Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lN8Bj1YvQaKmTIgVanUYxa-BukM.roa
File: lN8Bj1YvQaKmTIgVanUYxa-BukM.roa (raw, json)
Hash identifier: WtAVUukkcipI5BjemIcWqv79HtL+V2qUU15or22d9cI=
Subject key identifier: 94:DF:01:8F:56:2F:41:A2:A6:4C:88:15:6A:75:18:C5:AF:81:BA:43
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188601E16FAC3EBCBA1D38C632157B0CD06
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lN8Bj1YvQaKmTIgVanUYxa-BukM.roa
Signing time: Sun 28 May 2023 02:09:24 +0000
ROA not before: Sun 28 May 2023 02:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:60:1e:16:fa:c3:eb:cb:a1:d3:8c:63:21:57:b0:cd:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 28 02:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94df018f562f41a2a64c88156a7518c5af81ba43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fd:4f:dd:c5:50:18:ec:46:27:3f:20:69:c4:
3b:f6:e1:86:f0:4f:9d:9b:ea:fa:89:89:6d:83:1c:
d5:7a:90:61:b9:a4:59:db:a2:c8:66:34:ae:9b:8d:
83:4c:5d:58:78:36:44:db:6b:9d:72:8f:87:45:f4:
f9:14:18:dc:59:87:2c:df:0c:74:02:65:64:99:2a:
c2:18:7a:b7:83:94:5f:be:07:9e:05:62:62:c3:41:
06:ce:86:27:2a:16:1e:61:01:5a:e2:86:28:87:b5:
2b:82:ee:74:da:87:c0:88:92:53:cd:de:90:db:c7:
5c:8f:87:d7:46:bb:15:6b:ce:1e:78:2a:8a:ff:c3:
e5:34:43:bf:7e:72:87:a8:5c:34:15:30:f0:c2:c6:
40:08:aa:40:b9:b4:95:e8:65:5d:97:1b:0b:2a:c6:
ac:66:65:f4:5f:3f:1e:c6:75:e1:c2:88:95:88:b4:
5b:5f:a8:e0:08:2c:46:e2:89:9c:6c:8b:e2:0f:8f:
cc:85:ea:6b:7d:a8:2e:2e:44:12:8c:06:79:7d:63:
ee:80:67:85:ca:dd:1d:5a:0d:a4:56:b2:9a:3c:a5:
bf:70:aa:ba:b4:a3:56:8b:2a:94:27:6b:46:5f:f8:
6d:a8:f9:4f:12:13:7d:9d:20:7d:b5:13:0d:96:b1:
58:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:DF:01:8F:56:2F:41:A2:A6:4C:88:15:6A:75:18:C5:AF:81:BA:43
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lN8Bj1YvQaKmTIgVanUYxa-BukM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ad:28:64:24:75:d7:fa:b8:1b:f2:98:7a:4a:fd:39:7c:e4:34:
f7:7c:4c:0a:da:83:5e:65:3c:59:b2:04:94:ab:04:ec:b2:8d:
d6:3b:55:e4:96:ad:ca:90:e1:0a:96:bc:8d:e4:5b:c4:44:e3:
67:e4:14:1c:49:8c:08:23:47:4e:92:bf:17:b9:e1:39:39:c8:
d4:b1:60:22:91:fc:5f:11:d0:81:cd:c5:f0:39:2f:ef:f9:52:
5b:9b:85:3f:b9:e5:e8:ca:8f:c1:b1:39:95:c3:ea:85:f7:a6:
46:45:39:50:5c:a1:ad:a9:5b:52:36:42:28:29:3e:67:2f:fd:
89:64:76:ce:3e:0c:0f:13:f3:58:42:74:c6:df:1e:f6:a3:22:
9f:16:68:96:d6:e2:4d:26:7e:83:dc:c1:8d:06:f4:76:e2:5f:
ce:01:e4:af:2d:b4:c2:31:62:7b:c6:04:08:85:f2:0e:ec:be:
a0:db:90:f6:69:87:a8:1b:4f:b5:bf:ea:2d:97:c2:b7:75:4d:
7a:d7:ec:80:a5:c9:0d:17:e4:36:ef:ae:61:64:ab:b8:83:95:
ed:c4:0e:51:88:de:45:c0:78:82:3e:f2:eb:79:ca:dd:22:b5:
e4:59:61:fa:3b:48:ee:71:c7:b5:47:54:99:85:9b:8d:6d:07:
53:ff:b6:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhgHhb6w+vLodOMYyFXsM0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTI4MDIwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGRmMDE4ZjU2MmY0MWEyYTY0Yzg4MTU2YTc1MThjNWFmODFiYTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/1P3cVQGOxGJz8gacQ79uGG8E+d
m+r6iYltgxzVepBhuaRZ26LIZjSum42DTF1YeDZE22udco+HRfT5FBjcWYcs3wx0
AmVkmSrCGHq3g5RfvgeeBWJiw0EGzoYnKhYeYQFa4oYoh7Urgu502ofAiJJTzd6Q
28dcj4fXRrsVa84eeCqK/8PlNEO/fnKHqFw0FTDwwsZACKpAubSV6GVdlxsLKsas
ZmX0Xz8exnXhwoiViLRbX6jgCCxG4omcbIviD4/MheprfaguLkQSjAZ5fWPugGeF
yt0dWg2kVrKaPKW/cKq6tKNWiyqUJ2tGX/htqPlPEhN9nSB9tRMNlrFY4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJTfAY9WL0GipkyIFWp1GMWvgbpDMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbE44QmoxWXZRYUttVElnVmFuVVl4YS1CdWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK0oZCR11/q4G/KYekr9
OXzkNPd8TArag15lPFmyBJSrBOyyjdY7VeSWrcqQ4QqWvI3kW8RE42fkFBxJjAgj
R06Svxe54Tk5yNSxYCKR/F8R0IHNxfA5L+/5UlubhT+55ejKj8GxOZXD6oX3pkZF
OVBcoa2pW1I2QigpPmcv/Ylkds4+DA8T81hCdMbfHvajIp8WaJbW4k0mfoPcwY0G
9HbiX84B5K8ttMIxYnvGBAiF8g7svqDbkPZph6gbT7W/6i2Xwrd1TXrX7IClyQ0X
5DbvrmFkq7iDle3EDlGI3kXAeII+8ut5yt0iteRZYfo7SO5xx7VHVJmFm41tB1P/
tnM=
-----END CERTIFICATE-----
Generated at Sat May 3 23:56:43 2025 by rpki-client