Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/n2LIHdnGl855wSf36UDRDbx-inY.roa
File: n2LIHdnGl855wSf36UDRDbx-inY.roa (raw, json)
Hash identifier: GRRu3UJKXfWn4sx6CgaV1B44rTCYXCk9jum52mI8Kxc=
Subject key identifier: 9F:62:C8:1D:D9:C6:97:CE:79:C1:27:F7:E9:40:D1:0D:BC:7E:8A:76
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187DA717D1BE9EF8997CC984AB6073BE180
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/n2LIHdnGl855wSf36UDRDbx-inY.roa
Signing time: Tue 02 May 2023 03:11:23 +0000
ROA not before: Tue 02 May 2023 03:11:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:da:71:7d:1b:e9:ef:89:97:cc:98:4a:b6:07:3b:e1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 2 03:11:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f62c81dd9c697ce79c127f7e940d10dbc7e8a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:42:45:23:12:59:12:31:4e:02:fc:b4:0c:9c:
fe:f8:6b:d4:f5:46:8e:58:e8:6e:5e:a0:ee:b6:15:
d8:32:bd:cd:7b:1e:d7:e6:af:75:44:91:63:95:e8:
61:e0:80:13:a8:dd:af:6c:9e:ef:9d:fc:c9:aa:73:
12:be:b3:6f:89:93:25:70:f8:c1:fd:5a:8a:c4:e5:
97:32:ad:51:34:f2:00:d1:e2:d1:69:c7:fe:7e:3f:
f4:96:91:14:19:9e:d6:e9:3c:c0:4f:4e:3f:ba:6a:
a8:76:2c:bb:99:77:04:85:44:2a:da:79:90:6b:4a:
21:6f:91:37:9e:88:1e:d1:5c:88:26:fb:3e:82:42:
2b:5d:d2:58:a1:79:d3:9d:32:2a:76:60:c4:98:08:
8c:28:e6:20:80:f7:03:43:4c:c9:0b:61:9b:ef:d8:
57:18:be:40:92:0e:9a:a7:97:09:b5:97:64:e6:86:
a2:b0:2a:09:8f:8b:81:e3:7f:8e:10:b9:6f:a7:25:
9b:ca:3c:d9:db:54:8e:8e:05:6b:fc:9d:ef:d2:f4:
90:c3:a7:d2:53:60:b8:48:d5:28:d3:ff:18:a4:97:
97:fe:8f:86:73:fa:aa:ba:5a:50:1c:77:51:cd:58:
d0:f7:a9:68:40:de:24:96:c4:a7:5b:bb:a0:1f:6b:
f7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:62:C8:1D:D9:C6:97:CE:79:C1:27:F7:E9:40:D1:0D:BC:7E:8A:76
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/n2LIHdnGl855wSf36UDRDbx-inY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:7f:7d:6c:7d:8f:a5:52:81:e7:a7:c8:ef:76:66:27:33:49:
0b:c2:e9:e6:4e:61:3e:5c:9b:f9:53:23:40:1d:39:ec:99:44:
f9:f1:79:63:d4:4e:88:37:4d:6e:64:15:7e:c6:4f:f3:86:b4:
92:90:57:7c:34:50:ae:2b:68:04:65:b4:90:4d:c8:05:36:76:
d7:45:3b:ff:50:59:f6:aa:64:56:77:f0:a0:d0:c3:0b:37:bc:
c5:c8:07:66:86:fa:31:f8:aa:59:26:95:0b:e2:8b:f5:6b:91:
e2:20:c4:2d:5e:92:bf:04:e7:22:55:af:c0:8c:77:6e:ac:f0:
47:e6:6e:b0:66:ee:e0:b2:db:45:a5:d9:96:62:ff:ec:6f:c6:
74:4f:ae:a7:6a:29:d7:49:e9:d4:72:ac:e1:eb:d0:1d:d1:bd:
d1:67:88:70:dd:85:00:7b:d2:a4:30:8b:38:57:95:d6:41:64:
42:a7:1b:a0:80:f9:9e:1c:5b:0c:c8:94:e3:57:85:9e:a1:61:
e9:3c:92:20:61:e1:a5:c2:19:a2:ea:e1:fb:2f:eb:6c:95:ec:
33:97:ce:39:10:f6:43:f6:ac:88:5f:a4:fe:f6:96:e4:97:3c:
13:7f:89:2b:a1:03:c3:3c:0b:ae:54:f5:90:d3:0a:d5:5c:e5:
a1:ac:7c:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfacX0b6e+Jl8yYSrYHO+GAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTAyMDMxMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjYyYzgxZGQ5YzY5N2NlNzljMTI3ZjdlOTQwZDEwZGJjN2U4YTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkJFIxJZEjFOAvy0DJz++GvU9UaO
WOhuXqDuthXYMr3Nex7X5q91RJFjlehh4IATqN2vbJ7vnfzJqnMSvrNviZMlcPjB
/VqKxOWXMq1RNPIA0eLRacf+fj/0lpEUGZ7W6TzAT04/umqodiy7mXcEhUQq2nmQ
a0ohb5E3noge0VyIJvs+gkIrXdJYoXnTnTIqdmDEmAiMKOYggPcDQ0zJC2Gb79hX
GL5Akg6ap5cJtZdk5oaisCoJj4uB43+OELlvpyWbyjzZ21SOjgVr/J3v0vSQw6fS
U2C4SNUo0/8YpJeX/o+Gc/qqulpQHHdRzVjQ96loQN4klsSnW7ugH2v3iQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ9iyB3ZxpfOecEn9+lA0Q28fop2MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbjJMSUhkbkdsODU1d1NmMzZVRFJEYngtaW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKF/fWx9j6VSgeenyO92
ZiczSQvC6eZOYT5cm/lTI0AdOeyZRPnxeWPUTog3TW5kFX7GT/OGtJKQV3w0UK4r
aARltJBNyAU2dtdFO/9QWfaqZFZ38KDQwws3vMXIB2aG+jH4qlkmlQvii/VrkeIg
xC1ekr8E5yJVr8CMd26s8EfmbrBm7uCy20Wl2ZZi/+xvxnRPrqdqKddJ6dRyrOHr
0B3RvdFniHDdhQB70qQwizhXldZBZEKnG6CA+Z4cWwzIlONXhZ6hYek8kiBh4aXC
GaLq4fsv62yV7DOXzjkQ9kP2rIhfpP72luSXPBN/iSuhA8M8C65U9ZDTCtVc5aGs
fAk=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:57:17 2025 by rpki-client