Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jX3eF5EHGJMwbTOJ_iSfQ9zfg7o.roa
File: jX3eF5EHGJMwbTOJ_iSfQ9zfg7o.roa (raw, json)
Hash identifier: CJ1hr/pcwfpinqkWXw051LkyzFz9k18BAL31BzKjcco=
Subject key identifier: 8D:7D:DE:17:91:07:18:93:30:6D:33:89:FE:24:9F:43:DC:DF:83:BA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867E3044330F85CBD1CFAF2AA7EABFAF35
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jX3eF5EHGJMwbTOJ_iSfQ9zfg7o.roa
Signing time: Thu 23 Feb 2023 12:12:17 +0000
ROA not before: Thu 23 Feb 2023 12:12:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:30:44:33:0f:85:cb:d1:cf:af:2a:a7:ea:bf:af:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 23 12:12:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d7dde1791071893306d3389fe249f43dcdf83ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:18:6c:af:90:97:a5:91:a0:7e:fd:04:d7:11:
bb:a4:ff:cd:90:59:06:e9:50:0c:19:be:f3:fa:0d:
d5:8d:d5:ad:7c:a2:eb:63:06:86:06:3d:4c:f4:a3:
c9:06:31:b5:8a:69:95:d3:22:80:14:f0:a2:80:5b:
3b:d1:c8:b8:f3:17:c2:d4:39:cd:f9:55:b9:51:5c:
af:0c:80:b0:1a:92:54:7f:bb:5c:d8:91:da:7f:aa:
95:de:59:b2:a9:6a:14:e7:6e:11:92:46:57:ac:d9:
2b:a7:9f:a6:fa:22:8b:c9:30:5d:a0:59:42:71:89:
ab:4c:7b:a3:f6:10:20:cd:90:52:db:50:40:09:6c:
66:72:98:42:95:87:b2:46:dd:2f:db:d5:66:de:19:
69:fa:2d:b9:a5:8a:5b:a4:83:17:b2:09:61:ed:e1:
ff:b2:7a:04:0c:c6:24:07:63:5f:99:6c:30:1f:33:
f0:60:97:cd:ca:29:75:7c:a7:b9:d5:3d:c6:70:b5:
21:33:65:ea:a6:dd:c0:5c:27:54:f7:46:80:b2:0e:
22:57:25:a1:c0:62:5e:79:e0:f8:0c:85:41:60:45:
dc:6f:75:c5:2e:71:d3:99:2e:d6:3b:01:b3:5b:a6:
08:00:85:26:9e:62:20:67:a8:5e:f4:c4:ed:ba:29:
38:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:7D:DE:17:91:07:18:93:30:6D:33:89:FE:24:9F:43:DC:DF:83:BA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jX3eF5EHGJMwbTOJ_iSfQ9zfg7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:a9:9e:aa:b1:0f:a0:7e:1e:f7:19:2b:ef:91:78:d2:db:d0:
8f:73:de:d2:c8:e6:c1:ca:d0:bf:fe:6e:00:79:dd:eb:da:16:
12:16:16:d3:a7:94:f9:f5:3d:43:09:20:63:94:2e:39:54:2a:
62:d2:84:8d:ad:f6:7a:84:46:03:e3:77:ed:88:09:e8:9f:5b:
95:fe:f1:76:f6:bd:0c:b9:7f:a2:ac:ce:27:5c:92:72:34:76:
f1:28:73:72:7d:69:b9:80:6a:c6:e5:10:1d:ab:67:7f:7d:4a:
74:1e:cc:5d:32:b4:56:01:7d:5d:0f:43:dd:34:5f:5d:00:0e:
1d:18:ee:bc:f3:4d:63:4b:52:b2:30:dd:e5:23:a5:c7:c8:f2:
e0:2b:66:9e:6d:b3:c1:28:f8:82:77:82:fe:64:0b:9d:0c:d1:
9b:b4:1a:29:14:cd:c0:27:e9:f1:e3:e3:d5:a6:eb:c4:a2:23:
5e:4d:a8:26:58:5a:ca:5f:7f:c1:10:e9:60:0c:b0:a0:7b:61:
0b:c2:02:d0:cf:bf:5c:ea:24:02:a7:d0:c4:fa:1c:51:1e:0d:
f0:aa:84:62:01:b6:86:b4:4d:30:f7:3c:61:ae:ff:fe:07:fd:
de:ea:e2:a0:2d:a1:9f:b5:7e:73:ca:f5:e3:a5:8e:84:34:8b:
11:ef:dd:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ+MEQzD4XL0c+vKqfqv681MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIzMTIxMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDdkZGUxNzkxMDcxODkzMzA2ZDMzODlmZTI0OWY0M2RjZGY4M2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhhsr5CXpZGgfv0E1xG7pP/NkFkG
6VAMGb7z+g3VjdWtfKLrYwaGBj1M9KPJBjG1immV0yKAFPCigFs70ci48xfC1DnN
+VW5UVyvDICwGpJUf7tc2JHaf6qV3lmyqWoU524RkkZXrNkrp5+m+iKLyTBdoFlC
cYmrTHuj9hAgzZBS21BACWxmcphClYeyRt0v29Vm3hlp+i25pYpbpIMXsglh7eH/
snoEDMYkB2NfmWwwHzPwYJfNyil1fKe51T3GcLUhM2Xqpt3AXCdU90aAsg4iVyWh
wGJeeeD4DIVBYEXcb3XFLnHTmS7WOwGzW6YIAIUmnmIgZ6he9MTtuik4cQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI193heRBxiTMG0zif4kn0Pc34O6MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvalgzZUY1RUhHSk13YlRPSl9pU2ZROXpmZzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADepnqqxD6B+HvcZK++R
eNLb0I9z3tLI5sHK0L/+bgB53evaFhIWFtOnlPn1PUMJIGOULjlUKmLShI2t9nqE
RgPjd+2ICeifW5X+8Xb2vQy5f6KszidcknI0dvEoc3J9abmAasblEB2rZ399SnQe
zF0ytFYBfV0PQ900X10ADh0Y7rzzTWNLUrIw3eUjpcfI8uArZp5ts8Eo+IJ3gv5k
C50M0Zu0GikUzcAn6fHj49Wm68SiI15NqCZYWspff8EQ6WAMsKB7YQvCAtDPv1zq
JAKn0MT6HFEeDfCqhGIBtoa0TTD3PGGu//4H/d7q4qAtoZ+1fnPK9eOljoQ0ixHv
3eY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:18:59 2025 by rpki-client