Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rzMn-DmFc9J5gFvdWHnOPare2vw.roa
File: rzMn-DmFc9J5gFvdWHnOPare2vw.roa (raw, json)
Hash identifier: Ctd7GGChzmKFuxCIAJKRx/RLB07a6EiisT6EMb09abU=
Subject key identifier: AF:33:27:F8:39:85:73:D2:79:80:5B:DD:58:79:CE:3D:AA:DE:DA:FC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869B21C0E9DC7697FF79086FFFEE21BBE2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rzMn-DmFc9J5gFvdWHnOPare2vw.roa
Signing time: Wed 01 Mar 2023 03:05:25 +0000
ROA not before: Wed 01 Mar 2023 03:05:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9b21:1c48/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9b:21:c0:e9:dc:76:97:ff:79:08:6f:ff:ee:21:bb:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 1 03:05:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af3327f8398573d279805bdd5879ce3daadedafc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:af:b8:76:b9:62:10:83:3e:b7:e8:22:42:8a:
63:e3:3a:5d:8e:8f:8a:93:0d:7f:10:b4:ba:75:64:
00:4f:f5:b2:bb:d5:b9:f0:dd:f4:6a:b9:45:61:6e:
2b:31:46:d3:97:b6:98:77:14:ac:33:89:19:b4:11:
b6:c0:d2:ad:24:f7:88:18:6c:f7:6a:b2:6c:11:f5:
03:dc:c6:d9:72:3c:c1:39:80:95:e4:c2:2a:ae:4d:
ee:bf:d7:42:d0:13:08:ed:e6:5b:00:d6:c1:c7:1a:
1a:29:fb:87:94:c4:ff:4f:55:14:ef:f0:4b:e9:ad:
23:63:17:5a:95:01:a0:cb:52:89:ab:ef:7c:0b:09:
0b:8b:2e:a6:52:fc:45:4b:06:3d:49:47:7d:65:17:
c9:1b:53:86:3c:f8:56:b2:49:5e:6b:4b:13:53:6c:
da:41:31:11:ab:7b:f7:a4:01:12:93:88:99:21:59:
2a:97:05:72:15:a5:a4:08:79:c7:fe:1a:74:57:f4:
3c:d7:d0:a2:d7:b2:32:24:be:a7:9d:db:ba:a9:44:
5f:af:d3:62:94:02:fb:73:10:43:f2:4a:20:44:23:
21:bd:ef:8d:72:04:c7:61:73:62:71:6d:d1:77:7a:
36:c7:64:ac:a1:20:8e:ef:42:7d:e6:ef:e8:f1:c9:
91:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:33:27:F8:39:85:73:D2:79:80:5B:DD:58:79:CE:3D:AA:DE:DA:FC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rzMn-DmFc9J5gFvdWHnOPare2vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:b5:04:bf:cf:67:ae:ff:fc:b1:13:a9:f5:94:ce:62:0a:ad:
7a:f8:84:5a:a8:d4:15:d6:fa:9a:96:9a:df:10:1b:a2:c5:1e:
c9:6b:b6:d1:5d:a3:b8:6b:5b:95:7c:42:1b:02:b2:44:9f:93:
ed:83:e0:9e:00:a8:73:63:db:b4:f0:94:a8:94:a1:83:8c:d6:
ca:6e:c3:b7:36:c7:53:48:2e:87:c7:cf:58:fc:04:47:cb:7e:
34:da:ee:34:07:a2:e1:f9:e3:6d:61:ef:24:5b:dd:2c:9b:5a:
47:29:1c:7a:6d:e3:db:e9:10:96:47:c2:b8:d3:98:be:60:22:
90:6c:71:d0:21:6f:45:41:bf:f4:f7:cf:76:0f:3c:be:c7:92:
38:af:8d:1d:61:11:38:67:63:ab:c2:e1:29:bf:5a:3a:d5:45:
07:44:5b:5e:f3:d1:64:4f:17:89:f3:c1:6c:b8:a4:53:d3:38:
04:1c:8e:bc:e0:57:a6:f6:0b:f3:e3:5a:82:e0:7e:6a:3b:1c:
8e:42:fe:e8:a0:33:28:35:45:cf:20:dc:d3:6d:4a:9a:32:3a:
cd:14:4c:be:8b:07:08:0b:fe:b3:f1:49:a8:be:b8:53:64:5b:
90:d2:95:f6:7b:5e:e2:a1:c2:26:4c:dd:c7:b5:ff:45:f4:20:
d6:19:d0:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYabIcDp3HaX/3kIb//uIbviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAxMDMwNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjMzMjdmODM5ODU3M2QyNzk4MDViZGQ1ODc5Y2UzZGFhZGVkYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAia+4drliEIM+t+giQopj4zpdjo+K
kw1/ELS6dWQAT/Wyu9W58N30arlFYW4rMUbTl7aYdxSsM4kZtBG2wNKtJPeIGGz3
arJsEfUD3MbZcjzBOYCV5MIqrk3uv9dC0BMI7eZbANbBxxoaKfuHlMT/T1UU7/BL
6a0jYxdalQGgy1KJq+98CwkLiy6mUvxFSwY9SUd9ZRfJG1OGPPhWsklea0sTU2za
QTERq3v3pAESk4iZIVkqlwVyFaWkCHnH/hp0V/Q819Ci17IyJL6nndu6qURfr9Ni
lAL7cxBD8kogRCMhve+NcgTHYXNicW3Rd3o2x2SsoSCO70J95u/o8cmR7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK8zJ/g5hXPSeYBb3Vh5zj2q3tr8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcnpNbi1EbUZjOUo1Z0Z2ZFdIbk9QYXJlMnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABm1BL/PZ67//LETqfWU
zmIKrXr4hFqo1BXW+pqWmt8QG6LFHslrttFdo7hrW5V8QhsCskSfk+2D4J4AqHNj
27TwlKiUoYOM1spuw7c2x1NILofHz1j8BEfLfjTa7jQHouH5421h7yRb3SybWkcp
HHpt49vpEJZHwrjTmL5gIpBscdAhb0VBv/T3z3YPPL7HkjivjR1hEThnY6vC4Sm/
WjrVRQdEW17z0WRPF4nzwWy4pFPTOAQcjrzgV6b2C/PjWoLgfmo7HI5C/uigMyg1
Rc8g3NNtSpoyOs0UTL6LBwgL/rPxSai+uFNkW5DSlfZ7XuKhwiZM3ce1/0X0INYZ
0L4=
-----END CERTIFICATE-----
Generated at Thu May 1 07:23:09 2025 by rpki-client