Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gN7WCXZ_xjBH4UL4UxZy-CWfqoU.roa
File: gN7WCXZ_xjBH4UL4UxZy-CWfqoU.roa (raw, json)
Hash identifier: DfhlndpEXqqp01QUHnxiBReDSgEkw/pRIZPRc2mZKTo=
Subject key identifier: 80:DE:D6:09:76:7F:C6:30:47:E1:42:F8:53:16:72:F8:25:9F:AA:85
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867E28F06C3A30B899AFB984AAA59B42A2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gN7WCXZ_xjBH4UL4UxZy-CWfqoU.roa
Signing time: Thu 23 Feb 2023 12:04:17 +0000
ROA not before: Thu 23 Feb 2023 12:04:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
2001:67c:64:ffff:0:186:7e28:d2f4/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:28:f0:6c:3a:30:b8:99:af:b9:84:aa:a5:9b:42:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 23 12:04:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80ded609767fc63047e142f8531672f8259faa85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:45:66:bb:d6:1a:f2:78:ff:43:5b:d6:5c:f6:
d0:c5:ca:c2:e6:63:e0:aa:5a:66:88:a6:ba:31:43:
94:26:0c:ee:0d:83:dd:4d:91:07:ee:db:82:6b:85:
bf:41:27:49:92:38:8a:a7:a6:a4:d5:c1:15:97:c4:
38:6c:a2:6b:06:c5:d0:40:b5:6e:de:3b:fe:e6:c4:
69:bf:66:1c:1d:3e:92:9a:52:d9:dc:26:04:58:c0:
72:6c:13:f0:79:c2:b9:36:bf:87:25:a0:cc:73:99:
a4:3a:51:6a:62:c0:69:57:6a:60:43:52:36:00:85:
4c:97:eb:66:0a:dd:2d:4c:77:1c:51:1b:e1:c7:e4:
52:3a:b4:07:e1:66:c3:80:ff:b2:bb:9c:8c:51:f0:
19:98:ca:1a:f2:77:cd:ce:e9:cf:41:b7:f6:35:88:
9a:c8:7c:b0:2f:68:5a:17:b1:25:65:7c:60:81:c3:
a3:1b:c3:26:d6:5b:93:d3:2b:06:3f:20:2e:21:65:
28:07:ba:c6:06:db:c0:c9:9e:8e:10:29:c8:de:00:
65:c8:c3:f6:67:95:99:e6:b4:c6:c0:0a:99:9e:bf:
32:c5:7a:f0:39:e9:20:f3:8b:9a:38:e5:eb:ee:3d:
30:31:35:f3:6d:87:5c:4d:b1:9f:c4:b7:a5:ff:8b:
01:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:DE:D6:09:76:7F:C6:30:47:E1:42:F8:53:16:72:F8:25:9F:AA:85
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gN7WCXZ_xjBH4UL4UxZy-CWfqoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:35:68:ab:8f:9c:81:07:99:86:f8:ad:84:63:ba:0b:c0:9b:
7c:8f:7a:39:7a:e3:b5:e4:6c:8b:da:c4:d8:c1:76:5e:7b:90:
30:69:a4:73:44:2f:8c:7a:ab:3f:73:17:cd:19:4d:9e:3b:c3:
c4:79:af:d3:5c:bb:4a:e0:d2:2b:55:66:fb:24:9f:9f:1a:3b:
77:3b:32:d2:ff:bc:32:83:06:1f:d1:b9:e4:3a:7f:97:15:d9:
3a:64:1a:82:eb:58:74:81:73:95:fb:4c:9f:25:60:c8:6a:a6:
d0:ba:49:a3:78:5a:8e:8a:d2:51:b5:e8:0f:e4:a2:ee:e0:4e:
e1:55:dc:26:09:d4:de:f8:66:d3:a2:a5:ad:1b:9e:91:9a:87:
3f:fe:09:75:38:b6:2c:10:ec:ec:69:da:c6:c0:f3:aa:39:da:
90:70:2d:c1:57:a6:e3:ab:43:4e:37:3b:d4:45:a9:1d:44:10:
e7:05:14:8a:06:6e:53:68:60:d5:31:ee:f3:f9:09:83:a0:9c:
e4:c4:43:ee:11:25:9e:e5:87:a6:d8:5a:9c:ff:06:79:7e:75:
b6:a5:c1:9d:cf:c3:3a:12:f7:20:37:06:5f:58:5c:de:e2:e8:
21:49:65:0d:1e:8b:69:1d:b5:c3:a0:9c:e5:d2:3b:e2:99:30:
9a:48:e8:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ+KPBsOjC4ma+5hKqlm0KiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIzMTIwNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGRlZDYwOTc2N2ZjNjMwNDdlMTQyZjg1MzE2NzJmODI1OWZhYTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkVmu9Ya8nj/Q1vWXPbQxcrC5mPg
qlpmiKa6MUOUJgzuDYPdTZEH7tuCa4W/QSdJkjiKp6ak1cEVl8Q4bKJrBsXQQLVu
3jv+5sRpv2YcHT6SmlLZ3CYEWMBybBPwecK5Nr+HJaDMc5mkOlFqYsBpV2pgQ1I2
AIVMl+tmCt0tTHccURvhx+RSOrQH4WbDgP+yu5yMUfAZmMoa8nfNzunPQbf2NYia
yHywL2haF7ElZXxggcOjG8Mm1luT0ysGPyAuIWUoB7rGBtvAyZ6OECnI3gBlyMP2
Z5WZ5rTGwAqZnr8yxXrwOekg84uaOOXr7j0wMTXzbYdcTbGfxLel/4sBxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIDe1gl2f8YwR+FC+FMWcvgln6qFMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZ043V0NYWl94akJINFVMNFV4WnktQ1dmcW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB01aKuPnIEHmYb4rYRj
ugvAm3yPejl647XkbIvaxNjBdl57kDBppHNEL4x6qz9zF80ZTZ47w8R5r9Ncu0rg
0itVZvskn58aO3c7MtL/vDKDBh/RueQ6f5cV2TpkGoLrWHSBc5X7TJ8lYMhqptC6
SaN4Wo6K0lG16A/kou7gTuFV3CYJ1N74ZtOipa0bnpGahz/+CXU4tiwQ7Oxp2sbA
86o52pBwLcFXpuOrQ043O9RFqR1EEOcFFIoGblNoYNUx7vP5CYOgnOTEQ+4RJZ7l
h6bYWpz/Bnl+dbalwZ3PwzoS9yA3Bl9YXN7i6CFJZQ0ei2kdtcOgnOXSO+KZMJpI
6LI=
-----END CERTIFICATE-----
Generated at Fri May 2 20:41:00 2025 by rpki-client