Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fY88Op8eLexup-OXDdqvkeruREc.roa
File: fY88Op8eLexup-OXDdqvkeruREc.roa (raw, json)
Hash identifier: vIjoKalb5d+kAAs31L5VJ/Z75bSKu/7ht7Gr+e7+ocM=
Subject key identifier: 7D:8F:3C:3A:9F:1E:2D:EC:6E:A7:E3:97:0D:DA:AF:91:EA:EE:44:47
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869BC68C45ADB72280A57A4A281DD31AA0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fY88Op8eLexup-OXDdqvkeruREc.roa
Signing time: Wed 01 Mar 2023 06:05:25 +0000
ROA not before: Wed 01 Mar 2023 06:05:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:9bc5:c7a9/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9b:c6:8c:45:ad:b7:22:80:a5:7a:4a:28:1d:d3:1a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 1 06:05:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d8f3c3a9f1e2dec6ea7e3970ddaaf91eaee4447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:23:af:a2:e1:20:19:df:47:3e:c3:00:43:3e:
c2:c9:35:08:bf:db:39:e7:30:96:c5:fd:77:41:7d:
5c:f9:e5:ec:07:77:af:9c:42:3a:69:6e:b3:0f:42:
31:e8:4f:07:c7:a9:96:e6:58:e2:ec:94:b7:3a:50:
f9:96:56:4e:7e:00:77:52:22:e6:3c:49:86:07:2e:
d0:e2:75:d4:95:fe:11:36:5c:79:a3:21:0a:ac:c2:
52:aa:14:ea:bc:32:1b:cf:51:6a:04:e5:72:9c:33:
ef:96:b2:c0:01:41:f4:fe:83:ad:f1:02:db:78:94:
a1:f1:43:29:48:bf:84:78:5d:88:f7:25:16:04:8c:
4b:0e:bb:19:0e:0e:1b:71:4c:e8:e3:34:ab:5e:0c:
85:5f:d4:07:7a:e1:76:67:86:55:0d:64:22:eb:c0:
9e:b7:09:7e:38:98:dc:99:36:3c:34:a7:d3:7a:15:
e4:a0:4e:63:0b:b7:eb:d5:da:d0:e7:fb:fc:21:7d:
0e:6c:c3:5d:4f:bd:5e:aa:2f:b4:e0:63:85:58:b7:
5a:8d:38:8d:40:0c:df:b3:32:ff:52:50:88:89:32:
5f:60:64:c9:40:8e:33:8d:8d:85:c6:73:93:3d:da:
5e:b6:bd:b5:4f:36:a4:c3:4e:07:25:66:6f:1f:42:
e6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8F:3C:3A:9F:1E:2D:EC:6E:A7:E3:97:0D:DA:AF:91:EA:EE:44:47
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fY88Op8eLexup-OXDdqvkeruREc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:73:0f:82:b1:bc:8e:21:9a:58:cf:c0:f4:a5:0d:4c:8a:93:
55:1b:8b:bb:37:38:4d:8f:ab:98:96:5b:5a:84:5c:af:d6:25:
f6:77:2e:24:98:52:2f:02:61:8c:88:8b:23:47:7d:71:42:e5:
76:2f:c7:f9:db:80:b8:ac:64:27:fc:53:3f:40:ce:0f:26:86:
a6:76:ad:32:5d:7f:e5:0e:56:09:1f:f9:41:e8:0a:6a:71:d5:
93:bb:df:fb:3b:45:6d:38:8e:f3:90:69:0a:1e:04:70:ca:51:
ca:10:db:51:f9:f7:16:c8:f9:b9:5e:ea:a1:ca:a1:8c:ac:36:
65:ed:46:b2:03:1a:ee:fd:b1:04:97:31:a7:f4:84:0d:46:26:
fb:bf:8c:94:53:27:79:92:a2:0d:78:cb:c6:b9:c7:d8:fa:af:
32:79:8a:d0:ca:6c:9c:87:89:88:a1:98:bd:eb:eb:3f:9f:91:
82:e8:5b:d9:37:ca:64:91:d7:5e:56:ee:a7:89:83:77:59:5c:
4b:fa:15:49:0f:98:7e:8d:16:0c:5d:4b:38:cf:1c:b0:68:b9:
39:5b:ba:d9:eb:54:55:2b:db:48:7b:bb:9c:f7:b3:65:60:a7:
f4:f3:de:c6:47:07:de:ae:da:d6:61:ed:40:31:62:5f:08:4a:
49:ff:da:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYabxoxFrbcigKV6Sigd0xqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAxMDYwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDhmM2MzYTlmMWUyZGVjNmVhN2UzOTcwZGRhYWY5MWVhZWU0NDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCOvouEgGd9HPsMAQz7CyTUIv9s5
5zCWxf13QX1c+eXsB3evnEI6aW6zD0Ix6E8Hx6mW5lji7JS3OlD5llZOfgB3UiLm
PEmGBy7Q4nXUlf4RNlx5oyEKrMJSqhTqvDIbz1FqBOVynDPvlrLAAUH0/oOt8QLb
eJSh8UMpSL+EeF2I9yUWBIxLDrsZDg4bcUzo4zSrXgyFX9QHeuF2Z4ZVDWQi68Ce
twl+OJjcmTY8NKfTehXkoE5jC7fr1drQ5/v8IX0ObMNdT71eqi+04GOFWLdajTiN
QAzfszL/UlCIiTJfYGTJQI4zjY2FxnOTPdpetr21Tzakw04HJWZvH0LmywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH2PPDqfHi3sbqfjlw3ar5Hq7kRHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZlk4OE9wOGVMZXh1cC1PWERkcXZrZXJ1UkVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEpzD4KxvI4hmljPwPSl
DUyKk1Ubi7s3OE2Pq5iWW1qEXK/WJfZ3LiSYUi8CYYyIiyNHfXFC5XYvx/nbgLis
ZCf8Uz9Azg8mhqZ2rTJdf+UOVgkf+UHoCmpx1ZO73/s7RW04jvOQaQoeBHDKUcoQ
21H59xbI+ble6qHKoYysNmXtRrIDGu79sQSXMaf0hA1GJvu/jJRTJ3mSog14y8a5
x9j6rzJ5itDKbJyHiYihmL3r6z+fkYLoW9k3ymSR115W7qeJg3dZXEv6FUkPmH6N
FgxdSzjPHLBouTlbutnrVFUr20h7u5z3s2Vgp/Tz3sZHB96u2tZh7UAxYl8ISkn/
2sc=
-----END CERTIFICATE-----
Generated at Thu May 1 02:52:00 2025 by rpki-client