Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/r1GqKU5Tcj_JrMBZabfbpUxqH-U.roa
File: r1GqKU5Tcj_JrMBZabfbpUxqH-U.roa (raw, json)
Hash identifier: 65Sj3DVAA2/1Phz+nCkkN+x9x/L6HpFtmD7SscTTjFk=
Subject key identifier: AF:51:AA:29:4E:53:72:3F:C9:AC:C0:59:69:B7:DB:A5:4C:6A:1F:E5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189BD760F11DB95788CB603CB8C9EB3CF53
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/r1GqKU5Tcj_JrMBZabfbpUxqH-U.roa
Signing time: Thu 03 Aug 2023 22:12:58 +0000
ROA not before: Thu 03 Aug 2023 22:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bd:76:0f:11:db:95:78:8c:b6:03:cb:8c:9e:b3:cf:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 3 22:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af51aa294e53723fc9acc05969b7dba54c6a1fe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:eb:b1:01:65:b9:64:70:9d:5a:75:80:97:f4:
90:cc:b5:eb:8c:b3:e3:bf:61:88:7f:d0:c9:4d:88:
df:cb:76:57:f9:a4:9d:63:cd:45:8f:c0:30:d9:23:
b1:e0:41:2b:f7:a1:b2:e9:a4:35:ed:b4:42:25:2d:
c1:9d:21:d6:c1:86:ed:a9:0b:51:ee:78:26:c8:47:
10:fd:29:7d:6d:3f:d6:67:34:98:51:ec:23:45:82:
38:47:bc:7d:ae:33:ad:79:de:84:70:20:ce:5b:2a:
af:b6:ec:66:dc:0a:5c:e3:47:5a:42:03:48:ed:ff:
24:a2:e1:df:a0:66:f4:f5:7d:9c:90:d7:f8:26:b6:
f6:ad:78:0c:ba:1a:ae:31:95:d5:38:ef:5c:78:32:
4c:cc:d4:2d:6e:d9:51:86:c6:5b:01:96:06:be:a3:
fb:7a:de:fd:b8:44:49:a7:73:ad:fe:12:4e:9a:2d:
bb:64:58:6f:ca:c0:2e:7e:1e:a0:56:bf:3e:3f:1d:
5a:2c:ea:22:4c:f2:67:f7:b5:d4:ec:bc:11:05:cf:
4f:47:22:97:8c:0d:7a:8a:28:77:cf:30:d2:90:83:
12:cc:ec:01:06:b7:f9:79:56:c0:d5:ac:f6:c0:cb:
0b:a7:39:f9:59:a6:d2:86:ab:e9:8d:9d:49:7b:67:
32:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:51:AA:29:4E:53:72:3F:C9:AC:C0:59:69:B7:DB:A5:4C:6A:1F:E5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/r1GqKU5Tcj_JrMBZabfbpUxqH-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:ce:c2:37:cb:70:af:7d:2d:b1:11:10:98:23:79:2d:ce:c1:
da:d8:e0:46:48:9d:cf:9a:c4:fb:30:27:fd:54:32:d7:17:aa:
64:fc:0c:fe:c7:fd:79:b2:da:51:f1:6c:fa:31:9b:5c:78:75:
9d:f6:cc:29:3b:a2:09:48:60:58:ee:94:d7:cd:1d:02:5c:70:
62:37:99:76:74:fd:b4:e5:c5:5a:c1:5e:cf:47:a2:52:38:af:
16:b5:5e:46:c5:ca:76:a9:a2:09:28:de:1e:be:4f:7b:03:7c:
0f:8d:33:63:e4:b1:ae:71:96:ee:be:48:52:9e:64:1b:40:5e:
cb:9c:7f:a2:35:d1:f4:e1:d2:da:ee:67:84:f6:23:5a:75:68:
6f:5b:eb:bd:ce:cf:a9:03:f8:57:41:ff:ee:4b:ca:dd:c7:63:
df:28:ae:13:26:f7:28:5f:b0:45:e8:5d:38:3d:82:25:15:e4:
bd:c0:26:83:73:03:b7:ae:b1:ae:e3:68:41:d7:60:79:3c:cf:
bb:ab:0d:92:f2:bf:ee:32:1a:c6:ca:7b:b6:7c:a7:81:01:a4:
7e:91:7e:73:c6:a0:98:14:47:c1:c6:ee:de:68:bd:1e:32:87:
2f:b7:2d:9b:1e:d4:5f:b0:91:6c:43:44:5e:a6:ae:98:68:ff:
fc:91:ab:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm9dg8R25V4jLYDy4yes89TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODAzMjIxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjUxYWEyOTRlNTM3MjNmYzlhY2MwNTk2OWI3ZGJhNTRjNmExZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+uxAWW5ZHCdWnWAl/SQzLXrjLPj
v2GIf9DJTYjfy3ZX+aSdY81Fj8Aw2SOx4EEr96Gy6aQ17bRCJS3BnSHWwYbtqQtR
7ngmyEcQ/Sl9bT/WZzSYUewjRYI4R7x9rjOted6EcCDOWyqvtuxm3Apc40daQgNI
7f8kouHfoGb09X2ckNf4Jrb2rXgMuhquMZXVOO9ceDJMzNQtbtlRhsZbAZYGvqP7
et79uERJp3Ot/hJOmi27ZFhvysAufh6gVr8+Px1aLOoiTPJn97XU7LwRBc9PRyKX
jA16iih3zzDSkIMSzOwBBrf5eVbA1az2wMsLpzn5WabShqvpjZ1Je2cyDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK9RqilOU3I/yazAWWm326VMah/lMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcjFHcUtVNVRjal9Kck1CWmFiZmJwVXhxSC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGfOwjfLcK99LbEREJgj
eS3OwdrY4EZInc+axPswJ/1UMtcXqmT8DP7H/Xmy2lHxbPoxm1x4dZ32zCk7oglI
YFjulNfNHQJccGI3mXZ0/bTlxVrBXs9HolI4rxa1XkbFynapogko3h6+T3sDfA+N
M2Pksa5xlu6+SFKeZBtAXsucf6I10fTh0truZ4T2I1p1aG9b673Oz6kD+FdB/+5L
yt3HY98orhMm9yhfsEXoXTg9giUV5L3AJoNzA7eusa7jaEHXYHk8z7urDZLyv+4y
GsbKe7Z8p4EBpH6RfnPGoJgUR8HG7t5ovR4yhy+3LZse1F+wkWxDRF6mrpho//yR
q2Y=
-----END CERTIFICATE-----
Generated at Thu May 1 16:31:51 2025 by rpki-client