Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sPzv88POTErXGxyxa62r9y0O3vk.roa
File: sPzv88POTErXGxyxa62r9y0O3vk.roa (raw, json)
Hash identifier: TGwTOQyOjiWqCXTk3XVhS51fRW6dkz4EGodb5Xse5xU=
Subject key identifier: B0:FC:EF:F3:C3:CE:4C:4A:D7:1B:1C:B1:6B:AD:AB:F7:2D:0E:DE:F9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186922735F7F54F8DC084BB0CB68809E559
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sPzv88POTErXGxyxa62r9y0O3vk.roa
Signing time: Mon 27 Feb 2023 09:14:48 +0000
ROA not before: Mon 27 Feb 2023 09:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:27:35:f7:f5:4f:8d:c0:84:bb:0c:b6:88:09:e5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 27 09:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0fceff3c3ce4c4ad71b1cb16badabf72d0edef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b0:58:80:89:14:00:69:65:a2:3b:7d:8f:76:
e5:f9:7e:6a:31:15:a7:87:e2:89:07:00:d3:a9:9f:
e3:4f:f0:61:cb:1d:0d:4f:c1:b0:1c:3e:29:5c:de:
8c:44:1e:09:2a:23:c3:9e:e4:32:c5:66:76:65:d4:
35:93:a4:ea:3e:7b:35:b6:38:94:36:73:60:fb:01:
83:3a:be:3e:b1:f5:e5:02:4e:fc:aa:ac:20:e8:08:
f8:b7:2b:fe:e4:0e:69:26:2c:87:42:75:bf:2e:09:
53:19:0b:11:09:c0:35:83:d8:63:03:b5:b8:51:66:
03:9a:b0:57:89:37:73:d7:28:1f:9f:77:c1:bd:e4:
1a:d7:02:21:02:19:b9:04:5b:b6:9f:c6:fb:59:dc:
30:e7:d6:ad:c7:c8:d3:fe:0b:96:a5:c8:e4:86:2a:
b2:de:8c:7f:e9:e0:04:6d:aa:25:f0:69:a8:61:84:
54:80:eb:51:d9:22:9a:12:75:d2:b2:67:6d:35:e9:
17:94:0e:5a:f9:0b:a7:60:f9:8e:9d:d2:2f:ff:b3:
0d:b7:50:21:cb:ad:18:fe:f8:1d:5c:9e:97:44:45:
2b:59:db:41:13:9e:04:08:f6:a3:50:62:d1:7e:41:
6e:2e:59:cb:2e:8b:6f:69:72:2b:a8:4b:c3:7c:fb:
4a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:FC:EF:F3:C3:CE:4C:4A:D7:1B:1C:B1:6B:AD:AB:F7:2D:0E:DE:F9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sPzv88POTErXGxyxa62r9y0O3vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:ae:67:bd:5e:4f:80:31:5e:bd:2a:c8:a2:59:94:91:17:13:
d9:99:ba:f7:6d:d0:72:4b:84:92:27:38:98:26:7a:5d:61:f6:
48:b4:dc:3a:b0:f6:7b:da:36:81:1e:ba:5c:de:cd:05:34:84:
08:a8:04:98:ff:b9:89:94:08:4a:9f:1b:c8:4f:77:86:45:2f:
6c:07:c4:e3:99:28:6d:29:00:3d:b1:22:2c:11:0b:7f:ad:e4:
69:45:72:80:e4:59:67:55:48:c0:d1:67:d1:e5:84:12:5c:80:
cf:28:e1:de:34:a8:c2:d6:22:db:e6:18:3a:02:9e:45:65:01:
a8:2d:d2:f3:63:31:04:a4:9b:d9:36:b4:0c:c8:ed:36:6b:b4:
34:0e:8e:9d:29:db:ca:cd:72:95:3e:ae:c3:f7:fb:d7:12:39:
7c:82:88:43:a2:3e:f4:4a:d6:54:68:d9:ba:92:06:f4:94:ac:
67:24:8e:1f:f8:60:a9:74:ba:ef:d3:51:17:f4:67:6e:2f:5f:
a9:bb:94:fa:38:5f:f7:16:d5:16:46:d0:a8:63:6c:7e:9b:a6:
0a:08:71:f2:84:69:fa:70:b4:65:f2:bd:28:48:5a:0f:e6:24:
c6:b1:cb:47:a4:ee:2a:3b:41:93:73:f9:bf:11:29:12:3b:4a:
a7:65:51:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaSJzX39U+NwIS7DLaICeVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI3MDkxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGZjZWZmM2MzY2U0YzRhZDcxYjFjYjE2YmFkYWJmNzJkMGVkZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rBYgIkUAGllojt9j3bl+X5qMRWn
h+KJBwDTqZ/jT/Bhyx0NT8GwHD4pXN6MRB4JKiPDnuQyxWZ2ZdQ1k6TqPns1tjiU
NnNg+wGDOr4+sfXlAk78qqwg6Aj4tyv+5A5pJiyHQnW/LglTGQsRCcA1g9hjA7W4
UWYDmrBXiTdz1ygfn3fBveQa1wIhAhm5BFu2n8b7Wdww59atx8jT/guWpcjkhiqy
3ox/6eAEbaol8GmoYYRUgOtR2SKaEnXSsmdtNekXlA5a+QunYPmOndIv/7MNt1Ah
y60Y/vgdXJ6XREUrWdtBE54ECPajUGLRfkFuLlnLLotvaXIrqEvDfPtKYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLD87/PDzkxK1xscsWutq/ctDt75MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvc1B6djg4UE9URXJYR3h5eGE2MnI5eTBPM3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAASuZ71eT4AxXr0qyKJZ
lJEXE9mZuvdt0HJLhJInOJgmel1h9ki03Dqw9nvaNoEeulzezQU0hAioBJj/uYmU
CEqfG8hPd4ZFL2wHxOOZKG0pAD2xIiwRC3+t5GlFcoDkWWdVSMDRZ9HlhBJcgM8o
4d40qMLWItvmGDoCnkVlAagt0vNjMQSkm9k2tAzI7TZrtDQOjp0p28rNcpU+rsP3
+9cSOXyCiEOiPvRK1lRo2bqSBvSUrGckjh/4YKl0uu/TURf0Z24vX6m7lPo4X/cW
1RZG0KhjbH6bpgoIcfKEafpwtGXyvShIWg/mJMaxy0ek7io7QZNz+b8RKRI7Sqdl
UfA=
-----END CERTIFICATE-----
Generated at Thu May 1 04:01:36 2025 by rpki-client