Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nDWhtDtlFcgrLjo-rroYyjWFlBQ.roa
File: nDWhtDtlFcgrLjo-rroYyjWFlBQ.roa (raw, json)
Hash identifier: IXxUsDszew9uaWES3lK4sLY8TFLE2P9NcShNctFB6NQ=
Subject key identifier: 9C:35:A1:B4:3B:65:15:C8:2B:2E:3A:3E:AE:BA:18:CA:35:85:94:14
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3561D8D96AC60D9331C045CCE1720AAA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nDWhtDtlFcgrLjo-rroYyjWFlBQ.roa
Signing time: Sun 27 Aug 2023 05:05:19 +0000
ROA not before: Sun 27 Aug 2023 05:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:3561:f3c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:35:61:d8:d9:6a:c6:0d:93:31:c0:45:cc:e1:72:0a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 27 05:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c35a1b43b6515c82b2e3a3eaeba18ca35859414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:23:4d:ea:0c:30:cc:59:d6:4e:46:b4:64:0c:
44:dc:16:12:fd:81:c7:90:9d:c1:8a:d3:30:b2:c5:
d9:9a:2d:a4:9e:6b:7e:bb:a5:41:9c:63:a0:29:c1:
3a:9f:1c:78:10:a4:71:13:b4:55:ab:d1:32:cb:d3:
92:68:a6:cf:bf:a3:38:a1:cb:44:61:d2:62:b0:07:
0d:8c:8b:e8:a9:28:c9:3d:e9:dd:26:2c:7e:49:67:
f6:82:39:34:1f:3f:1a:9e:9c:ce:27:9f:e4:d8:6e:
0e:3e:ca:8e:c5:d1:fd:42:12:4f:b7:30:6e:e2:9d:
95:e8:59:1f:5f:b3:e7:d4:07:67:1e:61:48:0b:e9:
8a:48:77:bc:6b:e2:2a:2e:e9:20:aa:b2:fc:40:06:
f6:b2:18:4a:af:47:cc:b0:35:16:be:99:8b:00:8c:
0c:7c:7a:5c:b3:6e:d1:e7:58:02:31:ed:46:fd:6a:
79:c3:53:5f:ad:d3:9d:80:0c:a1:81:95:96:ec:0f:
27:ed:8e:05:c0:03:6d:90:b1:73:cb:85:c0:ed:73:
48:f0:89:5f:b0:1d:33:d1:80:04:30:e0:5f:f3:50:
d4:b5:57:2c:29:5d:33:5b:ca:ba:74:cc:f8:01:65:
63:48:71:01:12:e2:0a:b7:64:bf:5f:39:1b:32:eb:
95:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:35:A1:B4:3B:65:15:C8:2B:2E:3A:3E:AE:BA:18:CA:35:85:94:14
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nDWhtDtlFcgrLjo-rroYyjWFlBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:e6:44:4b:d3:d5:77:2d:d8:74:aa:5b:b2:84:34:dd:c4:a6:
d5:c9:0f:3c:17:6c:39:55:c3:9a:08:bc:f0:87:81:a4:90:26:
d4:ec:a9:bd:4f:b8:ca:47:0a:97:a3:18:19:1a:79:1c:76:e6:
a9:a3:37:c0:8c:c1:35:e7:ce:c0:f8:c1:4e:95:43:d8:80:05:
89:5f:ba:c1:12:4a:41:fd:cc:cd:06:5d:96:20:99:78:97:bc:
75:cd:23:c2:d7:cb:31:d6:fc:33:65:ad:bd:ee:7f:5f:3c:db:
5e:21:e1:7f:d7:4f:dc:43:fa:54:89:73:3c:a1:a5:a9:6f:7d:
02:81:e3:73:ab:4e:e6:66:02:2f:34:e7:43:d6:b5:c7:fa:11:
bc:1a:21:50:36:59:6e:d5:ac:a3:ae:65:2e:13:07:71:0c:a2:
cd:97:fe:82:4c:07:ef:f7:c4:1f:01:20:fe:b9:63:49:5e:60:
77:bc:df:60:5b:0c:32:f0:b8:e9:86:ed:48:96:a2:1b:25:a8:
a9:f6:c6:74:49:05:e3:a8:96:92:14:f6:9b:f1:98:9e:8b:61:
b8:a0:1c:1e:24:c5:ce:d5:20:b6:5f:a7:00:50:27:37:84:86:
0a:8c:45:59:15:ed:df:47:e2:8c:16:cf:51:39:f0:d4:d8:c3:
6c:a8:17:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo1YdjZasYNkzHARczhcgqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI3MDUwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzM1YTFiNDNiNjUxNWM4MmIyZTNhM2VhZWJhMThjYTM1ODU5NDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyNN6gwwzFnWTka0ZAxE3BYS/YHH
kJ3BitMwssXZmi2knmt+u6VBnGOgKcE6nxx4EKRxE7RVq9Eyy9OSaKbPv6M4octE
YdJisAcNjIvoqSjJPendJix+SWf2gjk0Hz8anpzOJ5/k2G4OPsqOxdH9QhJPtzBu
4p2V6FkfX7Pn1AdnHmFIC+mKSHe8a+IqLukgqrL8QAb2shhKr0fMsDUWvpmLAIwM
fHpcs27R51gCMe1G/Wp5w1NfrdOdgAyhgZWW7A8n7Y4FwANtkLFzy4XA7XNI8Ilf
sB0z0YAEMOBf81DUtVcsKV0zW8q6dMz4AWVjSHEBEuIKt2S/XzkbMuuVfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJw1obQ7ZRXIKy46Pq66GMo1hZQUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbkRXaHREdGxGY2dyTGpvLXJyb1l5aldGbEJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE7mREvT1Xct2HSqW7KE
NN3EptXJDzwXbDlVw5oIvPCHgaSQJtTsqb1PuMpHCpejGBkaeRx25qmjN8CMwTXn
zsD4wU6VQ9iABYlfusESSkH9zM0GXZYgmXiXvHXNI8LXyzHW/DNlrb3uf188214h
4X/XT9xD+lSJczyhpalvfQKB43OrTuZmAi8050PWtcf6EbwaIVA2WW7VrKOuZS4T
B3EMos2X/oJMB+/3xB8BIP65Y0leYHe832BbDDLwuOmG7UiWohslqKn2xnRJBeOo
lpIU9pvxmJ6LYbigHB4kxc7VILZfpwBQJzeEhgqMRVkV7d9H4owWz1E58NTYw2yo
F3E=
-----END CERTIFICATE-----
Generated at Thu May 1 10:27:18 2025 by rpki-client