Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nSQB5qpVdH5n4g5gEihkEYH95GA.roa
File: nSQB5qpVdH5n4g5gEihkEYH95GA.roa (raw, json)
Hash identifier: SUUAicFQ9VzZKEUgGVmzwmP1kxSJNGgAKBB/NBB5qe0=
Subject key identifier: 9D:24:01:E6:AA:55:74:7E:67:E2:0E:60:12:28:64:11:81:FD:E4:60
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189C1C285E18A19460EB89FEA813C7A7DCE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nSQB5qpVdH5n4g5gEihkEYH95GA.roa
Signing time: Fri 04 Aug 2023 18:14:58 +0000
ROA not before: Fri 04 Aug 2023 18:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c1:c2:85:e1:8a:19:46:0e:b8:9f:ea:81:3c:7a:7d:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 4 18:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d2401e6aa55747e67e20e601228641181fde460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ba:f9:ec:51:2b:61:f3:76:76:6b:2c:30:0a:
0d:c9:99:ca:cf:ec:56:42:24:85:1e:68:20:39:f0:
2d:8c:b5:64:7d:11:29:25:f3:e9:ce:67:df:ff:39:
fa:06:90:f6:aa:90:26:fe:f3:06:57:c2:87:52:0d:
75:11:77:7e:04:97:66:78:cb:28:60:b9:53:f5:c3:
be:de:70:19:ec:28:27:53:2f:6a:94:87:86:48:f2:
46:4b:32:81:3a:42:be:bf:0d:b9:82:4e:c5:9c:19:
8b:ce:e6:81:77:0f:e5:ee:98:28:5a:ba:a3:d5:8c:
97:b7:f6:1d:4b:93:73:ac:f5:92:10:16:72:dd:d0:
47:a3:f6:d7:f4:6b:c7:05:e3:6c:a7:7e:9e:a0:33:
87:03:14:d6:03:d7:a8:7c:a0:f7:b6:99:49:09:08:
ac:b7:18:75:d6:ad:ab:d0:2e:ab:24:e8:e9:95:0b:
db:dc:71:46:05:d6:1f:71:39:9a:21:9f:39:f0:48:
0d:f3:ee:b9:25:7a:7f:49:3e:12:b1:a1:9a:c2:d5:
3a:96:97:fa:0c:94:19:0c:cd:6b:19:5f:6f:77:25:
63:a3:59:50:b6:77:31:3e:9a:61:e2:65:d7:50:ab:
45:49:f8:a9:5c:df:f2:6f:72:7a:49:29:11:69:31:
2d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:24:01:E6:AA:55:74:7E:67:E2:0E:60:12:28:64:11:81:FD:E4:60
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nSQB5qpVdH5n4g5gEihkEYH95GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:b5:b7:19:b7:09:48:de:e0:ee:cb:f6:b7:4f:ae:c4:95:c3:
2c:2b:f7:ae:fd:b8:42:65:85:e7:dc:4c:d4:7f:b6:5c:f4:15:
df:fc:6e:7e:ac:5f:6d:43:73:bf:9f:8f:72:78:be:7e:c3:9a:
e3:e1:26:e0:6e:29:f5:03:86:b1:41:06:69:d6:16:69:f5:82:
c5:80:15:f0:9a:4f:5c:52:22:b0:59:b6:9a:66:aa:a4:cd:35:
a1:8c:76:f4:e2:35:83:c9:1a:ae:f3:c8:35:9d:1a:a8:14:49:
2d:92:ed:c8:01:1f:6f:63:2e:40:05:6f:be:b7:90:87:2b:64:
d7:c9:39:18:34:fe:50:2e:ab:bc:62:81:9d:45:df:7b:f6:53:
1d:ac:d7:5a:ec:67:48:8e:e5:6c:96:69:e3:df:1f:f9:85:fa:
e3:1b:9d:37:d1:e4:d2:5a:87:61:b4:eb:30:15:06:33:fc:3c:
1f:24:98:1a:b6:ff:8e:7f:3c:eb:f4:25:2d:a5:4f:ae:00:4b:
11:c9:33:cd:74:a4:be:76:47:af:7a:c9:e5:71:8b:d6:16:6e:
ab:6c:af:22:87:95:12:0f:a8:af:e2:f9:97:ba:ae:26:8a:51:
12:04:dd:2b:05:b5:17:dc:b8:88:42:45:b7:f2:cc:08:76:3d:
41:88:03:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnBwoXhihlGDrif6oE8en3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA0MTgxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDI0MDFlNmFhNTU3NDdlNjdlMjBlNjAxMjI4NjQxMTgxZmRlNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7r57FErYfN2dmssMAoNyZnKz+xW
QiSFHmggOfAtjLVkfREpJfPpzmff/zn6BpD2qpAm/vMGV8KHUg11EXd+BJdmeMso
YLlT9cO+3nAZ7CgnUy9qlIeGSPJGSzKBOkK+vw25gk7FnBmLzuaBdw/l7pgoWrqj
1YyXt/YdS5NzrPWSEBZy3dBHo/bX9GvHBeNsp36eoDOHAxTWA9eofKD3tplJCQis
txh11q2r0C6rJOjplQvb3HFGBdYfcTmaIZ858EgN8+65JXp/ST4SsaGawtU6lpf6
DJQZDM1rGV9vdyVjo1lQtncxPpph4mXXUKtFSfipXN/yb3J6SSkRaTEt0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ0kAeaqVXR+Z+IOYBIoZBGB/eRgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvblNRQjVxcFZkSDVuNGc1Z0VpaGtFWUg5NUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACq1txm3CUje4O7L9rdP
rsSVwywr9679uEJlhefcTNR/tlz0Fd/8bn6sX21Dc7+fj3J4vn7DmuPhJuBuKfUD
hrFBBmnWFmn1gsWAFfCaT1xSIrBZtppmqqTNNaGMdvTiNYPJGq7zyDWdGqgUSS2S
7cgBH29jLkAFb763kIcrZNfJORg0/lAuq7xigZ1F33v2Ux2s11rsZ0iO5WyWaePf
H/mF+uMbnTfR5NJah2G06zAVBjP8PB8kmBq2/45/POv0JS2lT64ASxHJM810pL52
R696yeVxi9YWbqtsryKHlRIPqK/i+Ze6riaKURIE3SsFtRfcuIhCRbfyzAh2PUGI
Axk=
-----END CERTIFICATE-----
Generated at Thu May 1 11:37:41 2025 by rpki-client