Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/r4lopbQiC5WkwfQlFYfZr1vrVOE.roa
File: r4lopbQiC5WkwfQlFYfZr1vrVOE.roa (raw, json)
Hash identifier: 0hNvacdjbu2Y0oFoYDY/iDKlThV/KvWDD5mcXq92klw=
Subject key identifier: AF:89:68:A5:B4:22:0B:95:A4:C1:F4:25:15:87:D9:AF:5B:EB:54:E1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018694814696BBC3ED770C28AF394352D98A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/r4lopbQiC5WkwfQlFYfZr1vrVOE.roa
Signing time: Mon 27 Feb 2023 20:12:25 +0000
ROA not before: Mon 27 Feb 2023 20:12:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:94:81:46:96:bb:c3:ed:77:0c:28:af:39:43:52:d9:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 27 20:12:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af8968a5b4220b95a4c1f4251587d9af5beb54e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e2:21:99:a1:e8:03:e9:94:dd:52:5a:0f:d2:
29:89:7b:ba:a5:21:d8:77:74:4b:39:24:6a:38:03:
28:70:91:21:82:37:09:9c:d1:c1:55:94:97:c2:c6:
75:00:5d:fc:c6:bd:88:82:96:9b:65:6f:7a:2d:d8:
32:81:3a:7d:60:60:30:96:e3:53:5c:27:6e:e4:dd:
7c:59:c0:9b:ce:54:37:ba:c6:42:e6:94:17:57:92:
52:c6:27:92:3c:7e:ab:a1:d0:e0:9e:ac:1b:53:11:
f4:22:e0:17:59:ca:74:83:dd:4f:1f:7e:e0:81:f4:
88:7b:54:e4:53:ad:c4:d2:84:37:34:0e:5d:0a:88:
c3:e3:d8:c6:61:e7:13:52:4f:33:7c:70:67:a1:e7:
5f:6c:df:f0:cb:c3:f4:e6:6d:61:04:8b:3f:ab:2a:
21:70:17:af:22:24:5e:d5:1d:ce:7b:f9:22:f3:69:
12:3b:e9:e5:a5:95:29:4f:1a:99:ce:b2:0c:6a:63:
32:e6:09:ff:c2:0b:ad:01:8f:fd:d0:7b:5d:49:66:
1a:1f:7f:1d:dc:bc:02:81:a4:9f:6e:d0:22:4a:0e:
5f:70:c5:b3:ab:1a:31:de:45:3f:2f:48:8f:1b:47:
42:ff:4c:06:1f:d9:ec:7e:43:da:01:84:39:79:2c:
a4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:89:68:A5:B4:22:0B:95:A4:C1:F4:25:15:87:D9:AF:5B:EB:54:E1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/r4lopbQiC5WkwfQlFYfZr1vrVOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
32:14:d3:ef:3a:f3:c1:7b:10:db:0e:62:a5:32:d9:45:5d:9e:
96:f8:ad:24:84:01:b7:95:ba:77:de:73:b9:7d:15:61:60:17:
a9:a0:66:17:2b:f9:31:30:39:18:49:ab:b9:01:62:43:bd:be:
7a:ea:92:d9:c7:c9:99:4d:c5:9c:ee:4c:05:b4:8f:fe:93:d0:
55:08:dc:12:7f:48:19:a6:a5:4c:91:12:c0:fe:38:0d:62:75:
52:8c:e8:d5:ae:da:04:98:3e:b2:91:6d:5f:7e:32:e0:70:eb:
4a:01:f9:4c:c9:dc:8f:0e:b4:e1:4b:44:54:c6:94:de:6a:07:
88:b4:00:d3:61:f7:bd:60:dd:54:14:72:91:da:81:e0:dc:d7:
5e:44:04:11:c7:c4:a6:1d:34:22:0f:be:d5:e9:ac:f5:cf:05:
3d:41:1f:4d:9f:b5:09:c9:e1:9f:16:a3:31:b1:7d:eb:eb:3a:
12:85:c1:c4:19:5c:e8:c2:2f:57:31:fa:e5:df:0b:54:af:3a:
17:82:25:55:79:60:eb:94:8a:7d:7f:2b:c2:f6:fe:10:da:fd:
5c:31:4f:6f:42:20:63:78:9c:ac:08:24:77:00:d1:20:6d:38:
52:a4:e7:e0:fb:56:e2:57:95:84:56:e1:0b:70:52:81:14:5b:
01:e1:3b:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaUgUaWu8PtdwworzlDUtmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI3MjAxMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjg5NjhhNWI0MjIwYjk1YTRjMWY0MjUxNTg3ZDlhZjViZWI1NGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eIhmaHoA+mU3VJaD9IpiXu6pSHY
d3RLOSRqOAMocJEhgjcJnNHBVZSXwsZ1AF38xr2IgpabZW96LdgygTp9YGAwluNT
XCdu5N18WcCbzlQ3usZC5pQXV5JSxieSPH6rodDgnqwbUxH0IuAXWcp0g91PH37g
gfSIe1TkU63E0oQ3NA5dCojD49jGYecTUk8zfHBnoedfbN/wy8P05m1hBIs/qyoh
cBevIiRe1R3Oe/ki82kSO+nlpZUpTxqZzrIMamMy5gn/wgutAY/90HtdSWYaH38d
3LwCgaSfbtAiSg5fcMWzqxox3kU/L0iPG0dC/0wGH9nsfkPaAYQ5eSykkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK+JaKW0IguVpMH0JRWH2a9b61ThMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcjRsb3BiUWlDNVdrd2ZRbEZZZlpyMXZyVk9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADIU0+8688F7ENsOYqUy
2UVdnpb4rSSEAbeVunfec7l9FWFgF6mgZhcr+TEwORhJq7kBYkO9vnrqktnHyZlN
xZzuTAW0j/6T0FUI3BJ/SBmmpUyREsD+OA1idVKM6NWu2gSYPrKRbV9+MuBw60oB
+UzJ3I8OtOFLRFTGlN5qB4i0ANNh971g3VQUcpHageDc115EBBHHxKYdNCIPvtXp
rPXPBT1BH02ftQnJ4Z8WozGxfevrOhKFwcQZXOjCL1cx+uXfC1SvOheCJVV5YOuU
in1/K8L2/hDa/VwxT29CIGN4nKwIJHcA0SBtOFKk5+D7VuJXlYRW4QtwUoEUWwHh
O/E=
-----END CERTIFICATE-----
Generated at Thu May 1 05:38:43 2025 by rpki-client