Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fKcFaHPzuKsSpWcuff476eqHNQo.roa
File: fKcFaHPzuKsSpWcuff476eqHNQo.roa (raw, json)
Hash identifier: PZkE157Dl8n2LwgoKIkuXMsOqV7WZWXunZdhFufjB1g=
Subject key identifier: 7C:A7:05:68:73:F3:B8:AB:12:A5:67:2E:7D:FE:3B:E9:EA:87:35:0A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189812AB4A3B766E088818837C15F6A725C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fKcFaHPzuKsSpWcuff476eqHNQo.roa
Signing time: Sun 23 Jul 2023 05:13:26 +0000
ROA not before: Sun 23 Jul 2023 05:13:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:81:2a:b4:a3:b7:66:e0:88:81:88:37:c1:5f:6a:72:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 23 05:13:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ca7056873f3b8ab12a5672e7dfe3be9ea87350a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:dd:63:6a:b2:fa:50:a0:2f:e9:1d:e2:92:ef:
82:74:ab:e0:68:8a:e9:cb:97:d8:19:88:f8:d1:96:
63:26:1e:4b:66:2a:80:a2:26:f1:11:01:66:fa:6c:
ee:7e:1a:76:8a:98:f1:af:a6:7d:53:ae:7a:fd:39:
ee:34:5a:9c:77:d7:2b:ec:ad:3d:d2:2c:2f:0c:1f:
15:f8:07:f7:a5:5e:3a:2f:d2:db:f5:b3:96:39:9a:
81:70:14:6c:b7:96:ff:50:fd:49:c3:29:00:cc:a4:
9d:61:39:18:ba:d4:67:2f:80:ea:66:e8:4d:03:5f:
87:e7:93:70:4a:5a:84:11:ac:df:be:b2:30:f2:e3:
bf:31:e5:93:01:75:18:9d:61:89:40:86:e1:1d:21:
d9:b8:b6:b7:92:54:4c:55:95:b1:ae:a1:8d:aa:16:
f7:64:60:4a:bc:63:21:c9:0b:0d:17:62:f8:58:da:
3a:17:84:54:10:b8:e9:08:ae:d7:44:98:a0:f4:ec:
ab:91:45:54:b4:18:c1:96:a2:b1:f9:ce:cf:76:ed:
9c:82:cc:dd:26:48:71:de:10:12:09:76:9e:f9:22:
e2:1a:2d:99:09:f9:0b:82:92:fc:82:6f:01:d1:e8:
c9:97:31:6e:36:86:77:55:d2:74:1e:08:9e:fa:15:
8c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A7:05:68:73:F3:B8:AB:12:A5:67:2E:7D:FE:3B:E9:EA:87:35:0A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fKcFaHPzuKsSpWcuff476eqHNQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:75:21:fc:75:68:73:c2:f3:43:6e:24:b2:72:2e:65:01:7f:
cf:b8:af:1e:cb:94:e0:05:6b:59:61:8d:ee:26:2a:8d:c7:e4:
ba:5e:5e:a0:b5:e0:b7:5e:cb:6d:ff:82:0c:51:31:4d:e0:98:
3b:af:3b:ed:4e:bf:bc:02:08:dc:f3:d5:16:38:36:3d:48:30:
77:74:02:09:6d:a8:52:b1:8f:cc:38:2b:94:3a:01:45:28:b2:
ee:f7:f7:86:5a:82:50:68:b9:12:01:4d:96:f8:26:0e:e4:c3:
de:89:8e:60:14:38:fc:b4:d9:b0:cb:0a:d3:cc:29:5f:4c:ee:
10:b2:4e:d6:c5:4c:7e:9e:cd:d8:d6:69:f2:3f:e6:3e:24:63:
50:38:c5:2f:3b:94:37:08:47:9f:6b:8d:9d:3e:5c:ac:33:f6:
01:68:7a:d9:02:5c:e1:40:13:9b:0f:00:c9:cc:90:dc:62:08:
05:bc:52:ff:2a:87:d1:27:b9:b8:a3:5c:f8:ba:fb:c2:e5:dd:
e1:ac:22:9b:08:e5:25:3a:37:94:4d:9f:3d:df:27:7b:4d:a2:
a6:df:62:87:c9:7b:a5:6e:ac:8d:76:20:d7:34:fd:3f:07:ff:
71:aa:8a:4e:eb:ce:f7:55:79:d3:f1:ed:be:cf:04:94:f2:10:
fc:1d:5e:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmBKrSjt2bgiIGIN8FfanJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzIzMDUxMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2E3MDU2ODczZjNiOGFiMTJhNTY3MmU3ZGZlM2JlOWVhODczNTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm91jarL6UKAv6R3iku+CdKvgaIrp
y5fYGYj40ZZjJh5LZiqAoibxEQFm+mzufhp2ipjxr6Z9U656/TnuNFqcd9cr7K09
0iwvDB8V+Af3pV46L9Lb9bOWOZqBcBRst5b/UP1JwykAzKSdYTkYutRnL4DqZuhN
A1+H55NwSlqEEazfvrIw8uO/MeWTAXUYnWGJQIbhHSHZuLa3klRMVZWxrqGNqhb3
ZGBKvGMhyQsNF2L4WNo6F4RUELjpCK7XRJig9OyrkUVUtBjBlqKx+c7Pdu2cgszd
Jkhx3hASCXae+SLiGi2ZCfkLgpL8gm8B0ejJlzFuNoZ3VdJ0Hgie+hWM5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHynBWhz87irEqVnLn3+O+nqhzUKMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZktjRmFIUHp1S3NTcFdjdWZmNDc2ZXFITlFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJh1Ifx1aHPC80NuJLJy
LmUBf8+4rx7LlOAFa1lhje4mKo3H5LpeXqC14Ldey23/ggxRMU3gmDuvO+1Ov7wC
CNzz1RY4Nj1IMHd0AgltqFKxj8w4K5Q6AUUosu7394ZaglBouRIBTZb4Jg7kw96J
jmAUOPy02bDLCtPMKV9M7hCyTtbFTH6ezdjWafI/5j4kY1A4xS87lDcIR59rjZ0+
XKwz9gFoetkCXOFAE5sPAMnMkNxiCAW8Uv8qh9EnubijXPi6+8Ll3eGsIpsI5SU6
N5RNnz3fJ3tNoqbfYofJe6VurI12INc0/T8H/3Gqik7rzvdVedPx7b7PBJTyEPwd
Xsw=
-----END CERTIFICATE-----
Generated at Thu May 1 03:01:45 2025 by rpki-client