Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kGqdxA1VkVTr0E_A9uCjbvIEusU.roa
File: kGqdxA1VkVTr0E_A9uCjbvIEusU.roa (raw, json)
Hash identifier: 06ycshceLWRst8MYMgYKDFtZd0g6n/PD3YwEdLUSLCA=
Subject key identifier: 90:6A:9D:C4:0D:55:91:54:EB:D0:4F:C0:F6:E0:A3:6E:F2:04:BA:C5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01876E8154A662BC4726FDFFF6D788625F03
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kGqdxA1VkVTr0E_A9uCjbvIEusU.roa
Signing time: Tue 11 Apr 2023 04:09:42 +0000
ROA not before: Tue 11 Apr 2023 04:09:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6e:81:54:a6:62:bc:47:26:fd:ff:f6:d7:88:62:5f:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 11 04:09:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=906a9dc40d559154ebd04fc0f6e0a36ef204bac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:44:ab:36:e4:51:e7:15:8a:4b:b2:8a:a0:10:
2f:ab:7f:f6:c4:75:ed:86:4c:ce:9a:c4:13:cc:39:
81:35:60:1d:92:d9:d2:1e:b8:c8:34:ce:bc:5c:a8:
93:d4:fa:5a:a1:aa:ee:0f:df:0d:aa:00:e4:d3:09:
8c:61:9a:8c:d2:82:ae:9e:c2:cf:60:60:c5:dc:29:
0a:e7:24:ad:7e:92:aa:78:a0:45:dc:6a:f3:61:1d:
4c:03:45:a3:20:b7:28:dd:4c:ff:5c:44:0b:6e:d6:
4c:21:76:8e:b8:1f:e6:01:08:ca:2a:83:83:9c:dd:
8d:b1:75:43:a5:79:e7:34:67:6c:7b:f7:9a:eb:47:
3d:5a:0d:9c:9f:bf:fb:70:5e:d0:d0:eb:10:3d:89:
b8:20:63:cc:1b:c0:5f:92:e0:1d:9e:12:83:15:73:
40:60:37:4f:8f:9d:f4:47:60:c4:f0:76:61:54:8e:
d1:9b:88:e1:02:d4:30:3a:85:18:49:ee:31:54:95:
62:8c:36:6b:02:0a:96:7e:cd:6d:64:ba:b5:e2:52:
0a:1d:9f:4e:c2:81:11:23:e9:97:e1:7f:52:3e:3d:
d0:d6:3a:b6:35:c1:dd:29:5a:1c:9a:4d:10:33:6a:
94:db:58:bb:da:c6:dc:cd:62:14:19:f3:5c:e2:0b:
58:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:6A:9D:C4:0D:55:91:54:EB:D0:4F:C0:F6:E0:A3:6E:F2:04:BA:C5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kGqdxA1VkVTr0E_A9uCjbvIEusU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1b:84:bf:26:01:16:e9:ec:12:1f:50:a9:53:c9:01:a2:ae:db:
81:0d:42:f9:73:2d:4c:80:86:01:2b:8f:b1:0f:22:7d:c8:5f:
13:64:1e:ee:c4:1b:9c:f9:f6:be:cc:49:31:b2:ff:e3:f1:14:
ba:ef:ae:15:51:3e:83:41:07:c1:3b:9b:17:d5:0b:51:9c:48:
c9:d8:e6:a1:ae:e7:b8:35:16:f7:ee:43:66:86:a6:a2:b5:82:
70:59:11:4f:f8:f7:5a:8b:e1:5d:27:e1:90:61:ad:f6:70:e1:
2c:f3:79:d1:fe:67:0e:61:87:93:aa:8e:27:ab:3e:4b:d3:f9:
27:ce:8c:da:7a:b8:6f:b5:f6:0e:3b:8f:f0:dd:d9:06:f4:59:
30:e2:5e:8f:e9:c5:c6:9b:fe:52:55:7c:d0:0a:92:7b:e3:94:
86:d3:3d:d1:5d:e4:d1:0c:ba:28:9e:36:71:9e:01:0c:76:31:
68:cf:1d:c1:fa:26:cd:56:1b:09:3f:94:99:f9:26:fb:c9:b5:
b6:bc:8b:d7:3f:56:da:ab:13:98:a6:94:60:dc:93:d7:f4:f9:
f6:24:af:b3:7d:fa:91:39:e7:52:f2:f7:d2:56:2a:41:8b:80:
14:ba:9b:a7:5d:3a:60:6c:42:cd:31:5e:bb:ca:6d:ef:ed:34:
ef:97:80:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdugVSmYrxHJv3/9teIYl8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDExMDQwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDZhOWRjNDBkNTU5MTU0ZWJkMDRmYzBmNmUwYTM2ZWYyMDRiYWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkSrNuRR5xWKS7KKoBAvq3/2xHXt
hkzOmsQTzDmBNWAdktnSHrjINM68XKiT1PpaoaruD98NqgDk0wmMYZqM0oKunsLP
YGDF3CkK5yStfpKqeKBF3GrzYR1MA0WjILco3Uz/XEQLbtZMIXaOuB/mAQjKKoOD
nN2NsXVDpXnnNGdse/ea60c9Wg2cn7/7cF7Q0OsQPYm4IGPMG8BfkuAdnhKDFXNA
YDdPj530R2DE8HZhVI7Rm4jhAtQwOoUYSe4xVJVijDZrAgqWfs1tZLq14lIKHZ9O
woERI+mX4X9SPj3Q1jq2NcHdKVocmk0QM2qU21i72sbczWIUGfNc4gtYHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJBqncQNVZFU69BPwPbgo27yBLrFMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEva0dxZHhBMVZrVlRyMEVfQTl1Q2pidklFdXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABuEvyYBFunsEh9QqVPJ
AaKu24ENQvlzLUyAhgErj7EPIn3IXxNkHu7EG5z59r7MSTGy/+PxFLrvrhVRPoNB
B8E7mxfVC1GcSMnY5qGu57g1FvfuQ2aGpqK1gnBZEU/491qL4V0n4ZBhrfZw4Szz
edH+Zw5hh5OqjierPkvT+SfOjNp6uG+19g47j/Dd2Qb0WTDiXo/pxcab/lJVfNAK
knvjlIbTPdFd5NEMuiieNnGeAQx2MWjPHcH6Js1WGwk/lJn5JvvJtba8i9c/Vtqr
E5imlGDck9f0+fYkr7N9+pE551Ly99JWKkGLgBS6m6ddOmBsQs0xXrvKbe/tNO+X
gOc=
-----END CERTIFICATE-----
Generated at Sat May 3 21:42:49 2025 by rpki-client