Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nCds4CWRq_EZ2IJM0dqtOMAhsz8.roa
File: nCds4CWRq_EZ2IJM0dqtOMAhsz8.roa (raw, json)
Hash identifier: k0xE9K/DjrswKw4UM53Kh0WaI+uo4kS6lwiJre7/dmY=
Subject key identifier: 9C:27:6C:E0:25:91:AB:F1:19:D8:82:4C:D1:DA:AD:38:C0:21:B3:3F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189529AECCD65216B4D231C271906ABA912
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nCds4CWRq_EZ2IJM0dqtOMAhsz8.roa
Signing time: Fri 14 Jul 2023 04:13:52 +0000
ROA not before: Fri 14 Jul 2023 04:13:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:52:9a:ec:cd:65:21:6b:4d:23:1c:27:19:06:ab:a9:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 14 04:13:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c276ce02591abf119d8824cd1daad38c021b33f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a5:41:9e:ec:97:71:98:67:6c:62:02:fa:70:
f9:f4:85:42:30:a4:ad:ed:1f:81:1e:25:5f:80:3b:
6d:bd:a7:b3:d6:6d:d3:ce:91:a2:33:89:f4:e1:42:
7f:5d:4b:84:b1:ef:2f:60:0b:f3:47:34:93:36:69:
62:90:ac:73:be:18:b0:cc:a5:e3:0e:e5:cd:63:a1:
e9:4e:d8:25:b6:92:4f:c5:47:59:fa:51:11:b4:c4:
16:2e:62:9c:33:c5:21:a2:b3:6f:f4:68:52:22:18:
1a:ad:14:cd:07:9f:4f:7e:c2:c9:00:97:1f:b8:4b:
16:b7:aa:22:dd:80:c4:9d:86:8e:53:fd:a5:a2:fb:
70:c2:21:79:4f:ee:fc:86:0c:d1:a0:ae:31:5d:be:
76:cd:5f:d1:23:4d:b0:c1:e2:74:2e:b5:42:b2:9d:
48:14:f0:9d:94:9e:48:65:36:2c:c8:79:af:e9:d0:
6f:aa:a6:25:d1:76:28:fc:18:e2:e5:6c:d1:c3:30:
44:cb:71:eb:e2:4c:80:eb:e7:c5:00:6f:a3:81:f4:
1b:07:e6:4a:7d:35:63:51:85:29:9f:44:0b:ef:34:
ca:32:24:07:76:a4:23:41:09:bf:a3:ed:5c:c3:db:
9c:2c:7c:19:02:eb:08:85:50:cf:ce:10:f9:4f:72:
5c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:27:6C:E0:25:91:AB:F1:19:D8:82:4C:D1:DA:AD:38:C0:21:B3:3F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nCds4CWRq_EZ2IJM0dqtOMAhsz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:85:4b:53:04:be:83:08:06:ef:ea:ee:2f:60:4c:16:d7:26:
6a:62:af:27:03:3a:3c:b0:45:9e:90:4f:76:14:8e:01:17:fe:
5f:e6:93:c3:e8:22:2c:f9:28:aa:eb:ad:d6:41:f5:db:4e:14:
6c:d9:89:67:a0:13:61:8a:7d:c3:fb:22:a5:96:d0:2a:78:ed:
44:06:8b:8c:97:74:33:6c:02:1c:5f:de:20:cd:10:25:db:fb:
33:a6:98:c1:ba:f7:03:78:c1:74:06:c6:d4:8f:88:70:e2:15:
eb:29:85:5d:81:e7:72:27:a6:4a:98:e1:4a:2c:6e:29:6a:3a:
1d:ec:49:a3:c6:d9:c4:44:e9:f5:fe:4a:ef:17:5c:02:cd:f9:
9b:54:73:ab:5d:f3:d5:c5:57:c9:b4:f3:7c:af:71:84:cc:ec:
d5:e0:39:7a:c9:f6:93:17:ea:7a:a1:cb:fd:37:b6:a7:29:06:
85:8d:81:c5:dd:c8:d4:04:89:79:4d:1d:d7:99:c1:48:66:8e:
71:3d:88:14:1b:ff:68:cc:f0:fb:67:0f:95:53:e0:45:d4:92:
16:45:bd:6b:21:71:7b:46:b1:00:1b:b7:4f:aa:e4:43:19:9f:
9f:aa:89:e8:9e:59:fc:ec:91:70:68:aa:fe:b7:f4:d5:6c:26:
d3:a4:4f:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlSmuzNZSFrTSMcJxkGq6kSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzE0MDQxMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzI3NmNlMDI1OTFhYmYxMTlkODgyNGNkMWRhYWQzOGMwMjFiMzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKVBnuyXcZhnbGIC+nD59IVCMKSt
7R+BHiVfgDttvaez1m3TzpGiM4n04UJ/XUuEse8vYAvzRzSTNmlikKxzvhiwzKXj
DuXNY6HpTtgltpJPxUdZ+lERtMQWLmKcM8UhorNv9GhSIhgarRTNB59PfsLJAJcf
uEsWt6oi3YDEnYaOU/2lovtwwiF5T+78hgzRoK4xXb52zV/RI02wweJ0LrVCsp1I
FPCdlJ5IZTYsyHmv6dBvqqYl0XYo/Bji5WzRwzBEy3Hr4kyA6+fFAG+jgfQbB+ZK
fTVjUYUpn0QL7zTKMiQHdqQjQQm/o+1cw9ucLHwZAusIhVDPzhD5T3Jc2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJwnbOAlkavxGdiCTNHarTjAIbM/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbkNkczRDV1JxX0VaMklKTTBkcXRPTUFoc3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGuFS1MEvoMIBu/q7i9g
TBbXJmpirycDOjywRZ6QT3YUjgEX/l/mk8PoIiz5KKrrrdZB9dtOFGzZiWegE2GK
fcP7IqWW0Cp47UQGi4yXdDNsAhxf3iDNECXb+zOmmMG69wN4wXQGxtSPiHDiFesp
hV2B53InpkqY4UosbilqOh3sSaPG2cRE6fX+Su8XXALN+ZtUc6td89XFV8m083yv
cYTM7NXgOXrJ9pMX6nqhy/03tqcpBoWNgcXdyNQEiXlNHdeZwUhmjnE9iBQb/2jM
8PtnD5VT4EXUkhZFvWshcXtGsQAbt0+q5EMZn5+qieieWfzskXBoqv639NVsJtOk
T4g=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:59:45 2025 by rpki-client