Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gSQJ9mesYbB8pWPbDBe_AieIKdQ.roa
File: gSQJ9mesYbB8pWPbDBe_AieIKdQ.roa (raw, json)
Hash identifier: 8lTDgeM9AkIXk6Lo3OohlO5hRzIqRw398FgtZsv5yks=
Subject key identifier: 81:24:09:F6:67:AC:61:B0:7C:A5:63:DB:0C:17:BF:02:27:88:29:D4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186C48B5DCC6F77C59BE4B2E2D0F34A5898
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gSQJ9mesYbB8pWPbDBe_AieIKdQ.roa
Signing time: Thu 09 Mar 2023 04:05:13 +0000
ROA not before: Thu 09 Mar 2023 04:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c48b:39f9/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c4:8b:5d:cc:6f:77:c5:9b:e4:b2:e2:d0:f3:4a:58:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 9 04:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=812409f667ac61b07ca563db0c17bf02278829d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5f:27:a9:f8:ca:67:0b:bb:59:d0:ea:c0:72:
30:e5:85:19:e1:77:41:47:dd:d0:01:51:bb:92:b1:
0d:d2:88:35:ab:d2:b8:15:55:bc:26:dc:5e:90:94:
27:dc:2a:be:fe:dd:34:64:73:cb:62:12:93:6e:5b:
2d:1b:fe:8f:42:27:bb:d6:b4:7e:a1:41:bd:39:75:
c0:e9:11:e0:95:19:f8:3d:cd:cb:7e:5d:a6:10:40:
ce:50:d6:a6:a1:25:81:e5:a1:66:b1:c0:cd:13:96:
15:fe:a0:fe:16:93:cf:19:b6:6f:6e:ed:b7:2a:f3:
af:9c:cd:3c:80:b0:06:a5:a0:13:c0:d2:1c:6a:41:
54:61:5e:14:ec:40:49:a8:45:b5:15:38:da:c9:c0:
7a:27:ab:f6:c7:8e:0e:2e:90:85:ec:52:c5:a6:3f:
47:ea:51:80:d9:6f:06:08:1a:74:1f:09:8a:9c:82:
4d:12:a0:b0:da:ce:e6:e0:d0:d1:88:cf:a2:7f:8f:
da:12:59:52:60:74:00:ee:f5:7c:65:33:b7:57:28:
28:75:e1:cd:3a:fb:f2:12:28:03:f8:cb:52:e9:ef:
40:22:96:6f:1b:b8:af:a5:41:11:0e:2c:35:b0:36:
c1:f8:6f:c6:10:ca:b0:0f:e5:a5:39:d4:b5:4d:85:
09:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:24:09:F6:67:AC:61:B0:7C:A5:63:DB:0C:17:BF:02:27:88:29:D4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gSQJ9mesYbB8pWPbDBe_AieIKdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:f8:01:9c:07:b1:6f:16:e5:dd:22:59:05:95:7b:3f:c0:52:
58:1d:e2:9e:83:6a:0c:ee:07:64:df:eb:a9:09:91:d3:c4:88:
05:fa:cc:95:93:7e:51:df:0d:ad:34:81:53:74:7f:7b:a9:58:
73:57:ac:53:03:a1:4a:ad:96:42:23:f1:f8:8c:41:68:15:91:
14:f5:3b:70:c7:c2:b0:bf:67:80:9d:41:56:b5:10:9b:44:35:
4d:52:b4:0e:f7:77:2a:74:ec:8b:45:99:85:a2:a2:5a:cc:ad:
51:12:e9:9b:e9:bc:77:84:c2:0e:3c:12:da:30:a3:39:25:aa:
58:b9:f0:a4:6b:f4:b2:4b:d2:dc:f6:23:f5:ad:25:a7:50:d5:
98:e9:76:23:bd:2a:23:a7:56:58:a6:0e:18:a2:a8:e3:49:1c:
13:be:09:81:4b:6b:6c:d8:91:b4:97:13:ed:45:d5:07:1a:90:
0e:7f:55:1d:27:3b:a2:b7:99:5f:63:c5:31:91:41:fa:22:93:
79:99:20:df:00:54:90:ad:eb:53:f4:15:48:e8:fc:df:fa:c6:
26:3f:0c:c2:41:01:22:7a:bd:1f:83:d5:c6:91:77:ac:e6:11:
8e:0e:10:35:0d:f6:82:5a:0c:b4:34:7a:10:ad:f7:5c:90:92:
25:45:53:91
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbEi13Mb3fFm+Sy4tDzSliYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA5MDQwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTI0MDlmNjY3YWM2MWIwN2NhNTYzZGIwYzE3YmYwMjI3ODgyOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF8nqfjKZwu7WdDqwHIw5YUZ4XdB
R93QAVG7krEN0og1q9K4FVW8JtxekJQn3Cq+/t00ZHPLYhKTblstG/6PQie71rR+
oUG9OXXA6RHglRn4Pc3Lfl2mEEDOUNamoSWB5aFmscDNE5YV/qD+FpPPGbZvbu23
KvOvnM08gLAGpaATwNIcakFUYV4U7EBJqEW1FTjaycB6J6v2x44OLpCF7FLFpj9H
6lGA2W8GCBp0HwmKnIJNEqCw2s7m4NDRiM+if4/aEllSYHQA7vV8ZTO3VygodeHN
OvvyEigD+MtS6e9AIpZvG7ivpUERDiw1sDbB+G/GEMqwD+WlOdS1TYUJMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIEkCfZnrGGwfKVj2wwXvwIniCnUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZ1NRSjltZXNZYkI4cFdQYkRCZV9BaWVJS2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAET4AZwHsW8W5d0iWQWV
ez/AUlgd4p6DagzuB2Tf66kJkdPEiAX6zJWTflHfDa00gVN0f3upWHNXrFMDoUqt
lkIj8fiMQWgVkRT1O3DHwrC/Z4CdQVa1EJtENU1StA73dyp07ItFmYWiolrMrVES
6ZvpvHeEwg48Etowozklqli58KRr9LJL0tz2I/WtJadQ1ZjpdiO9KiOnVlimDhii
qONJHBO+CYFLa2zYkbSXE+1F1QcakA5/VR0nO6K3mV9jxTGRQfoik3mZIN8AVJCt
61P0FUjo/N/6xiY/DMJBASJ6vR+D1caRd6zmEY4OEDUN9oJaDLQ0ehCt91yQkiVF
U5E=
-----END CERTIFICATE-----
Generated at Fri May 2 14:27:09 2025 by rpki-client