Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jVzrf4PKAi44LwBHY92sJsPHX4c.roa
File: jVzrf4PKAi44LwBHY92sJsPHX4c.roa (raw, json)
Hash identifier: ClDPuxvINMDDVI3oUKXZj5yyFwUjeOdAV5fDBN5v2Fo=
Subject key identifier: 8D:5C:EB:7F:83:CA:02:2E:38:2F:00:47:63:DD:AC:26:C3:C7:5F:87
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E7867DFFFB2B8E2BFC560C43659CEE90
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jVzrf4PKAi44LwBHY92sJsPHX4c.roa
Signing time: Sat 12 Aug 2023 02:14:58 +0000
ROA not before: Sat 12 Aug 2023 02:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e7:86:7d:ff:fb:2b:8e:2b:fc:56:0c:43:65:9c:ee:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 12 02:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d5ceb7f83ca022e382f004763ddac26c3c75f87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:de:ed:11:08:15:f1:83:e8:77:6b:55:64:c8:
bc:6d:01:bf:1c:30:52:76:b3:74:06:23:53:34:95:
b0:23:a1:0a:b3:59:4a:bd:50:da:a6:0c:09:77:f5:
32:8e:67:fd:f3:61:65:d7:49:6c:b9:f4:d3:f3:6a:
bd:6b:c5:3a:72:20:fe:3b:26:09:97:0e:fd:e2:0b:
c4:aa:21:1e:f7:d8:51:dc:a2:db:4d:8a:72:d7:f2:
da:fa:70:39:4b:ec:e9:ab:a0:fc:95:76:8b:f2:28:
f1:1b:da:c1:97:79:56:a8:b2:29:30:5a:fa:c4:86:
c0:53:4b:36:1c:71:e0:6a:2d:d1:f4:76:36:0f:71:
97:cd:94:98:ca:4d:d2:7e:3f:a3:56:ab:e5:8a:a5:
0a:bc:d3:96:c6:c1:5d:e4:f2:9d:c8:d3:d3:8c:00:
f5:57:14:c9:9b:2f:8e:19:b4:87:6a:79:fc:e0:66:
a3:53:16:c4:99:75:64:a9:c5:c5:2a:6c:8b:cc:86:
91:db:c5:ef:0e:b7:30:61:d7:7a:8b:61:3c:5f:29:
30:e7:f9:93:3e:da:3a:9e:ca:70:0e:de:3e:0a:d9:
df:10:c6:18:5e:93:37:ab:fe:6f:f5:93:ea:40:8e:
91:18:08:b7:c4:ae:63:f2:f7:72:68:f1:a6:e2:e9:
c3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:5C:EB:7F:83:CA:02:2E:38:2F:00:47:63:DD:AC:26:C3:C7:5F:87
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jVzrf4PKAi44LwBHY92sJsPHX4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:e5:30:23:7d:f7:7b:c5:a8:98:0f:43:43:2b:76:f6:0e:99:
0a:5d:2b:55:8e:73:99:6e:e1:bd:45:9d:c2:d9:28:64:28:00:
d9:4f:8d:a9:9a:56:70:2f:33:c2:6e:48:1c:34:9e:a7:18:59:
6e:00:a1:8f:6c:89:33:a5:ce:d6:0e:4f:ab:79:64:e7:4f:9b:
64:90:b9:9c:da:f9:1a:5c:1f:80:70:ee:23:03:b1:8a:b3:7a:
df:cf:b3:f3:d7:58:23:d6:30:3f:57:5b:4a:61:b3:16:d0:db:
8f:85:f1:8b:03:aa:6a:ec:7a:1d:f7:b6:17:81:1c:8f:76:c1:
18:09:30:ca:d0:d6:42:17:38:3e:67:0d:ca:97:81:b4:68:90:
12:70:ff:02:19:dd:ac:a6:eb:6a:26:b5:c9:2e:53:97:07:03:
ce:b0:6f:a1:49:a6:1a:9d:8d:53:12:6d:e2:a3:cf:2c:76:36:
b9:01:ea:a3:e9:87:4e:93:37:0b:28:f8:8a:3f:50:d3:7f:bf:
a2:4c:de:40:e7:2e:51:99:2a:1a:e2:c7:cf:7d:c4:85:cb:07:
90:6f:47:07:1a:f9:d8:5e:9c:2a:ce:79:e6:e4:69:6c:ec:7f:
d7:05:0e:76:b7:ea:a9:ac:8d:fa:92:d6:7f:e0:be:03:6f:64:
bc:8a:ce:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnnhn3/+yuOK/xWDENlnO6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEyMDIxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDVjZWI3ZjgzY2EwMjJlMzgyZjAwNDc2M2RkYWMyNmMzYzc1Zjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN7tEQgV8YPod2tVZMi8bQG/HDBS
drN0BiNTNJWwI6EKs1lKvVDapgwJd/Uyjmf982Fl10lsufTT82q9a8U6ciD+OyYJ
lw794gvEqiEe99hR3KLbTYpy1/La+nA5S+zpq6D8lXaL8ijxG9rBl3lWqLIpMFr6
xIbAU0s2HHHgai3R9HY2D3GXzZSYyk3Sfj+jVqvliqUKvNOWxsFd5PKdyNPTjAD1
VxTJmy+OGbSHann84GajUxbEmXVkqcXFKmyLzIaR28XvDrcwYdd6i2E8Xykw5/mT
Pto6nspwDt4+CtnfEMYYXpM3q/5v9ZPqQI6RGAi3xK5j8vdyaPGm4unDRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI1c63+DygIuOC8AR2PdrCbDx1+HMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvalZ6cmY0UEtBaTQ0THdCSFk5MnNKc1BIWDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI3lMCN993vFqJgPQ0Mr
dvYOmQpdK1WOc5lu4b1FncLZKGQoANlPjamaVnAvM8JuSBw0nqcYWW4AoY9siTOl
ztYOT6t5ZOdPm2SQuZza+RpcH4Bw7iMDsYqzet/Ps/PXWCPWMD9XW0phsxbQ24+F
8YsDqmrseh33theBHI92wRgJMMrQ1kIXOD5nDcqXgbRokBJw/wIZ3aym62omtcku
U5cHA86wb6FJphqdjVMSbeKjzyx2NrkB6qPph06TNwso+Io/UNN/v6JM3kDnLlGZ
Khrix899xIXLB5BvRwca+dhenCrOeebkaWzsf9cFDna36qmsjfqS1n/gvgNvZLyK
zik=
-----END CERTIFICATE-----
Generated at Thu May 1 00:08:12 2025 by rpki-client