Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rnDYZevSPf8434q-wTG4i0lI3sA.roa
File: rnDYZevSPf8434q-wTG4i0lI3sA.roa (raw, json)
Hash identifier: q8ZtYBsHYrlp928PS5Zt4BmbPcXxfDATtHghqPOEZiI=
Subject key identifier: AE:70:D8:65:EB:D2:3D:FF:38:DF:8A:BE:C1:31:B8:8B:49:48:DE:C0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018697138A80C86860A2FFC7621E29B27DCC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rnDYZevSPf8434q-wTG4i0lI3sA.roa
Signing time: Tue 28 Feb 2023 08:11:25 +0000
ROA not before: Tue 28 Feb 2023 08:11:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:13:8a:80:c8:68:60:a2:ff:c7:62:1e:29:b2:7d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 28 08:11:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae70d865ebd23dff38df8abec131b88b4948dec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d5:c4:94:bb:b0:4d:69:54:3b:8b:8d:7d:2c:
cc:3b:da:88:f4:83:8b:ac:9f:f0:4b:e7:45:dc:65:
91:cc:5b:e5:06:90:b3:92:44:75:17:5a:97:ac:93:
3c:1c:78:c2:34:dc:3e:0a:a4:58:33:96:b1:42:74:
15:95:6d:97:d0:30:7e:b4:11:e9:78:ed:7c:64:8e:
59:71:2e:2c:22:d4:63:b0:50:3e:5b:12:22:90:7a:
f4:d1:9b:bb:90:6f:96:84:05:c0:e9:37:90:d9:91:
a4:80:1e:78:6d:ad:82:66:68:d5:1c:43:08:0a:17:
15:38:60:da:ce:5d:96:02:9d:dd:b8:5b:3a:6f:0f:
7e:54:63:04:1e:14:f7:4f:03:55:e6:1c:55:fd:e2:
e7:36:be:ff:5a:4f:84:56:db:5f:f2:7b:8a:8f:a0:
88:ac:3c:b5:ee:bd:47:ce:18:10:a3:11:41:bc:95:
63:44:aa:f5:35:42:2b:18:fa:86:7c:93:84:96:01:
ae:e6:c2:df:74:c0:3b:57:c9:c8:8b:48:7e:28:33:
9f:4c:e1:06:2a:bf:00:89:53:27:38:10:75:1b:ef:
1b:50:6b:51:48:9b:50:ee:8c:f5:64:9d:34:3f:bd:
40:b0:75:54:38:0d:65:fa:55:1e:f7:a7:1a:4b:52:
6c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:70:D8:65:EB:D2:3D:FF:38:DF:8A:BE:C1:31:B8:8B:49:48:DE:C0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rnDYZevSPf8434q-wTG4i0lI3sA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:10:2a:2e:66:4e:ed:16:23:80:99:81:3b:66:6f:b2:63:0a:
6e:ab:d6:e1:b6:3b:90:80:b3:3a:e7:82:78:33:11:70:e5:f5:
e5:d6:ae:3c:2b:38:20:a5:85:51:d9:e2:07:44:df:d4:de:7a:
ef:78:41:ec:92:30:56:1a:4d:5a:df:35:83:0e:a9:d3:18:64:
8c:14:8a:b9:84:28:32:18:cb:e4:d6:53:ee:24:6c:d2:01:81:
82:0d:42:ab:56:01:8d:36:ba:56:9b:09:c7:3c:82:3b:57:35:
f4:4a:be:e3:43:36:c7:bb:fe:43:7a:39:da:fd:89:a1:f8:66:
13:99:b7:6f:7c:23:a9:6e:0b:5d:b9:5c:c5:09:54:4b:3a:91:
fa:67:42:ec:e4:75:d9:e3:86:29:c1:9a:4e:d1:d8:96:97:0e:
b9:de:ac:78:d8:a9:79:f0:31:18:14:97:b0:cc:67:bd:5a:a2:
f1:f4:bc:8e:6c:f4:c7:2d:14:c4:3e:4e:ee:64:fa:67:84:5b:
10:0b:b4:fb:cb:b0:22:52:92:67:1d:56:22:39:04:29:cd:90:
39:7e:fd:56:09:6d:07:30:fc:78:1c:55:1c:6f:1f:d5:a2:2b:
ec:6f:82:11:5b:15:0f:1b:d0:ab:35:69:7a:f8:cb:78:ce:3e:
9a:19:94:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaXE4qAyGhgov/HYh4psn3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI4MDgxMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTcwZDg2NWViZDIzZGZmMzhkZjhhYmVjMTMxYjg4YjQ5NDhkZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNXElLuwTWlUO4uNfSzMO9qI9IOL
rJ/wS+dF3GWRzFvlBpCzkkR1F1qXrJM8HHjCNNw+CqRYM5axQnQVlW2X0DB+tBHp
eO18ZI5ZcS4sItRjsFA+WxIikHr00Zu7kG+WhAXA6TeQ2ZGkgB54ba2CZmjVHEMI
ChcVOGDazl2WAp3duFs6bw9+VGMEHhT3TwNV5hxV/eLnNr7/Wk+EVttf8nuKj6CI
rDy17r1HzhgQoxFBvJVjRKr1NUIrGPqGfJOElgGu5sLfdMA7V8nIi0h+KDOfTOEG
Kr8AiVMnOBB1G+8bUGtRSJtQ7oz1ZJ00P71AsHVUOA1l+lUe96caS1JsvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK5w2GXr0j3/ON+KvsExuItJSN7AMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcm5EWVpldlNQZjg0MzRxLXdURzRpMGxJM3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGkQKi5mTu0WI4CZgTtm
b7JjCm6r1uG2O5CAszrngngzEXDl9eXWrjwrOCClhVHZ4gdE39Teeu94QeySMFYa
TVrfNYMOqdMYZIwUirmEKDIYy+TWU+4kbNIBgYINQqtWAY02ulabCcc8gjtXNfRK
vuNDNse7/kN6Odr9iaH4ZhOZt298I6luC125XMUJVEs6kfpnQuzkddnjhinBmk7R
2JaXDrnerHjYqXnwMRgUl7DMZ71aovH0vI5s9MctFMQ+Tu5k+meEWxALtPvLsCJS
kmcdViI5BCnNkDl+/VYJbQcw/HgcVRxvH9WiK+xvghFbFQ8b0Ks1aXr4y3jOPpoZ
lGQ=
-----END CERTIFICATE-----
Generated at Thu May 1 10:09:21 2025 by rpki-client