Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oN_XrWcZ2MmLdb10XdQprGG60mw.roa
File: oN_XrWcZ2MmLdb10XdQprGG60mw.roa (raw, json)
Hash identifier: NG4WbGtycQ3qMD0LwngLs2oQ53eo8TbamsTtrylkLvo=
Subject key identifier: A0:DF:D7:AD:67:19:D8:C9:8B:75:BD:74:5D:D4:29:AC:61:BA:D2:6C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01873316F28437152CC0DD1E6D3BAC0BEDCF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oN_XrWcZ2MmLdb10XdQprGG60mw.roa
Signing time: Thu 30 Mar 2023 15:15:54 +0000
ROA not before: Thu 30 Mar 2023 15:15:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:33:16:f2:84:37:15:2c:c0:dd:1e:6d:3b:ac:0b:ed:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 30 15:15:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0dfd7ad6719d8c98b75bd745dd429ac61bad26c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:11:b1:3c:43:8a:30:a0:ef:97:03:b1:c6:0d:
b7:10:4e:8f:c6:18:df:71:ab:ae:ec:e7:c0:da:cb:
3c:80:ce:85:5e:db:fc:46:e8:24:6d:bc:ab:ca:ab:
63:4d:d2:78:31:f0:48:6b:fe:26:ca:86:cc:c4:83:
e4:a5:9e:3c:2c:46:f0:58:07:24:14:86:2a:81:d9:
bb:18:c9:e5:f6:0a:dc:17:b7:b1:7e:4c:43:22:57:
18:fb:99:b9:75:61:fa:09:6c:3d:1b:29:b5:ad:a9:
7b:c6:29:5f:1a:d6:bf:c1:f0:91:b3:1b:ec:36:59:
c2:e9:77:fa:01:3e:c9:43:1f:c7:b1:29:8f:1d:13:
44:49:89:b5:81:f9:52:20:e3:b1:29:26:72:1f:12:
e5:29:c9:9f:b1:c8:d4:9a:c9:e7:f8:24:71:9d:1b:
a9:39:c7:05:ea:6c:81:6e:17:f4:04:af:51:d9:8c:
6a:82:6b:6e:49:1b:8b:41:75:63:3c:a3:e0:4d:fc:
b4:65:c6:b8:f7:ba:ff:d8:4a:f3:23:eb:91:d8:2c:
03:c8:95:46:e4:57:ca:04:ce:82:9e:fb:79:ea:1b:
96:36:f7:58:5b:5a:82:78:62:83:49:63:06:ee:b2:
b6:76:92:36:8b:fd:03:03:52:e1:47:16:cd:56:9b:
80:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DF:D7:AD:67:19:D8:C9:8B:75:BD:74:5D:D4:29:AC:61:BA:D2:6C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/oN_XrWcZ2MmLdb10XdQprGG60mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:76:fe:7b:2f:67:5b:12:e5:dd:03:9a:e7:2b:a3:2b:b0:2d:
b8:65:2f:3b:de:40:bf:b8:95:9c:61:33:88:2c:2c:d3:d7:f6:
fc:c1:1b:3b:e3:41:f2:1b:88:33:7b:8e:89:99:2a:00:39:e3:
52:3c:4b:6f:99:3b:70:d7:c0:39:d9:f7:a0:52:cd:ec:29:ce:
f9:74:a6:e9:fc:1e:01:12:cb:5e:b5:e3:18:93:84:4f:dc:5c:
bc:b6:66:64:86:4d:fc:ac:fb:69:19:42:6c:2a:57:d7:9f:45:
b2:ed:e6:95:bd:4f:87:87:15:11:fa:36:77:8a:77:02:e0:b0:
08:46:7d:7a:21:75:b0:3f:49:49:0f:dd:73:bf:3c:ff:08:6a:
8e:4f:40:bc:1c:dd:13:c0:c2:f8:ef:88:7a:eb:36:9b:2c:8c:
06:a8:fb:75:b2:a7:d4:d1:94:7d:56:e5:79:26:6b:d0:56:47:
f5:62:7d:15:6e:3c:60:17:5d:39:57:90:15:39:ae:47:20:76:
b7:33:e9:01:d4:b0:85:11:cb:30:53:a8:68:4d:be:fa:a8:52:
35:bf:cb:4e:95:b9:d8:6d:ad:19:fb:64:a6:76:65:c0:62:94:
67:3f:0c:5b:4d:b2:a8:fc:34:0f:a3:ec:d2:69:ea:14:fa:df:
88:3e:9f:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYczFvKENxUswN0ebTusC+3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzMwMTUxNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGRmZDdhZDY3MTlkOGM5OGI3NWJkNzQ1ZGQ0MjlhYzYxYmFkMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhGxPEOKMKDvlwOxxg23EE6Pxhjf
cauu7OfA2ss8gM6FXtv8RugkbbyryqtjTdJ4MfBIa/4myobMxIPkpZ48LEbwWAck
FIYqgdm7GMnl9grcF7exfkxDIlcY+5m5dWH6CWw9Gym1ral7xilfGta/wfCRsxvs
NlnC6Xf6AT7JQx/HsSmPHRNESYm1gflSIOOxKSZyHxLlKcmfscjUmsnn+CRxnRup
OccF6myBbhf0BK9R2YxqgmtuSRuLQXVjPKPgTfy0Zca497r/2ErzI+uR2CwDyJVG
5FfKBM6Cnvt56huWNvdYW1qCeGKDSWMG7rK2dpI2i/0DA1LhRxbNVpuA9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKDf161nGdjJi3W9dF3UKaxhutJsMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb05fWHJXY1oyTW1MZGIxMFhkUXByR0c2MG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAF2/nsvZ1sS5d0Dmucr
oyuwLbhlLzveQL+4lZxhM4gsLNPX9vzBGzvjQfIbiDN7jomZKgA541I8S2+ZO3DX
wDnZ96BSzewpzvl0pun8HgESy1614xiThE/cXLy2ZmSGTfys+2kZQmwqV9efRbLt
5pW9T4eHFRH6NneKdwLgsAhGfXohdbA/SUkP3XO/PP8Iao5PQLwc3RPAwvjviHrr
NpssjAao+3Wyp9TRlH1W5Xkma9BWR/VifRVuPGAXXTlXkBU5rkcgdrcz6QHUsIUR
yzBTqGhNvvqoUjW/y06VudhtrRn7ZKZ2ZcBilGc/DFtNsqj8NA+j7NJp6hT634g+
n60=
-----END CERTIFICATE-----
Generated at Thu May 1 05:42:24 2025 by rpki-client