Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/otqM2bFf3zAuFa0YFVLzb1bCEK4.roa
File: otqM2bFf3zAuFa0YFVLzb1bCEK4.roa (raw, json)
Hash identifier: R9rbYBNVZsIclcLW2Gkq7ZVUcBVhvFYOI8gtZxlWHlE=
Subject key identifier: A2:DA:8C:D9:B1:5F:DF:30:2E:15:AD:18:15:52:F3:6F:56:C2:10:AE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018686227CD3141432168E714077566E0E09
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/otqM2bFf3zAuFa0YFVLzb1bCEK4.roa
Signing time: Sat 25 Feb 2023 01:14:12 +0000
ROA not before: Sat 25 Feb 2023 01:14:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:86:22:7c:d3:14:14:32:16:8e:71:40:77:56:6e:0e:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 01:14:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2da8cd9b15fdf302e15ad181552f36f56c210ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9e:e0:f1:a9:97:73:c6:bb:cd:e1:f9:d7:1c:
67:73:95:b0:be:ff:29:b8:e9:6a:d7:ba:96:f3:d3:
fd:43:b7:20:aa:c1:3c:41:48:b5:cb:da:c7:fa:c6:
2e:6c:46:77:6b:47:1e:e7:b2:a6:4f:ed:b8:ed:16:
f9:82:08:03:8d:34:4e:2f:ce:9a:df:22:21:1e:09:
94:01:3c:41:ce:ec:de:ee:7b:bc:49:b0:11:c8:bf:
95:62:f7:73:81:01:09:d7:ed:3a:30:aa:92:21:9e:
b4:77:5a:92:90:d7:d3:db:a5:8b:99:94:dd:59:4b:
61:dd:f2:5f:66:51:cf:93:75:9d:01:49:b9:7f:f8:
5b:36:33:a7:e4:6d:6b:1d:5b:3a:7b:14:d8:e9:67:
1e:96:ce:72:51:27:53:79:c1:97:6e:a9:d8:d6:7a:
de:31:21:e6:f6:32:7e:f2:cf:31:07:60:5a:4a:9a:
66:c7:76:92:73:67:b3:fd:d5:a6:c3:bd:7d:e2:f0:
e5:48:6d:2c:03:c7:2e:86:cc:67:54:a9:42:25:60:
f2:46:e8:bd:0c:0e:2d:c1:6e:84:48:a2:bb:6a:45:
e2:2a:53:fe:45:77:2b:6c:3a:e5:86:ec:75:c5:15:
31:14:49:2b:6d:94:7a:f8:4c:19:92:a4:b1:a6:f5:
87:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:DA:8C:D9:B1:5F:DF:30:2E:15:AD:18:15:52:F3:6F:56:C2:10:AE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/otqM2bFf3zAuFa0YFVLzb1bCEK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:05:7d:73:b0:34:37:99:c6:72:83:2a:84:dc:d3:0e:0a:49:
0c:1a:0c:1b:44:43:86:86:05:f5:db:56:5c:11:f3:6f:f4:18:
6f:82:1e:e5:a9:73:d2:65:8e:05:6d:23:e7:58:97:b0:03:32:
fc:c7:01:5b:2d:d1:f9:89:03:16:0e:b3:60:10:f5:3d:2b:00:
66:3f:2b:82:8d:a1:9a:a5:00:c4:ad:71:d2:37:47:89:d3:7b:
fd:ed:a4:14:01:e9:01:5f:1e:48:b8:7e:51:f2:55:6e:04:c2:
65:37:08:9c:72:07:f1:9d:4b:d5:23:99:25:92:6c:21:88:42:
19:4a:d3:ed:03:b7:49:4e:38:a1:53:c5:97:44:52:b8:3f:da:
b1:34:b3:34:da:42:6c:a1:f9:3d:fb:b4:0d:c8:12:16:d0:0d:
43:ff:e7:45:fb:3e:f5:86:9c:92:c3:d8:f5:c9:93:4d:0f:e6:
b5:71:c5:58:0e:66:29:4f:7e:c0:50:58:24:e8:ae:ac:fa:bc:
ab:6c:0a:b9:fc:09:7a:74:7a:91:ca:94:4d:cc:81:56:46:bf:
74:53:de:1d:95:55:9f:bb:2a:59:82:ab:f5:15:f5:ca:98:9d:
93:41:3f:c3:29:a0:3c:3d:d2:25:63:f2:f5:4d:7f:62:42:b1:
3e:34:1a:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaGInzTFBQyFo5xQHdWbg4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MDExNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmRhOGNkOWIxNWZkZjMwMmUxNWFkMTgxNTUyZjM2ZjU2YzIxMGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv57g8amXc8a7zeH51xxnc5Wwvv8p
uOlq17qW89P9Q7cgqsE8QUi1y9rH+sYubEZ3a0ce57KmT+247Rb5gggDjTROL86a
3yIhHgmUATxBzuze7nu8SbARyL+VYvdzgQEJ1+06MKqSIZ60d1qSkNfT26WLmZTd
WUth3fJfZlHPk3WdAUm5f/hbNjOn5G1rHVs6exTY6Wcels5yUSdTecGXbqnY1nre
MSHm9jJ+8s8xB2BaSppmx3aSc2ez/dWmw7194vDlSG0sA8cuhsxnVKlCJWDyRui9
DA4twW6ESKK7akXiKlP+RXcrbDrlhux1xRUxFEkrbZR6+EwZkqSxpvWHawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKLajNmxX98wLhWtGBVS829WwhCuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvb3RxTTJiRmYzekF1RmEwWUZWTHpiMWJDRUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEUFfXOwNDeZxnKDKoTc
0w4KSQwaDBtEQ4aGBfXbVlwR82/0GG+CHuWpc9JljgVtI+dYl7ADMvzHAVst0fmJ
AxYOs2AQ9T0rAGY/K4KNoZqlAMStcdI3R4nTe/3tpBQB6QFfHki4flHyVW4EwmU3
CJxyB/GdS9UjmSWSbCGIQhlK0+0Dt0lOOKFTxZdEUrg/2rE0szTaQmyh+T37tA3I
EhbQDUP/50X7PvWGnJLD2PXJk00P5rVxxVgOZilPfsBQWCTorqz6vKtsCrn8CXp0
epHKlE3MgVZGv3RT3h2VVZ+7KlmCq/UV9cqYnZNBP8MpoDw90iVj8vVNf2JCsT40
GqQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:38:52 2025 by rpki-client