Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jzN7ey78-o84ipkoaX_7zjUfCWw.roa
File: jzN7ey78-o84ipkoaX_7zjUfCWw.roa (raw, json)
Hash identifier: C1H8MzxmswFnCHMPm9qqPL54nvaFJ4d85KszuG55ZQE=
Subject key identifier: 8F:33:7B:7B:2E:FC:FA:8F:38:8A:99:28:69:7F:FB:CE:35:1F:09:6C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 88E60A81
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jzN7ey78-o84ipkoaX_7zjUfCWw.roa
Signing time: Wed 01 Jun 2022 04:11:13 +0000
ROA not before: Wed 01 Jun 2022 04:11:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
2001:67c:64:ffff:0:180:ff9c:1e7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2296777345 (0x88e60a81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 1 04:11:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f337b7b2efcfa8f388a9928697ffbce351f096c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ba:84:ae:2e:e4:99:ee:75:d5:40:df:60:c4:
c6:f1:5f:1b:ce:f1:86:2d:84:10:18:24:68:72:c9:
83:04:07:07:75:1f:40:f1:09:09:10:8a:ec:fc:9a:
b9:14:32:88:3a:7d:04:24:35:83:4a:cc:40:57:90:
77:97:f1:af:a6:f3:3b:cd:55:15:1a:d8:2f:60:ab:
f8:d5:40:f7:fb:b4:27:a4:f3:98:f0:be:1a:9e:ad:
43:a7:b8:d1:7e:27:cb:e0:50:eb:ec:ab:0d:7f:68:
d4:70:d1:c0:bc:24:24:06:11:4e:b3:d3:5f:d4:8f:
c1:ee:5d:43:09:e8:5e:ce:f9:9e:2e:23:ee:b0:5d:
b6:8b:1d:15:ab:62:d4:1b:f7:d9:71:c0:4a:ff:6a:
2e:f0:fd:ca:5b:77:4e:5a:f2:7a:7c:b3:fb:4d:11:
39:0c:48:34:c7:12:ce:00:f7:08:2e:b7:c8:fd:cd:
78:53:89:30:64:90:6c:bb:8b:f3:21:2c:fd:73:31:
b3:cb:08:f3:ee:9b:87:2a:87:c9:11:4b:7e:26:0b:
18:e4:31:d1:c3:62:b2:92:9d:7d:8d:fd:ee:7e:6c:
51:cd:f6:79:cf:1c:c8:72:a6:01:4d:8d:6b:88:a0:
9a:d0:0c:f2:81:6f:26:27:a6:6e:c0:ed:d1:e1:5e:
fd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:33:7B:7B:2E:FC:FA:8F:38:8A:99:28:69:7F:FB:CE:35:1F:09:6C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jzN7ey78-o84ipkoaX_7zjUfCWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:b2:31:d4:71:4a:77:ff:41:ce:c8:7e:c0:d5:e0:05:49:4f:
a6:02:62:71:d4:38:b1:d2:b8:65:c8:60:65:85:cc:a8:1a:25:
4c:4c:fb:69:8e:b9:e5:16:77:56:df:d9:f8:f7:ef:2e:bb:f4:
8e:ca:17:3f:1f:30:8c:7b:cd:f8:80:11:f1:b7:6b:b0:46:ea:
7c:90:a8:8c:6e:87:c0:a2:7a:31:5b:2c:31:d4:e4:74:30:0f:
e8:1d:c5:55:7d:16:0f:15:bc:34:bf:b2:39:48:d5:f0:ae:cb:
0d:30:79:94:b4:a4:9d:f8:8b:a2:05:e8:cd:e4:55:20:69:2a:
b4:44:eb:bb:b6:c1:3b:d0:06:d3:cd:1a:ab:f0:ea:0c:52:1a:
26:0a:39:27:4f:63:17:59:da:76:80:a6:3b:7e:75:4b:01:62:
05:b9:26:58:ad:8b:32:0e:bf:6e:57:17:17:9d:97:62:94:d4:
3c:79:16:59:af:1c:ee:1f:a8:79:7c:3b:43:2a:79:f3:3f:bf:
c8:e4:76:af:35:bc:79:40:3c:09:e2:b5:cb:59:6f:64:d4:a1:
c5:32:09:54:4a:10:c7:cd:36:1d:31:46:99:df:9b:8e:f5:2c:
33:39:7a:d9:86:2c:d4:c8:a5:77:05:ec:36:6c:33:b5:73:b7:
98:32:fd:33
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIjmCoEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MDEwNDExMTNaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDhmMzM3YjdiMmVm
Y2ZhOGYzODhhOTkyODY5N2ZmYmNlMzUxZjA5NmMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzuoSuLuSZ7nXVQN9gxMbxXxvO8YYthBAYJGhyyYMEBwd1
H0DxCQkQiuz8mrkUMog6fQQkNYNKzEBXkHeX8a+m8zvNVRUa2C9gq/jVQPf7tCek
85jwvhqerUOnuNF+J8vgUOvsqw1/aNRw0cC8JCQGEU6z01/Uj8HuXUMJ6F7O+Z4u
I+6wXbaLHRWrYtQb99lxwEr/ai7w/cpbd05a8np8s/tNETkMSDTHEs4A9wgut8j9
zXhTiTBkkGy7i/MhLP1zMbPLCPPum4cqh8kRS34mCxjkMdHDYrKSnX2N/e5+bFHN
9nnPHMhypgFNjWuIoJrQDPKBbyYnpm7A7dHhXv0TAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUjzN7ey78+o84ipkoaX/7zjUfCWwwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9qek43ZXk3OC1vODRpcGtvYVhfN3pqVWZDV3cucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEANLIx1HFKd/9Bzsh+wNXgBUlPpgJicdQ4sdK4
ZchgZYXMqBolTEz7aY655RZ3Vt/Z+PfvLrv0jsoXPx8wjHvN+IAR8bdrsEbqfJCo
jG6HwKJ6MVssMdTkdDAP6B3FVX0WDxW8NL+yOUjV8K7LDTB5lLSknfiLogXozeRV
IGkqtETru7bBO9AG080aq/DqDFIaJgo5J09jF1nadoCmO351SwFiBbkmWK2LMg6/
blcXF52XYpTUPHkWWa8c7h+oeXw7Qyp58z+/yOR2rzW8eUA8CeK1y1lvZNShxTIJ
VEoQx802HTFGmd+bjvUsMzl62YYs1MildwXsNmwztXO3mDL9Mw==
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:29:34 2025 by rpki-client