Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rhtCbZ1FLilWZv4Yhh3eFUcA9ys.roa
File: rhtCbZ1FLilWZv4Yhh3eFUcA9ys.roa (raw, json)
Hash identifier: JxtrpfSZaF79LgmyBeBhbG9pbjplZzwqLY5hoZZwD0w=
Subject key identifier: AE:1B:42:6D:9D:45:2E:29:56:66:FE:18:86:1D:DE:15:47:00:F7:2B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186BABA0E11309EF2FC0070A2EEFFA8008B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rhtCbZ1FLilWZv4Yhh3eFUcA9ys.roa
Signing time: Tue 07 Mar 2023 06:20:00 +0000
ROA not before: Tue 07 Mar 2023 06:20:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ba:ba:0e:11:30:9e:f2:fc:00:70:a2:ee:ff:a8:00:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 7 06:20:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae1b426d9d452e295666fe18861dde154700f72b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fa:56:e5:fb:18:da:00:49:04:97:f7:1b:fe:
0a:42:bf:1b:ed:44:71:de:5f:58:bf:03:7c:fd:e0:
37:95:25:a0:b4:7d:75:e1:7a:4e:7c:9e:35:af:5f:
76:e2:d9:24:d6:bb:b9:6e:58:20:b3:a0:8c:ec:6c:
8e:c8:b1:69:8e:e9:77:08:a0:d4:d4:65:ff:0c:8d:
4c:82:cf:8e:9d:5c:e3:16:fa:76:51:7b:5f:ef:71:
4b:e6:ed:4f:44:8e:8e:d7:ce:64:41:b5:c2:1d:46:
a9:b3:a4:60:8b:eb:06:23:97:94:12:98:0e:d6:96:
c9:10:08:7b:68:df:cb:fa:50:ce:90:29:ac:15:92:
9f:e7:73:77:bc:79:74:ea:a1:a8:39:2d:d4:e0:3e:
c5:96:e7:f8:d0:ef:c6:36:df:43:3b:0e:eb:89:17:
67:99:7e:16:ad:b0:7b:21:f1:bb:84:7d:14:4f:5c:
c2:d8:e7:dc:24:2b:2e:d1:1f:9d:5b:25:77:8b:b5:
7f:37:d2:bb:34:94:2b:de:3d:60:02:e1:45:b9:9a:
c6:00:8f:b4:ce:c0:a6:6a:e9:ec:39:97:ab:91:07:
e7:e5:ca:85:a2:9a:9b:59:bc:93:bf:c2:22:0e:f2:
57:41:13:95:22:3b:48:2e:2e:d3:0f:88:a7:74:ae:
30:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1B:42:6D:9D:45:2E:29:56:66:FE:18:86:1D:DE:15:47:00:F7:2B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rhtCbZ1FLilWZv4Yhh3eFUcA9ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:de:43:71:a0:ff:22:96:e5:1b:3d:90:9b:e8:f8:e9:7d:c0:
e9:7c:f4:17:da:ba:88:0e:f8:c3:43:b3:3e:71:b8:c0:42:a4:
31:4a:23:97:88:f8:8d:43:5f:7a:0c:e4:b2:77:ed:ca:dd:b1:
96:a0:6c:ac:16:14:35:30:70:1b:37:0a:62:84:98:60:b5:1b:
bd:59:07:45:2b:b5:bc:5b:f5:76:2f:d5:b9:eb:d4:3b:3d:98:
fa:94:4c:f0:cf:fe:14:a0:2c:e4:1b:fb:d1:d2:c3:94:e7:c4:
16:14:49:d4:7b:87:b4:5d:0e:f1:d8:cb:f0:2b:2f:00:e8:a8:
80:ac:94:3d:a5:7e:ba:69:26:4b:6d:99:5e:11:16:cd:45:e2:
13:37:87:3a:c5:e9:ce:b6:94:39:66:e6:27:8a:e6:7f:e1:d5:
b3:6a:fe:b6:99:4c:ce:84:d4:b8:88:61:d6:38:e2:cc:03:6c:
5e:a7:e4:83:fc:1a:33:d9:7d:a2:03:f4:4f:a8:03:ee:bc:16:
2f:33:f8:ec:0e:92:91:97:4b:25:a6:10:46:06:96:06:cd:b0:
fd:d2:4c:eb:12:17:56:81:8b:29:fc:76:ad:bf:b8:ff:cd:6b:
9f:19:da:0c:b9:1f:12:f6:b4:a8:fa:8d:86:a1:4d:24:f2:fc:
96:00:7f:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYa6ug4RMJ7y/ABwou7/qACLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA3MDYyMDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTFiNDI2ZDlkNDUyZTI5NTY2NmZlMTg4NjFkZGUxNTQ3MDBmNzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPpW5fsY2gBJBJf3G/4KQr8b7URx
3l9YvwN8/eA3lSWgtH114XpOfJ41r1924tkk1ru5blggs6CM7GyOyLFpjul3CKDU
1GX/DI1Mgs+OnVzjFvp2UXtf73FL5u1PRI6O185kQbXCHUaps6Rgi+sGI5eUEpgO
1pbJEAh7aN/L+lDOkCmsFZKf53N3vHl06qGoOS3U4D7Fluf40O/GNt9DOw7riRdn
mX4WrbB7IfG7hH0UT1zC2OfcJCsu0R+dWyV3i7V/N9K7NJQr3j1gAuFFuZrGAI+0
zsCmaunsOZerkQfn5cqFopqbWbyTv8IiDvJXQROVIjtILi7TD4indK4wDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK4bQm2dRS4pVmb+GIYd3hVHAPcrMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcmh0Q2JaMUZMaWxXWnY0WWhoM2VGVWNBOXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGjeQ3Gg/yKW5Rs9kJvo
+Ol9wOl89BfauogO+MNDsz5xuMBCpDFKI5eI+I1DX3oM5LJ37crdsZagbKwWFDUw
cBs3CmKEmGC1G71ZB0Urtbxb9XYv1bnr1Ds9mPqUTPDP/hSgLOQb+9HSw5TnxBYU
SdR7h7RdDvHYy/ArLwDoqICslD2lfrppJkttmV4RFs1F4hM3hzrF6c62lDlm5ieK
5n/h1bNq/raZTM6E1LiIYdY44swDbF6n5IP8GjPZfaID9E+oA+68Fi8z+OwOkpGX
SyWmEEYGlgbNsP3STOsSF1aBiyn8dq2/uP/Na58Z2gy5HxL2tKj6jYahTSTy/JYA
f6k=
-----END CERTIFICATE-----
Generated at Thu May 1 00:12:22 2025 by rpki-client