Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gEhv23msg_tzhIGQ6s5SLVx6yic.roa
File: gEhv23msg_tzhIGQ6s5SLVx6yic.roa (raw, json)
Hash identifier: gGBy2lFk5IaaH+K4QEIiJ2vulUbPGxAAGEnIJUpJfis=
Subject key identifier: 80:48:6F:DB:79:AC:83:FB:73:84:81:90:EA:CE:52:2D:5C:7A:CA:27
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01864E86523FAB4ED495FE8FBA0116F81CD5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gEhv23msg_tzhIGQ6s5SLVx6yic.roa
Signing time: Tue 14 Feb 2023 06:04:30 +0000
ROA not before: Tue 14 Feb 2023 06:04:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:4e86:1060/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4e:86:52:3f:ab:4e:d4:95:fe:8f:ba:01:16:f8:1c:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 14 06:04:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80486fdb79ac83fb73848190eace522d5c7aca27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:29:08:a4:ad:f3:b3:f9:2b:3f:02:f4:c0:12:
3d:7a:32:00:48:e8:f9:75:70:47:03:ba:58:b3:e0:
ab:ae:05:16:0e:66:fe:8e:4f:d2:6e:d6:bb:72:d9:
11:41:43:2a:c6:36:a3:0f:be:b6:7b:52:03:5f:5f:
d0:00:eb:96:c7:96:ed:cd:13:68:b6:42:69:fa:9c:
45:98:bc:54:01:a4:3d:4c:18:87:70:64:0e:4e:3d:
75:e8:26:ce:38:76:9d:a8:fc:7b:56:d6:01:aa:5e:
40:4c:22:15:af:d6:3e:19:3c:0f:16:e2:bd:e4:a7:
83:b5:e8:d9:14:af:64:0d:b2:48:fd:eb:76:6c:df:
b3:fe:c0:c3:f2:05:94:4d:6b:83:ab:3c:e5:61:8e:
eb:0d:7f:63:41:6e:1d:e3:16:c7:f2:ae:33:07:8a:
bf:e1:ef:66:5b:65:7e:c8:33:73:8b:d9:c8:66:c3:
e7:28:2c:d6:80:71:44:b1:18:16:80:aa:ba:28:f6:
d4:4a:55:af:50:82:00:cc:0c:03:57:bc:b7:9e:8c:
80:db:01:70:93:26:e1:8e:5b:4d:b6:c6:3e:7d:c9:
3c:c0:b6:d7:fb:55:dd:ac:0e:d0:04:fe:6f:1e:c4:
0a:e3:63:1d:f0:21:d3:0c:06:14:3d:dc:55:1c:2d:
77:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:48:6F:DB:79:AC:83:FB:73:84:81:90:EA:CE:52:2D:5C:7A:CA:27
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gEhv23msg_tzhIGQ6s5SLVx6yic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:c0:27:4d:74:25:b0:2a:eb:b8:0c:ba:90:0a:8a:be:8e:34:
06:81:6a:d6:9d:9e:ab:ef:41:dd:74:29:03:f5:b5:c5:6b:a8:
8d:28:0c:22:f7:a1:db:a9:a2:c9:1a:31:26:97:ff:1a:45:39:
ef:43:f5:3d:9a:21:19:94:20:71:5f:70:82:62:f9:7c:2f:30:
68:9a:82:11:df:4a:0f:25:bf:dc:49:20:ce:6e:fb:fe:e7:34:
70:39:eb:21:ef:c5:2a:ae:da:af:a8:ca:6c:c3:58:79:01:98:
1b:a4:1c:f8:bd:70:ed:a3:a3:21:8d:85:36:dd:7b:ef:f5:64:
f1:76:bb:06:52:fc:76:7e:c4:bb:2f:de:64:c3:8c:d9:f6:69:
cf:f1:91:fc:e9:42:f0:4e:08:13:7f:1a:f5:af:f8:ce:82:c2:
cb:98:68:e1:bf:dc:45:58:9e:16:0b:8b:58:87:85:e8:43:8d:
ca:cd:1c:d5:02:71:01:77:33:19:8b:eb:52:77:91:53:49:dc:
dd:f9:c0:09:ca:e6:a1:e5:5a:09:ea:38:f1:82:d5:bd:9c:5d:
d1:f5:f2:77:de:92:22:5f:8a:51:24:8f:84:97:d3:68:30:bc:
e6:2e:59:78:90:85:27:3d:02:db:02:64:d2:75:8d:5c:3e:b9:
f1:56:4e:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZOhlI/q07Ulf6PugEW+BzVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE0MDYwNDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDQ4NmZkYjc5YWM4M2ZiNzM4NDgxOTBlYWNlNTIyZDVjN2FjYTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SkIpK3zs/krPwL0wBI9ejIASOj5
dXBHA7pYs+CrrgUWDmb+jk/Sbta7ctkRQUMqxjajD762e1IDX1/QAOuWx5btzRNo
tkJp+pxFmLxUAaQ9TBiHcGQOTj116CbOOHadqPx7VtYBql5ATCIVr9Y+GTwPFuK9
5KeDtejZFK9kDbJI/et2bN+z/sDD8gWUTWuDqzzlYY7rDX9jQW4d4xbH8q4zB4q/
4e9mW2V+yDNzi9nIZsPnKCzWgHFEsRgWgKq6KPbUSlWvUIIAzAwDV7y3noyA2wFw
kybhjltNtsY+fck8wLbX+1XdrA7QBP5vHsQK42Md8CHTDAYUPdxVHC13fQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIBIb9t5rIP7c4SBkOrOUi1cesonMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZ0VodjIzbXNnX3R6aElHUTZzNVNMVng2eWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABPAJ010JbAq67gMupAK
ir6ONAaBatadnqvvQd10KQP1tcVrqI0oDCL3oduposkaMSaX/xpFOe9D9T2aIRmU
IHFfcIJi+XwvMGiaghHfSg8lv9xJIM5u+/7nNHA56yHvxSqu2q+oymzDWHkBmBuk
HPi9cO2joyGNhTbde+/1ZPF2uwZS/HZ+xLsv3mTDjNn2ac/xkfzpQvBOCBN/GvWv
+M6CwsuYaOG/3EVYnhYLi1iHhehDjcrNHNUCcQF3MxmL61J3kVNJ3N35wAnK5qHl
WgnqOPGC1b2cXdH18nfekiJfilEkj4SX02gwvOYuWXiQhSc9AtsCZNJ1jVw+ufFW
Tmo=
-----END CERTIFICATE-----
Generated at Thu May 1 18:47:17 2025 by rpki-client