Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/re3c3Qx9ZI_3X0NNjkMDOLoIc6c.roa
File: re3c3Qx9ZI_3X0NNjkMDOLoIc6c.roa (raw, json)
Hash identifier: XfiC/5xrKq0Vqe34f7+JGRRaSwsuyLyJs5d86KP2IFo=
Subject key identifier: AD:ED:DC:DD:0C:7D:64:8F:F7:5F:43:4D:8E:43:03:38:BA:08:73:A7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189F237EDA63E83749A422BE01DD95FF8AF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/re3c3Qx9ZI_3X0NNjkMDOLoIc6c.roa
Signing time: Mon 14 Aug 2023 04:04:58 +0000
ROA not before: Mon 14 Aug 2023 04:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:f237:4928/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f2:37:ed:a6:3e:83:74:9a:42:2b:e0:1d:d9:5f:f8:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 14 04:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adeddcdd0c7d648ff75f434d8e430338ba0873a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:53:34:c8:66:25:cf:ab:29:66:32:e8:c5:17:
df:82:80:a8:3f:c9:7c:04:0a:78:68:c6:d8:69:a9:
74:2d:75:f8:e3:22:73:12:e0:f4:ec:a1:4e:28:3f:
e8:d5:32:ac:b1:ed:85:69:36:f7:25:9d:ba:93:cc:
41:df:b5:62:41:e6:3a:e2:6f:21:38:c7:09:c0:5c:
36:21:c6:d7:9b:b8:b6:36:2d:7e:cd:ea:e7:27:4a:
81:6f:cc:9c:48:15:99:a1:96:99:64:60:8f:89:b1:
39:78:e8:17:c8:6e:00:72:01:71:82:ec:39:85:db:
e8:db:f3:b5:3f:4a:24:7e:88:0a:18:a2:41:57:81:
bf:b7:ae:e9:ae:71:dc:87:43:90:84:01:90:2d:7c:
3f:50:6d:c8:f9:35:7b:19:e4:60:38:ea:df:3e:e1:
c3:20:53:b2:61:58:3a:f8:c5:57:4a:07:7b:d3:ae:
a9:23:02:5d:c3:05:8b:dc:fe:2c:9f:ac:c6:f5:f7:
12:1d:7d:bf:ee:b0:9a:6c:f0:6d:dd:f4:f6:0d:a3:
cf:78:1b:58:ce:f3:9c:87:6a:c2:b1:c9:bf:2d:01:
38:7d:8a:2b:0f:a1:23:9e:2b:dc:3c:ae:db:e6:44:
5f:6e:dc:93:7d:f0:5d:8e:94:d3:3c:0c:73:68:af:
a3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:ED:DC:DD:0C:7D:64:8F:F7:5F:43:4D:8E:43:03:38:BA:08:73:A7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/re3c3Qx9ZI_3X0NNjkMDOLoIc6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:3a:56:2d:40:81:00:17:06:26:ff:b7:1d:eb:98:61:ed:0f:
6f:63:5e:b0:e2:e9:f1:94:25:78:f0:e6:c2:75:2b:29:d2:ac:
0b:d4:f2:53:69:be:40:ae:47:2c:7a:5b:16:4f:11:91:00:cd:
5c:e7:49:c5:a8:fe:a6:81:55:17:3d:9a:4e:71:88:bd:ad:e1:
50:7c:11:92:5c:f1:47:a5:49:22:0e:91:90:37:cb:12:a2:b2:
2a:bc:45:7b:c1:32:28:b4:ec:40:db:64:bb:a1:35:f6:c2:58:
28:a3:8e:80:96:65:95:2c:76:e0:95:e0:98:9c:f5:0b:0b:28:
f1:45:07:7e:80:2d:dd:74:21:62:cb:a5:62:cc:fe:0c:92:c0:
f6:03:e2:88:7d:be:06:aa:3b:3a:80:4f:3a:34:27:a6:c8:4b:
cc:1d:26:ee:67:ed:2f:a7:d1:c8:54:dd:0a:f9:d8:32:11:40:
09:cb:3c:bf:8f:a1:b8:35:55:22:e7:22:ad:f4:54:9b:78:73:
66:ed:1f:db:a7:9b:62:ed:00:17:80:1d:b7:cb:6b:a6:59:e8:
b3:0e:39:60:95:58:ef:06:0b:87:48:a3:3e:20:d8:13:e7:5e:
67:fd:7c:83:47:13:2f:14:dd:43:6a:82:41:f8:ab:f2:fe:de:
32:f0:21:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnyN+2mPoN0mkIr4B3ZX/ivMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE0MDQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGVkZGNkZDBjN2Q2NDhmZjc1ZjQzNGQ4ZTQzMDMzOGJhMDg3M2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVM0yGYlz6spZjLoxRffgoCoP8l8
BAp4aMbYaal0LXX44yJzEuD07KFOKD/o1TKsse2FaTb3JZ26k8xB37ViQeY64m8h
OMcJwFw2IcbXm7i2Ni1+zernJ0qBb8ycSBWZoZaZZGCPibE5eOgXyG4AcgFxguw5
hdvo2/O1P0okfogKGKJBV4G/t67prnHch0OQhAGQLXw/UG3I+TV7GeRgOOrfPuHD
IFOyYVg6+MVXSgd7066pIwJdwwWL3P4sn6zG9fcSHX2/7rCabPBt3fT2DaPPeBtY
zvOch2rCscm/LQE4fYorD6EjnivcPK7b5kRfbtyTffBdjpTTPAxzaK+jHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK3t3N0MfWSP919DTY5DAzi6CHOnMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcmUzYzNReDlaSV8zWDBOTmprTURPTG9JYzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIs6Vi1AgQAXBib/tx3r
mGHtD29jXrDi6fGUJXjw5sJ1KynSrAvU8lNpvkCuRyx6WxZPEZEAzVznScWo/qaB
VRc9mk5xiL2t4VB8EZJc8UelSSIOkZA3yxKisiq8RXvBMii07EDbZLuhNfbCWCij
joCWZZUsduCV4Jic9QsLKPFFB36ALd10IWLLpWLM/gySwPYD4oh9vgaqOzqATzo0
J6bIS8wdJu5n7S+n0chU3Qr52DIRQAnLPL+Pobg1VSLnIq30VJt4c2btH9unm2Lt
ABeAHbfLa6ZZ6LMOOWCVWO8GC4dIoz4g2BPnXmf9fINHEy8U3UNqgkH4q/L+3jLw
ITg=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:32:13 2025 by rpki-client