Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fknKbuhWpsKfRoaF9uS2xfgXTao.roa
File: fknKbuhWpsKfRoaF9uS2xfgXTao.roa (raw, json)
Hash identifier: 7xqq2iV9OqHk7insEK4+gYbGkfRNriUm14sUV0wOflY=
Subject key identifier: 7E:49:CA:6E:E8:56:A6:C2:9F:46:86:85:F6:E4:B6:C5:F8:17:4D:AA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188709F401238A7FDF3A9D38CACFE49F94A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fknKbuhWpsKfRoaF9uS2xfgXTao.roa
Signing time: Wed 31 May 2023 07:04:24 +0000
ROA not before: Wed 31 May 2023 07:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:188:709f:3742/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:70:9f:40:12:38:a7:fd:f3:a9:d3:8c:ac:fe:49:f9:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 31 07:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e49ca6ee856a6c29f468685f6e4b6c5f8174daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:bc:1e:7b:1e:c7:db:9c:67:a7:0f:53:5d:93:
dc:bf:f8:e0:86:23:48:46:26:ce:f9:7e:0d:c1:fb:
15:17:0f:01:cd:f0:30:cc:7f:b9:51:67:d4:10:a8:
2b:9b:cf:65:da:aa:d1:57:45:a3:f2:ac:b6:a3:5b:
b9:2c:36:f5:89:5f:fe:eb:6d:a8:d8:b1:2d:76:c8:
56:2e:90:4e:fd:b0:69:90:c4:7c:cd:e6:13:f1:57:
6d:f5:10:65:63:80:19:0c:5f:f8:e4:df:10:4a:e3:
d7:e9:9b:fa:c1:98:19:38:c0:c8:6e:da:c2:3d:3c:
1b:89:a0:25:24:a4:98:48:94:e6:37:bb:f0:50:d2:
e2:67:8c:41:b4:44:8a:b6:5e:34:ba:a9:a1:c8:6a:
9c:61:90:59:49:e2:ae:bd:64:8c:31:ac:8d:02:37:
fb:84:f3:a0:a6:46:72:2a:e7:b7:8f:62:d5:3f:8d:
68:5b:fc:da:29:fa:04:92:a6:11:4f:01:4b:05:3f:
70:7b:82:77:e9:8f:8a:cd:5d:86:91:f8:67:9e:e0:
94:48:be:b7:49:86:d3:3c:13:5b:f7:bc:ef:e1:e2:
a0:b1:35:52:aa:f1:fe:17:1c:21:fa:10:f3:d7:12:
34:32:e6:05:2e:a0:55:51:4b:f5:8c:20:f9:c3:f1:
54:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:49:CA:6E:E8:56:A6:C2:9F:46:86:85:F6:E4:B6:C5:F8:17:4D:AA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fknKbuhWpsKfRoaF9uS2xfgXTao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1f:8d:d7:57:ae:0a:94:4d:ef:06:a0:38:ba:c8:89:3e:2b:ab:
da:e7:23:0e:1e:36:7d:06:dd:6e:34:19:e8:40:40:ab:ad:dd:
dd:86:4b:56:fa:72:76:86:1e:82:68:0f:77:d2:49:ca:46:3d:
bc:00:8a:60:b3:63:6f:b4:9f:ad:f5:73:3d:97:2f:db:db:0a:
dc:72:f1:f9:df:bb:be:4c:bd:26:c0:09:a8:dd:75:b3:15:b8:
8f:ba:8a:18:38:f8:62:5c:c8:dc:83:f4:ce:e4:4b:f8:79:a0:
5c:a6:e7:af:da:9a:e0:53:95:9f:38:c4:89:04:f3:0c:d0:81:
2d:81:ff:fb:d7:41:cc:25:2e:7d:d0:2d:61:05:60:3c:2f:6d:
c9:ed:6d:48:d1:d5:80:ee:1a:87:51:a4:7b:8a:0c:7c:5d:2a:
e8:91:70:b8:33:35:e5:3a:f9:b4:d6:db:4a:9f:69:cf:12:a0:
6c:ac:79:51:89:51:1b:a5:6e:6a:35:a8:13:74:ef:09:fa:95:
58:c9:f7:df:0e:43:9b:7f:85:51:f1:e9:6c:be:c0:06:37:9e:
0b:5d:30:10:e5:80:1c:e1:e0:ac:ea:dd:b4:c8:c3:00:3f:89:
e8:63:c8:4e:f3:eb:fb:94:93:62:31:ee:41:d0:a3:65:48:80:
01:e1:4b:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhwn0ASOKf986nTjKz+SflKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTMxMDcwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTQ5Y2E2ZWU4NTZhNmMyOWY0Njg2ODVmNmU0YjZjNWY4MTc0ZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bweex7H25xnpw9TXZPcv/jghiNI
RibO+X4NwfsVFw8BzfAwzH+5UWfUEKgrm89l2qrRV0Wj8qy2o1u5LDb1iV/+622o
2LEtdshWLpBO/bBpkMR8zeYT8Vdt9RBlY4AZDF/45N8QSuPX6Zv6wZgZOMDIbtrC
PTwbiaAlJKSYSJTmN7vwUNLiZ4xBtESKtl40uqmhyGqcYZBZSeKuvWSMMayNAjf7
hPOgpkZyKue3j2LVP41oW/zaKfoEkqYRTwFLBT9we4J36Y+KzV2GkfhnnuCUSL63
SYbTPBNb97zv4eKgsTVSqvH+Fxwh+hDz1xI0MuYFLqBVUUv1jCD5w/FU3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH5Jym7oVqbCn0aGhfbktsX4F02qMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZmtuS2J1aFdwc0tmUm9hRjl1UzJ4ZmdYVGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB+N11euCpRN7wagOLrI
iT4rq9rnIw4eNn0G3W40GehAQKut3d2GS1b6cnaGHoJoD3fSScpGPbwAimCzY2+0
n631cz2XL9vbCtxy8fnfu75MvSbACajddbMVuI+6ihg4+GJcyNyD9M7kS/h5oFym
56/amuBTlZ84xIkE8wzQgS2B//vXQcwlLn3QLWEFYDwvbcntbUjR1YDuGodRpHuK
DHxdKuiRcLgzNeU6+bTW20qfac8SoGyseVGJURulbmo1qBN07wn6lVjJ998OQ5t/
hVHx6Wy+wAY3ngtdMBDlgBzh4Kzq3bTIwwA/iehjyE7z6/uUk2Ix7kHQo2VIgAHh
S0E=
-----END CERTIFICATE-----
Generated at Sat May 3 01:54:32 2025 by rpki-client