Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rZjFzdY8ib3hCV727uGp9bheNWU.roa
File: rZjFzdY8ib3hCV727uGp9bheNWU.roa (raw, json)
Hash identifier: xU9iWLh7jXXoxlxBARnSySreKF5+ast4p5tIAjXK6aA=
Subject key identifier: AD:98:C5:CD:D6:3C:89:BD:E1:09:5E:F6:EE:E1:A9:F5:B8:5E:35:65
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018667030B121B38E20D6237F6EE2B9FB98B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rZjFzdY8ib3hCV727uGp9bheNWU.roa
Signing time: Sun 19 Feb 2023 00:11:38 +0000
ROA not before: Sun 19 Feb 2023 00:11:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:67:03:0b:12:1b:38:e2:0d:62:37:f6:ee:2b:9f:b9:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 19 00:11:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad98c5cdd63c89bde1095ef6eee1a9f5b85e3565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:38:dd:01:58:bd:e6:03:94:09:ca:32:ae:7b:
f3:3d:3e:c7:82:70:f1:34:cf:3f:0c:89:fa:fe:dd:
44:c0:e2:dd:e1:60:33:f8:fb:ce:a6:47:0f:a1:bc:
8b:65:f6:8d:a7:b5:dc:00:45:71:1a:41:75:c9:ce:
85:b9:e8:d5:ce:88:b4:6a:d2:ed:3c:88:ef:b5:e3:
f1:41:73:02:fc:d4:ed:d1:11:37:ed:49:93:eb:88:
75:19:65:82:81:31:af:49:4f:03:53:6c:51:52:54:
1c:22:f9:50:ce:cc:fa:d9:5c:e8:92:f2:7c:a8:30:
c0:aa:56:92:e7:bb:f0:00:30:f6:e0:07:15:21:38:
56:6a:f7:18:29:b3:33:18:72:6b:9b:74:83:f8:cf:
d6:04:fb:34:4f:3c:64:cc:7d:f5:ec:32:19:13:a5:
96:65:3c:01:d3:cf:1e:e4:ab:11:b0:bb:b2:6b:77:
48:38:3a:3d:75:f1:eb:01:9b:52:53:de:cb:c7:5b:
f6:7a:15:51:46:05:5a:d7:af:c8:2c:ff:86:0c:5b:
bc:62:0e:78:95:25:81:83:88:23:4c:d9:3f:9c:ca:
31:31:cc:50:6a:87:1f:85:5b:08:e6:b7:43:5b:d9:
60:05:ee:a8:98:e0:d6:1c:d9:1c:b4:a5:ed:25:2c:
8a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:98:C5:CD:D6:3C:89:BD:E1:09:5E:F6:EE:E1:A9:F5:B8:5E:35:65
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rZjFzdY8ib3hCV727uGp9bheNWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:81:9a:93:c4:20:b3:7b:23:79:26:6a:6b:4f:bc:6a:08:2a:
a4:7b:0e:48:f1:1a:22:cb:f7:9c:f7:ad:de:51:34:95:3c:46:
8e:ba:e2:85:c3:fc:c6:87:a6:fd:a2:7b:07:7b:b4:b3:ee:a8:
64:66:82:31:e1:ff:60:bc:bf:c8:ea:03:fb:15:0f:33:51:3e:
f8:cb:19:8e:56:fa:2e:ba:1c:04:32:c3:30:2f:fe:46:cb:1a:
31:96:eb:f8:e2:29:75:91:bc:01:40:a2:e0:01:ba:60:6a:4c:
be:f6:75:8b:a2:24:79:fb:20:27:de:95:d5:77:9c:40:29:e3:
11:37:1d:f3:f7:c1:6e:ed:77:72:f8:17:61:bb:71:ed:78:6b:
a2:4b:51:f3:5c:46:46:7d:88:e6:f6:7e:7a:69:84:a1:80:67:
11:9a:c7:9f:b1:37:53:d3:3a:9d:4a:39:6c:83:f1:57:af:35:
2e:1d:83:8c:a9:15:ff:d2:23:9f:df:fb:3a:9a:23:23:6d:47:
6b:9f:ec:f3:04:41:03:f5:8f:ff:b7:8d:b8:7f:7c:7c:bf:eb:
07:ca:f7:ad:95:df:99:3f:9d:22:c7:d1:60:8e:90:10:3f:33:
1a:cc:d6:5b:12:f9:56:05:1e:30:6a:7a:d7:e1:e1:5a:bf:e5:
37:97:3e:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZnAwsSGzjiDWI39u4rn7mLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE5MDAxMTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk4YzVjZGQ2M2M4OWJkZTEwOTVlZjZlZWUxYTlmNWI4NWUzNTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDjdAVi95gOUCcoyrnvzPT7HgnDx
NM8/DIn6/t1EwOLd4WAz+PvOpkcPobyLZfaNp7XcAEVxGkF1yc6FuejVzoi0atLt
PIjvtePxQXMC/NTt0RE37UmT64h1GWWCgTGvSU8DU2xRUlQcIvlQzsz62VzokvJ8
qDDAqlaS57vwADD24AcVIThWavcYKbMzGHJrm3SD+M/WBPs0TzxkzH317DIZE6WW
ZTwB088e5KsRsLuya3dIODo9dfHrAZtSU97Lx1v2ehVRRgVa16/ILP+GDFu8Yg54
lSWBg4gjTNk/nMoxMcxQaocfhVsI5rdDW9lgBe6omODWHNkctKXtJSyKNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK2Yxc3WPIm94Qle9u7hqfW4XjVlMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvclpqRnpkWThpYjNoQ1Y3Mjd1R3A5YmhlTldVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAeBmpPEILN7I3kmamtP
vGoIKqR7DkjxGiLL95z3rd5RNJU8Ro664oXD/MaHpv2iewd7tLPuqGRmgjHh/2C8
v8jqA/sVDzNRPvjLGY5W+i66HAQywzAv/kbLGjGW6/jiKXWRvAFAouABumBqTL72
dYuiJHn7ICfeldV3nEAp4xE3HfP3wW7td3L4F2G7ce14a6JLUfNcRkZ9iOb2fnpp
hKGAZxGax5+xN1PTOp1KOWyD8VevNS4dg4ypFf/SI5/f+zqaIyNtR2uf7PMEQQP1
j/+3jbh/fHy/6wfK962V35k/nSLH0WCOkBA/MxrM1lsS+VYFHjBqetfh4Vq/5TeX
PsI=
-----END CERTIFICATE-----
Generated at Thu May 1 14:59:24 2025 by rpki-client