Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fyWmSRbZOnq4ERr3JG0oC7FDv6c.roa
File: fyWmSRbZOnq4ERr3JG0oC7FDv6c.roa (raw, json)
Hash identifier: zwLx19HfP0U1A3+m3OmMsHy+LPARUuyiR+NmOLlN+1I=
Subject key identifier: 7F:25:A6:49:16:D9:3A:7A:B8:11:1A:F7:24:6D:28:0B:B1:43:BF:A7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186707763083B53B873949BE60F27953317
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fyWmSRbZOnq4ERr3JG0oC7FDv6c.roa
Signing time: Mon 20 Feb 2023 20:15:17 +0000
ROA not before: Mon 20 Feb 2023 20:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:70:77:63:08:3b:53:b8:73:94:9b:e6:0f:27:95:33:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 20 20:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f25a64916d93a7ab8111af7246d280bb143bfa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:87:d8:13:0b:24:65:55:3c:8f:ed:6e:23:7d:
ab:18:93:a6:22:ff:6b:30:53:07:90:74:2a:1a:10:
ca:c0:a6:1a:48:f1:93:e7:5c:de:6b:6b:d1:76:c2:
7d:75:a9:eb:9f:aa:fc:7f:f2:49:f1:18:1e:46:c5:
2b:24:be:01:74:66:09:0e:7b:3e:d6:66:4a:7f:ec:
25:0e:e6:de:89:40:8c:64:83:43:f3:f3:f2:12:3a:
7a:0d:d0:c7:13:42:ed:c1:a9:f0:8f:46:2d:ec:d1:
09:91:71:a3:19:d3:e1:9a:54:bc:bd:4e:86:24:49:
2e:b5:03:bd:2d:9b:03:a3:81:f7:7c:44:10:6f:fc:
4b:69:87:ca:0d:1b:b5:c5:ab:7b:6f:6c:0f:4d:1d:
57:13:30:6d:01:1b:35:d5:d0:81:79:61:25:b4:39:
a6:85:46:b7:56:a0:98:5b:23:1e:dc:83:7a:d8:ce:
59:62:72:22:a5:ac:2e:2a:af:f8:27:5d:3c:aa:05:
14:4e:40:c1:95:8d:e6:e4:c3:8b:07:bb:a7:76:81:
3a:27:f0:8e:04:27:67:3b:f5:de:14:ab:b5:ad:8a:
fc:be:b5:fd:0b:38:8d:db:df:a5:1a:1a:7f:44:ea:
18:7d:e1:d3:32:98:b7:a9:af:83:91:ac:1e:93:1b:
f3:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:25:A6:49:16:D9:3A:7A:B8:11:1A:F7:24:6D:28:0B:B1:43:BF:A7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fyWmSRbZOnq4ERr3JG0oC7FDv6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:90:eb:94:c9:9a:56:cb:41:9b:fb:80:44:be:41:94:44:9e:
d1:a5:27:7a:3f:79:76:34:b5:21:a4:4f:27:11:74:42:43:f5:
21:cf:07:0e:ab:3d:df:37:a8:d5:bb:82:9a:0e:ec:5c:60:b6:
c3:7a:3f:f8:c1:52:3b:6a:a9:e6:8a:f2:13:ed:d0:df:c6:99:
dd:cd:0f:39:23:37:c6:0e:7d:7c:66:8f:e2:14:42:38:13:b9:
be:21:3e:4d:b6:12:f0:90:ed:b7:56:0e:45:0a:55:28:d4:5a:
54:78:cf:7d:c8:30:09:1e:e9:a5:8e:c6:01:52:bf:c6:e3:24:
64:27:06:44:f0:6c:00:5c:0c:f4:58:f4:ee:6f:5f:ff:fb:09:
a9:34:83:74:80:51:bf:ae:80:5f:d4:ae:39:73:08:d4:07:c3:
2b:8c:88:b5:58:dc:4d:6f:e1:e5:88:ea:a9:76:be:f4:5f:b0:
ca:ec:85:3e:d3:17:6e:b0:d0:7f:b7:00:f7:e3:7b:9c:25:03:
41:1e:79:05:ad:64:e1:ea:0c:92:0c:62:6a:f0:53:75:52:49:
fd:27:d9:07:82:41:0b:3d:b8:40:60:34:87:b6:8e:1a:25:37:
9e:25:55:2f:4c:14:54:13:b8:2e:02:47:8e:7e:8d:7b:2d:aa:
90:2d:6a:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZwd2MIO1O4c5Sb5g8nlTMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIwMjAxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjI1YTY0OTE2ZDkzYTdhYjgxMTFhZjcyNDZkMjgwYmIxNDNiZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4fYEwskZVU8j+1uI32rGJOmIv9r
MFMHkHQqGhDKwKYaSPGT51zea2vRdsJ9danrn6r8f/JJ8RgeRsUrJL4BdGYJDns+
1mZKf+wlDubeiUCMZIND8/PyEjp6DdDHE0Ltwanwj0Yt7NEJkXGjGdPhmlS8vU6G
JEkutQO9LZsDo4H3fEQQb/xLaYfKDRu1xat7b2wPTR1XEzBtARs11dCBeWEltDmm
hUa3VqCYWyMe3IN62M5ZYnIipawuKq/4J108qgUUTkDBlY3m5MOLB7undoE6J/CO
BCdnO/XeFKu1rYr8vrX9CziN29+lGhp/ROoYfeHTMpi3qa+Dkawekxvz3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH8lpkkW2Tp6uBEa9yRtKAuxQ7+nMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZnlXbVNSYlpPbnE0RVJyM0pHMG9DN0ZEdjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACeQ65TJmlbLQZv7gES+
QZREntGlJ3o/eXY0tSGkTycRdEJD9SHPBw6rPd83qNW7gpoO7FxgtsN6P/jBUjtq
qeaK8hPt0N/Gmd3NDzkjN8YOfXxmj+IUQjgTub4hPk22EvCQ7bdWDkUKVSjUWlR4
z33IMAke6aWOxgFSv8bjJGQnBkTwbABcDPRY9O5vX//7Cak0g3SAUb+ugF/Urjlz
CNQHwyuMiLVY3E1v4eWI6ql2vvRfsMrshT7TF26w0H+3APfje5wlA0EeeQWtZOHq
DJIMYmrwU3VSSf0n2QeCQQs9uEBgNIe2jholN54lVS9MFFQTuC4CR45+jXstqpAt
apg=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:23:36 2025 by rpki-client