Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gh9iwnYLjksf2OwqQlJ4imiCryc.roa
File: gh9iwnYLjksf2OwqQlJ4imiCryc.roa (raw, json)
Hash identifier: cfg3S2ZBu0vQBZw1N+KO0Vsw9Dblzj0a2qgBTBFLDII=
Subject key identifier: 82:1F:62:C2:76:0B:8E:4B:1F:D8:EC:2A:42:52:78:8A:68:82:AF:27
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01858CFDCDDF174F1472F0E2A75E6AA2B66B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gh9iwnYLjksf2OwqQlJ4imiCryc.roa
Signing time: Sat 07 Jan 2023 16:08:41 +0000
ROA not before: Sat 07 Jan 2023 16:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8c:fd:cd:df:17:4f:14:72:f0:e2:a7:5e:6a:a2:b6:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 7 16:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=821f62c2760b8e4b1fd8ec2a4252788a6882af27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ae:24:dc:63:2f:b4:be:91:78:ee:c8:c2:ad:
34:b6:bb:bc:9c:42:7a:3b:38:2d:98:d4:dd:57:81:
42:46:20:c7:77:6b:90:72:29:be:67:7e:9b:7f:1d:
f3:9b:2d:dc:26:4c:27:0f:23:b9:86:e8:a9:f6:56:
45:93:80:7a:74:36:d4:e4:d6:46:bc:7e:d4:f6:83:
36:09:60:f3:1b:91:ee:1f:82:36:99:eb:a9:c7:80:
45:20:22:c2:46:8b:36:3c:ef:3b:8b:3b:c0:18:7b:
16:78:50:02:a3:4e:fa:ce:cb:5e:33:da:86:fb:ac:
67:ee:cc:a8:08:96:9b:0f:58:ef:5d:80:79:4d:be:
49:ac:ee:bc:55:fb:76:ab:d6:b7:8c:06:1f:34:93:
bd:e4:66:77:96:23:5f:66:12:92:07:1f:d9:52:f7:
28:d1:12:d4:26:3a:e2:72:4a:e1:f7:fa:e0:2b:f3:
71:b4:84:08:00:7d:56:09:d1:59:46:71:f8:da:c2:
d4:8e:36:32:f6:f0:de:29:a6:00:90:f1:2d:35:1b:
d9:23:cf:64:e7:3a:3f:77:bb:83:b5:a3:95:03:66:
68:45:55:78:3b:fb:e1:e9:4a:67:12:32:02:bb:e8:
66:d9:31:01:e2:7d:90:72:f7:ba:d2:e3:0a:44:4e:
da:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1F:62:C2:76:0B:8E:4B:1F:D8:EC:2A:42:52:78:8A:68:82:AF:27
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gh9iwnYLjksf2OwqQlJ4imiCryc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:bc:97:17:89:6c:45:16:b2:b9:84:92:a0:6a:1d:f1:25:8c:
9e:2a:36:e0:04:e6:e4:a4:42:bc:ea:37:c2:69:7b:5a:c7:5a:
e3:2a:d9:86:ab:fa:59:19:e3:e9:01:bb:25:87:ce:f8:5c:c6:
18:2d:bd:93:3b:6b:7e:cd:f5:95:e6:d7:e8:64:50:27:dd:57:
f5:70:08:2a:7d:d8:a8:71:b4:d2:6d:8c:75:b0:6b:c7:66:24:
9a:3d:83:bc:97:dd:b7:7d:27:41:01:d4:de:2c:ba:79:8d:67:
de:6d:af:a0:34:df:af:19:f2:d5:72:8c:99:24:fe:6e:6f:d1:
ce:7a:46:35:fa:6d:ca:1b:c1:28:45:dc:a1:41:d0:f4:f8:5f:
09:bf:5a:c7:3c:0f:6b:85:b6:88:ba:2f:22:00:79:f1:15:43:
90:d5:5e:3a:99:7d:3d:8b:44:f7:21:7f:e4:02:e7:c8:48:72:
1a:34:4e:62:5b:9c:52:f2:8a:e0:3e:d9:76:48:a3:bb:05:3c:
09:6d:e5:f0:13:a8:29:bc:aa:79:46:e3:b5:df:c4:8b:de:a7:
0a:79:9c:68:68:ef:8f:bc:21:cf:f9:5e:7e:b8:98:85:b3:b2:
2a:ad:1f:f9:f9:80:69:6c:6c:1a:b2:a8:39:58:50:9b:ee:e3:
18:b8:7d:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWM/c3fF08UcvDip15qorZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA3MTYwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjFmNjJjMjc2MGI4ZTRiMWZkOGVjMmE0MjUyNzg4YTY4ODJhZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAza4k3GMvtL6ReO7Iwq00tru8nEJ6
OzgtmNTdV4FCRiDHd2uQcim+Z36bfx3zmy3cJkwnDyO5huip9lZFk4B6dDbU5NZG
vH7U9oM2CWDzG5HuH4I2meupx4BFICLCRos2PO87izvAGHsWeFACo076zsteM9qG
+6xn7syoCJabD1jvXYB5Tb5JrO68Vft2q9a3jAYfNJO95GZ3liNfZhKSBx/ZUvco
0RLUJjrickrh9/rgK/NxtIQIAH1WCdFZRnH42sLUjjYy9vDeKaYAkPEtNRvZI89k
5zo/d7uDtaOVA2ZoRVV4O/vh6UpnEjICu+hm2TEB4n2Qcve60uMKRE7afQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIIfYsJ2C45LH9jsKkJSeIpogq8nMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZ2g5aXduWUxqa3NmMk93cVFsSjRpbWlDcnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADi8lxeJbEUWsrmEkqBq
HfEljJ4qNuAE5uSkQrzqN8Jpe1rHWuMq2Yar+lkZ4+kBuyWHzvhcxhgtvZM7a37N
9ZXm1+hkUCfdV/VwCCp92KhxtNJtjHWwa8dmJJo9g7yX3bd9J0EB1N4sunmNZ95t
r6A0368Z8tVyjJkk/m5v0c56RjX6bcobwShF3KFB0PT4Xwm/Wsc8D2uFtoi6LyIA
efEVQ5DVXjqZfT2LRPchf+QC58hIcho0TmJbnFLyiuA+2XZIo7sFPAlt5fATqCm8
qnlG47XfxIvepwp5nGho74+8Ic/5Xn64mIWzsiqtH/n5gGlsbBqyqDlYUJvu4xi4
fZU=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:08:53 2025 by rpki-client