Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rWf7ymRAanAYTJHq8LfqJHizWRc.roa
File: rWf7ymRAanAYTJHq8LfqJHizWRc.roa (raw, json)
Hash identifier: NCLpR30tmY5UeMDNlZym8oCtvfeakR8cuotOJ9o30FQ=
Subject key identifier: AD:67:FB:CA:64:40:6A:70:18:4C:91:EA:F0:B7:EA:24:78:B3:59:17
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189A3ECB55B7FE842CA12775A687E7F2DEC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rWf7ymRAanAYTJHq8LfqJHizWRc.roa
Signing time: Sat 29 Jul 2023 23:12:26 +0000
ROA not before: Sat 29 Jul 2023 23:12:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a3:ec:b5:5b:7f:e8:42:ca:12:77:5a:68:7e:7f:2d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 29 23:12:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad67fbca64406a70184c91eaf0b7ea2478b35917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:25:ab:8f:77:bc:c6:5c:31:13:80:13:64:68:
37:48:53:a8:27:36:a2:d3:39:a9:42:94:f9:41:a8:
90:c3:c4:7d:5a:5e:4c:68:7d:2e:1a:ec:9b:1d:d2:
08:b7:19:0e:d9:7a:26:c7:5f:a0:2c:5c:3b:77:06:
e3:41:7c:77:9e:74:be:b6:a5:58:e2:7a:21:79:39:
ee:2f:d7:f9:03:99:7d:1e:bc:fa:da:02:05:1c:f9:
30:c4:ac:4f:83:58:52:13:d3:5a:86:ad:59:1b:1b:
f8:4f:ab:46:c6:ea:b7:64:c5:07:f6:30:3e:10:2f:
ed:29:05:cf:f5:15:9f:a0:f2:08:3a:d7:0b:a4:27:
b0:0f:0f:33:c0:79:71:d9:01:1d:b1:12:7c:13:75:
07:ca:66:23:21:29:59:9c:cc:7d:e6:69:c3:c1:9b:
9d:75:55:b8:ec:ab:d1:6a:80:97:41:62:1c:c3:04:
6a:e0:8f:8b:bf:7f:52:2c:c9:34:bc:46:e6:52:38:
b1:de:3f:d1:8b:b4:a1:c8:49:b2:a5:87:82:47:4d:
7d:67:95:72:05:f9:f6:94:c8:06:a1:bc:3b:1c:7c:
0b:52:78:1e:b0:66:de:dc:27:39:70:76:c5:7d:aa:
ee:98:a3:a9:94:37:96:a2:90:7a:90:9d:8d:0f:bf:
2e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:67:FB:CA:64:40:6A:70:18:4C:91:EA:F0:B7:EA:24:78:B3:59:17
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rWf7ymRAanAYTJHq8LfqJHizWRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:ad:9d:4f:d4:af:84:58:f2:55:25:54:3b:87:5d:05:e9:24:
f7:91:b9:3a:ba:6b:26:fc:91:2d:43:03:03:8c:7b:32:54:d7:
4d:42:14:4f:41:0b:19:08:2d:fc:01:3f:4d:87:72:35:3b:18:
8f:18:b7:f7:69:34:e1:29:6d:3a:66:b2:04:5c:57:80:08:fe:
d5:87:e5:4e:18:fd:c5:6a:12:a1:4e:a8:0c:89:fb:73:0b:e6:
34:cd:3c:70:0d:c2:9d:15:e8:a5:c0:4b:65:5c:31:73:37:64:
d7:ef:9a:73:d5:be:c1:89:82:53:b2:b0:ea:8c:fb:d8:bc:4e:
ee:8c:cb:10:eb:79:52:ef:89:bd:8e:c0:66:76:3b:07:f0:bf:
aa:13:da:89:24:36:f5:83:9b:f5:8b:8b:65:8e:91:8a:dc:40:
9c:a3:01:be:c1:05:4a:89:43:64:b1:ea:2b:b5:6c:6b:46:fb:
6b:c1:90:72:1c:0f:0f:b4:6b:95:7c:c2:8e:5b:c0:1d:cc:2e:
22:e7:95:1d:8f:a6:ef:8e:25:f1:1b:55:14:04:65:78:46:e9:
b0:da:12:36:2f:dd:1c:0d:06:33:1e:c4:4b:1d:60:d6:82:06:
3a:52:25:43:0f:d0:bf:5d:73:cd:c7:61:aa:d4:4f:55:26:ff:
01:e7:60:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmj7LVbf+hCyhJ3Wmh+fy3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI5MjMxMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDY3ZmJjYTY0NDA2YTcwMTg0YzkxZWFmMGI3ZWEyNDc4YjM1OTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSWrj3e8xlwxE4ATZGg3SFOoJzai
0zmpQpT5QaiQw8R9Wl5MaH0uGuybHdIItxkO2Xomx1+gLFw7dwbjQXx3nnS+tqVY
4noheTnuL9f5A5l9Hrz62gIFHPkwxKxPg1hSE9Nahq1ZGxv4T6tGxuq3ZMUH9jA+
EC/tKQXP9RWfoPIIOtcLpCewDw8zwHlx2QEdsRJ8E3UHymYjISlZnMx95mnDwZud
dVW47KvRaoCXQWIcwwRq4I+Lv39SLMk0vEbmUjix3j/Ri7ShyEmypYeCR019Z5Vy
Bfn2lMgGobw7HHwLUngesGbe3Cc5cHbFfarumKOplDeWopB6kJ2ND78u/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK1n+8pkQGpwGEyR6vC36iR4s1kXMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcldmN3ltUkFhbkFZVEpIcThMZnFKSGl6V1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIatnU/Ur4RY8lUlVDuH
XQXpJPeRuTq6ayb8kS1DAwOMezJU101CFE9BCxkILfwBP02HcjU7GI8Yt/dpNOEp
bTpmsgRcV4AI/tWH5U4Y/cVqEqFOqAyJ+3ML5jTNPHANwp0V6KXAS2VcMXM3ZNfv
mnPVvsGJglOysOqM+9i8Tu6MyxDreVLvib2OwGZ2Owfwv6oT2okkNvWDm/WLi2WO
kYrcQJyjAb7BBUqJQ2Sx6iu1bGtG+2vBkHIcDw+0a5V8wo5bwB3MLiLnlR2Ppu+O
JfEbVRQEZXhG6bDaEjYv3RwNBjMexEsdYNaCBjpSJUMP0L9dc83HYarUT1Um/wHn
YOE=
-----END CERTIFICATE-----
Generated at Thu May 1 07:55:33 2025 by rpki-client