Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nAlbYoZ5cNGW0ApxX7rovSRTuus.roa
File: nAlbYoZ5cNGW0ApxX7rovSRTuus.roa (raw, json)
Hash identifier: cS3lnQ/XIi5O+ZpmJhaODt1Hq3jTM3nK4PATmDXPgN8=
Subject key identifier: 9C:09:5B:62:86:79:70:D1:96:D0:0A:71:5F:BA:E8:BD:24:53:BA:EB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188CBDA0A231D0740A3005E6DF568D25AAA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nAlbYoZ5cNGW0ApxX7rovSRTuus.roa
Signing time: Sun 18 Jun 2023 00:14:04 +0000
ROA not before: Sun 18 Jun 2023 00:14:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:cb:da:0a:23:1d:07:40:a3:00:5e:6d:f5:68:d2:5a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 18 00:14:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c095b62867970d196d00a715fbae8bd2453baeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ca:1b:e6:3e:e6:51:f6:07:55:01:e7:71:a7:
85:28:a3:12:8e:48:a1:32:e8:af:0a:b6:4c:23:28:
89:61:4d:97:a8:bd:67:48:17:c9:6d:4e:94:8f:82:
4c:77:f0:ad:f0:9d:35:d3:92:1f:2e:a4:44:4d:d9:
b2:ff:38:b5:f7:a1:03:9c:75:00:4c:49:84:28:1c:
94:c4:7b:08:b0:c2:58:6b:69:16:77:e0:cd:0e:a8:
0a:95:e2:aa:5f:7e:f8:5d:98:6f:d7:57:21:89:65:
42:28:38:40:ae:4b:91:06:61:f4:73:1e:a5:2f:8e:
50:08:70:84:c9:ee:ad:9e:c5:e3:50:8d:5d:78:44:
5d:8e:9b:f7:cb:94:16:08:f2:7c:4a:24:1d:d7:ad:
b9:8a:07:7c:ac:5c:bf:94:bd:3d:a1:4b:1e:1e:33:
f7:f3:a7:2a:3a:91:68:4a:11:81:07:fc:21:59:01:
47:0f:bc:19:14:43:f5:ad:e9:8e:71:22:e8:bd:e9:
c6:c3:0e:ae:c2:3f:e6:fd:23:4c:6f:6f:a1:f3:2b:
5e:d1:f4:cd:c0:9d:b6:f9:5c:cf:52:c6:f1:d2:8b:
b8:25:40:c2:97:d2:69:11:50:cc:70:f5:ab:73:86:
05:5c:f2:51:a4:27:6f:61:ac:95:73:cb:23:aa:f9:
1e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:09:5B:62:86:79:70:D1:96:D0:0A:71:5F:BA:E8:BD:24:53:BA:EB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nAlbYoZ5cNGW0ApxX7rovSRTuus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:bd:d7:eb:c9:3a:ad:51:f9:c1:38:25:52:e6:2a:38:e0:c3:
04:b9:89:45:77:f2:b5:d4:91:b5:06:89:64:61:f6:ba:e8:6c:
ea:8e:1a:e4:5f:45:d2:80:4c:72:a2:f8:1c:47:b3:6e:14:01:
3a:7d:19:0a:21:c0:c2:d3:0b:34:a7:d3:26:b7:f5:d3:aa:74:
f4:43:3a:df:09:f7:72:ce:0f:b7:f7:2d:57:44:2d:06:0e:5d:
60:b0:84:43:93:5a:1f:48:cc:94:fb:2e:e6:42:f2:ec:92:af:
d3:d7:17:ea:9c:c0:01:01:9d:96:ef:52:24:40:d9:b0:21:0c:
f9:7f:31:e9:76:c9:67:e1:08:bb:c7:b5:33:74:2c:b5:7f:78:
c4:a9:44:47:98:fa:bc:6b:1e:1f:d7:2e:bf:26:b3:ff:49:b3:
f2:90:aa:da:3b:23:95:85:58:a7:cb:73:e8:ac:49:56:bd:cb:
38:3e:10:6f:98:53:e4:80:0c:16:ac:d0:a7:72:a0:cb:ce:85:
a7:3e:79:f9:c7:df:3f:d5:2f:8c:ad:eb:67:53:7e:9f:b4:09:
9d:56:ec:76:50:e2:a1:d6:14:df:aa:24:1f:b0:94:1d:29:3a:
30:3c:0e:26:20:cc:07:75:06:b9:37:19:e5:e9:f8:13:01:38:
c8:3d:cc:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYjL2gojHQdAowBebfVo0lqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjE4MDAxNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzA5NWI2Mjg2Nzk3MGQxOTZkMDBhNzE1ZmJhZThiZDI0NTNiYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsob5j7mUfYHVQHncaeFKKMSjkih
MuivCrZMIyiJYU2XqL1nSBfJbU6Uj4JMd/Ct8J0105IfLqRETdmy/zi196EDnHUA
TEmEKByUxHsIsMJYa2kWd+DNDqgKleKqX374XZhv11chiWVCKDhArkuRBmH0cx6l
L45QCHCEye6tnsXjUI1deERdjpv3y5QWCPJ8SiQd1625igd8rFy/lL09oUseHjP3
86cqOpFoShGBB/whWQFHD7wZFEP1remOcSLovenGww6uwj/m/SNMb2+h8yte0fTN
wJ22+VzPUsbx0ou4JUDCl9JpEVDMcPWrc4YFXPJRpCdvYayVc8sjqvkeuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJwJW2KGeXDRltAKcV+66L0kU7rrMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbkFsYllvWjVjTkdXMEFweFg3cm92U1JUdXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADS91+vJOq1R+cE4JVLm
KjjgwwS5iUV38rXUkbUGiWRh9rrobOqOGuRfRdKATHKi+BxHs24UATp9GQohwMLT
CzSn0ya39dOqdPRDOt8J93LOD7f3LVdELQYOXWCwhEOTWh9IzJT7LuZC8uySr9PX
F+qcwAEBnZbvUiRA2bAhDPl/Mel2yWfhCLvHtTN0LLV/eMSpREeY+rxrHh/XLr8m
s/9Js/KQqto7I5WFWKfLc+isSVa9yzg+EG+YU+SADBas0KdyoMvOhac+efnH3z/V
L4yt62dTfp+0CZ1W7HZQ4qHWFN+qJB+wlB0pOjA8DiYgzAd1Brk3GeXp+BMBOMg9
zHs=
-----END CERTIFICATE-----
Generated at Thu May 1 19:18:30 2025 by rpki-client