Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fbGgPXos6nn8LGW-k5py54OdFJY.roa
File: fbGgPXos6nn8LGW-k5py54OdFJY.roa (raw, json)
Hash identifier: i0EOc83P82pZfhnYLHiTVHjQ9VeRbLHo1Gc5f5qaDWo=
Subject key identifier: 7D:B1:A0:3D:7A:2C:EA:79:FC:2C:65:BE:93:9A:72:E7:83:9D:14:96
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A1B78049804439705ACBEF1A9899865AA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fbGgPXos6nn8LGW-k5py54OdFJY.roa
Signing time: Tue 22 Aug 2023 04:19:24 +0000
ROA not before: Tue 22 Aug 2023 04:19:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1b:78:04:98:04:43:97:05:ac:be:f1:a9:89:98:65:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 22 04:19:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7db1a03d7a2cea79fc2c65be939a72e7839d1496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:12:98:30:08:dd:b9:06:32:6e:8c:47:09:0d:
ec:b7:16:5a:45:0a:8a:88:22:b7:41:9e:79:0d:1b:
7e:5b:1b:6b:87:77:66:8e:38:04:54:07:04:74:17:
c9:de:d7:b2:e0:17:1f:0d:3a:30:cf:10:4e:5d:92:
b5:4a:b3:ad:5b:bd:8b:1f:cc:ca:0f:d4:76:47:81:
27:dc:eb:4e:0f:84:f7:64:48:61:97:c7:67:74:e9:
24:cb:b8:62:0d:96:00:dd:1a:2f:71:b4:32:7a:05:
25:7c:0a:3c:7c:39:bb:82:b1:ba:f5:ac:bc:f8:0e:
e3:f8:fb:f1:2e:2b:f6:3e:a0:d5:7b:2e:83:8c:b7:
32:26:51:ba:c8:77:19:27:fe:ae:78:3a:d1:65:71:
98:1f:c1:4b:63:1a:98:9d:03:d5:7e:da:f3:56:19:
98:b0:78:59:f5:3e:4d:41:8e:ea:7b:9c:b9:61:0b:
af:5b:13:a6:20:d8:73:cc:d7:9b:12:f6:78:25:0b:
bc:c0:9e:0a:65:3a:2d:a1:1f:ce:8d:56:83:ac:c8:
36:e1:9c:5c:d1:85:32:75:19:a6:08:c8:bc:c5:56:
ce:82:98:da:36:87:26:14:57:11:bb:2d:30:a9:4e:
25:36:66:f2:e2:0a:c3:7b:c4:76:38:17:e6:e1:87:
95:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B1:A0:3D:7A:2C:EA:79:FC:2C:65:BE:93:9A:72:E7:83:9D:14:96
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fbGgPXos6nn8LGW-k5py54OdFJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:67:a1:1d:a9:ba:b2:97:37:d8:83:cf:eb:3a:81:33:a5:54:
e0:f1:5f:9d:93:98:c7:c2:0d:6f:d3:78:f6:b2:94:23:e2:28:
1d:c7:21:e9:bd:f3:57:b3:ac:36:d4:7c:b2:b0:85:76:df:49:
a1:ee:d3:4e:3b:29:95:24:a3:b1:c2:5b:41:59:8f:a0:37:17:
b6:1c:e0:54:cf:69:bd:e4:96:4f:50:1d:a9:0c:69:8f:30:66:
29:af:71:34:09:ee:82:e2:7e:99:77:e4:6c:3f:e1:15:95:8e:
b1:03:b8:71:f2:f8:2f:27:db:15:6c:05:76:62:a7:52:d1:78:
e5:de:fc:5e:3d:43:90:f5:61:0d:b3:2f:24:47:80:f4:e2:08:
4e:d3:4e:33:e4:1c:72:02:8e:bb:39:f1:05:ed:cd:c3:01:69:
00:a5:14:98:35:6f:28:24:71:a9:fc:9e:65:5f:eb:2f:65:f8:
e8:d1:d4:5b:8d:e2:d5:b3:3d:16:4f:a3:da:a0:69:f1:65:dd:
a4:15:f5:b9:92:92:0d:0a:87:79:87:5e:f5:e8:43:71:77:10:
d7:11:24:e7:d1:9b:ca:7d:f2:b2:c8:76:7e:5e:4d:d5:4f:03:
40:97:fe:7a:20:dc:61:55:78:96:10:74:09:7f:6c:86:52:52:
92:55:03:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYobeASYBEOXBay+8amJmGWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIyMDQxOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGIxYTAzZDdhMmNlYTc5ZmMyYzY1YmU5MzlhNzJlNzgzOWQxNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBKYMAjduQYyboxHCQ3stxZaRQqK
iCK3QZ55DRt+Wxtrh3dmjjgEVAcEdBfJ3tey4BcfDTowzxBOXZK1SrOtW72LH8zK
D9R2R4En3OtOD4T3ZEhhl8dndOkky7hiDZYA3RovcbQyegUlfAo8fDm7grG69ay8
+A7j+PvxLiv2PqDVey6DjLcyJlG6yHcZJ/6ueDrRZXGYH8FLYxqYnQPVftrzVhmY
sHhZ9T5NQY7qe5y5YQuvWxOmINhzzNebEvZ4JQu8wJ4KZTotoR/OjVaDrMg24Zxc
0YUydRmmCMi8xVbOgpjaNocmFFcRuy0wqU4lNmby4grDe8R2OBfm4YeVeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH2xoD16LOp5/CxlvpOacueDnRSWMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZmJHZ1BYb3M2bm44TEdXLWs1cHk1NE9kRkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJZnoR2purKXN9iDz+s6
gTOlVODxX52TmMfCDW/TePaylCPiKB3HIem981ezrDbUfLKwhXbfSaHu0047KZUk
o7HCW0FZj6A3F7Yc4FTPab3klk9QHakMaY8wZimvcTQJ7oLifpl35Gw/4RWVjrED
uHHy+C8n2xVsBXZip1LReOXe/F49Q5D1YQ2zLyRHgPTiCE7TTjPkHHICjrs58QXt
zcMBaQClFJg1bygkcan8nmVf6y9l+OjR1FuN4tWzPRZPo9qgafFl3aQV9bmSkg0K
h3mHXvXoQ3F3ENcRJOfRm8p98rLIdn5eTdVPA0CX/nog3GFVeJYQdAl/bIZSUpJV
Awo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:37:26 2025 by rpki-client