
mGEd+KQgmXdZ1jKsQ858B2WEzROPLszZBha+KcbMxlyHesDJPHdKiJopW+1vil5V
ZcFKlRp+NVnG1gN/USHgHO/b64FlGHYuHJ3VeHOjIzxpT7HELbjLBm/VgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHwZ7rokcjZmTxe+6yvmNGLO5hraMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZkJudXVpUnlObVpQRjc3ckstWTBZczdtR3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG8gJXZy/KTEFKIsFk7r
cJHHqL2smLzXRQPxEpPqnqvVsQG6QoKP0FommnFYEsgswqXfIuJUQEG8oG6tKs4A
nRRePAVyJCvdwWubDizAHPtPjMhFy3OOBGaRYZrFb4VpZt4SxQkSnNuVDqAGOjjt
c3FMxY8pscyQImN4kI2rrX1muLRkE6mUSuADZaMZwbLF+kmyndpebpP9B9WjHo/T
NzyAa42NUcKpRkbdt5GCmyEewYLcVNl73KyFvn+G5Wsh4d6bey8pwcJFqh0zJAqC
967tprZA050Ttfo6aO8I5LI6ZrbHPuM+c941l/30FMWf1KHNoNDbHgnhzYsiH0xf
C6U=
-----END CERTIFICATE-----
Generated at Sat May 3 00:21:25 2025 by rpki-client