Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nefb89RttMHorwC--j2wZSTO7K0.roa
File: nefb89RttMHorwC--j2wZSTO7K0.roa (raw, json)
Hash identifier: apv9VDMZzH6+mMYEhF+stjnEwpsr6EsL/Io5ZLUgNU0=
Subject key identifier: 9D:E7:DB:F3:D4:6D:B4:C1:E8:AF:00:BE:FA:3D:B0:65:24:CE:EC:AD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189C41EC4A0A849A0DDD8ED2BAFC76C6253
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nefb89RttMHorwC--j2wZSTO7K0.roa
Signing time: Sat 05 Aug 2023 05:14:58 +0000
ROA not before: Sat 05 Aug 2023 05:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c4:1e:c4:a0:a8:49:a0:dd:d8:ed:2b:af:c7:6c:62:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 5 05:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9de7dbf3d46db4c1e8af00befa3db06524ceecad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ad:74:db:85:4f:e6:a0:49:bb:f3:b4:28:ac:
c1:4b:26:4c:41:0a:e6:7a:64:3a:a8:93:f6:f9:1a:
1a:02:f4:fa:00:57:74:53:e8:17:b6:3a:5e:c3:17:
79:65:d6:8c:6d:59:23:3d:f2:67:06:4a:92:c3:25:
a1:bc:d9:82:df:f1:55:a4:40:3f:1e:46:d7:09:8d:
0e:14:61:7a:da:fe:b8:ea:0e:27:c4:7b:a5:51:c6:
f2:99:f2:25:49:9d:86:27:b2:0f:22:50:85:0d:39:
bc:06:6e:98:fd:33:4b:69:10:0c:e0:95:fc:ff:9a:
df:ce:43:95:0d:5d:75:40:b3:98:04:93:41:6c:e6:
1d:00:05:10:d0:b2:63:8e:96:1d:08:63:42:f9:be:
f7:a2:47:d7:f6:c5:d9:3b:a5:ee:16:18:e7:71:8c:
6a:80:03:07:94:13:3f:f9:90:81:cf:17:1a:b2:89:
cf:91:ff:c3:f7:06:84:20:3d:fa:82:48:91:55:cc:
d5:7d:c9:d8:b1:e3:e1:76:3a:1c:53:f6:1e:76:63:
8b:c2:e2:6a:d6:6d:50:4e:52:e4:17:f3:b8:b5:aa:
bd:56:1f:06:2e:67:23:22:6d:29:f6:95:96:45:d3:
40:7d:f2:aa:2b:7a:94:6e:51:52:11:78:29:c8:8a:
59:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:E7:DB:F3:D4:6D:B4:C1:E8:AF:00:BE:FA:3D:B0:65:24:CE:EC:AD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nefb89RttMHorwC--j2wZSTO7K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:3b:13:d3:55:c7:01:1b:7b:7d:ef:74:69:64:8c:3c:34:2b:
15:f1:1e:ed:2f:e1:b3:5c:43:fc:6d:1f:f9:ab:7f:06:73:7f:
9b:b9:24:b3:eb:59:f5:c7:f5:6a:c9:ba:95:f2:b9:31:fa:cd:
f2:95:84:51:54:ae:0e:51:e9:b3:fb:63:ea:15:a8:06:24:92:
ec:b8:8e:28:dc:3d:fe:81:62:ad:a9:6c:81:9a:a9:f3:2c:ac:
f9:ea:c3:b8:3f:00:b8:45:6c:db:81:fb:f4:ef:12:4e:73:cd:
9a:cc:f0:c8:e0:0d:bc:3e:e7:5c:a6:03:24:56:81:bd:99:b8:
6a:79:cf:ea:25:f1:49:b3:6c:26:ff:84:f1:55:a1:38:4b:a2:
cc:62:16:e7:ba:6e:ba:b8:1a:88:14:78:d7:58:d5:f8:2a:b6:
8b:13:04:ad:b4:a2:a2:fd:a2:39:15:83:0e:2f:8b:0f:11:5b:
e1:af:72:a1:7a:fb:e6:be:00:a0:1e:bd:e1:85:60:c7:55:7d:
b2:5d:23:c3:c1:c4:ba:87:84:b3:c0:aa:df:c6:bd:5b:fd:5f:
68:c9:0b:6c:4e:d9:1f:ec:79:4e:70:c6:b6:60:ec:fa:fd:03:
6b:36:91:4c:a7:2b:45:dc:5c:26:69:62:1f:ed:6e:dc:5c:f6:
5a:9c:bf:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnEHsSgqEmg3djtK6/HbGJTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA1MDUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGU3ZGJmM2Q0NmRiNGMxZThhZjAwYmVmYTNkYjA2NTI0Y2VlY2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArK1024VP5qBJu/O0KKzBSyZMQQrm
emQ6qJP2+RoaAvT6AFd0U+gXtjpewxd5ZdaMbVkjPfJnBkqSwyWhvNmC3/FVpEA/
HkbXCY0OFGF62v646g4nxHulUcbymfIlSZ2GJ7IPIlCFDTm8Bm6Y/TNLaRAM4JX8
/5rfzkOVDV11QLOYBJNBbOYdAAUQ0LJjjpYdCGNC+b73okfX9sXZO6XuFhjncYxq
gAMHlBM/+ZCBzxcasonPkf/D9waEID36gkiRVczVfcnYsePhdjocU/YedmOLwuJq
1m1QTlLkF/O4taq9Vh8GLmcjIm0p9pWWRdNAffKqK3qUblFSEXgpyIpZhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ3n2/PUbbTB6K8Avvo9sGUkzuytMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbmVmYjg5UnR0TUhvcndDLS1qMndaU1RPN0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACc7E9NVxwEbe33vdGlk
jDw0KxXxHu0v4bNcQ/xtH/mrfwZzf5u5JLPrWfXH9WrJupXyuTH6zfKVhFFUrg5R
6bP7Y+oVqAYkkuy4jijcPf6BYq2pbIGaqfMsrPnqw7g/ALhFbNuB+/TvEk5zzZrM
8MjgDbw+51ymAyRWgb2ZuGp5z+ol8UmzbCb/hPFVoThLosxiFue6brq4GogUeNdY
1fgqtosTBK20oqL9ojkVgw4viw8RW+GvcqF6++a+AKAeveGFYMdVfbJdI8PBxLqH
hLPAqt/GvVv9X2jJC2xO2R/seU5wxrZg7Pr9A2s2kUynK0XcXCZpYh/tbtxc9lqc
v5I=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:18:05 2025 by rpki-client