Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sUSfSNP1QEHQxiO5krisZ2ZkYbo.roa
File: sUSfSNP1QEHQxiO5krisZ2ZkYbo.roa (raw, json)
Hash identifier: HUHVVji7wBDuRiEGcKmJZe6+MtVbt70hvJxQiYZNRW4=
Subject key identifier: B1:44:9F:48:D3:F5:40:41:D0:C6:23:B9:92:B8:AC:67:66:64:61:BA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186857F90EEFAE1658B777A11F28EF30F62
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sUSfSNP1QEHQxiO5krisZ2ZkYbo.roa
Signing time: Fri 24 Feb 2023 22:16:15 +0000
ROA not before: Fri 24 Feb 2023 22:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:85:7f:90:ee:fa:e1:65:8b:77:7a:11:f2:8e:f3:0f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 24 22:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1449f48d3f54041d0c623b992b8ac67666461ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:37:37:ff:85:c3:c0:0f:2b:40:82:c4:b5:09:
b9:ac:96:1a:95:25:d7:14:a8:c3:97:83:0d:9d:22:
15:55:be:db:ea:5f:a9:89:d7:f9:b4:aa:a5:ca:8a:
d1:0b:8b:ef:2f:55:c8:5d:5b:e8:71:01:96:ac:17:
fb:a4:56:bc:df:2f:29:a0:dc:fe:50:c8:d1:4c:55:
6b:cb:eb:f1:a1:f8:56:11:0c:b2:95:4d:04:7a:e6:
26:04:fe:2a:6f:41:43:61:23:56:fa:b7:9e:9c:c3:
e1:bd:c9:b6:42:23:d7:db:8d:02:71:07:35:d8:0b:
e2:02:80:e1:83:c0:cd:f0:5b:c2:2f:f6:c9:69:a8:
07:31:59:cf:75:f2:13:f0:98:0b:e3:a5:65:7f:db:
25:8a:a0:5f:94:2a:c9:eb:92:13:68:e0:a2:ca:8c:
79:b9:57:66:6a:10:10:3e:3d:ef:a8:15:70:41:6f:
8b:2e:e6:22:db:69:e7:ee:f9:8b:66:fe:1a:e8:fc:
df:6e:e8:fc:99:16:42:13:78:73:0d:a7:8e:dc:25:
ea:0b:ad:a7:4a:3d:73:e9:ad:c3:2e:88:a0:06:65:
57:de:c9:c4:f3:48:cf:1c:d0:02:c0:fc:2f:9c:44:
71:e8:76:a9:3c:9f:c8:c1:d0:0b:ee:59:a0:7b:5c:
d3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:44:9F:48:D3:F5:40:41:D0:C6:23:B9:92:B8:AC:67:66:64:61:BA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sUSfSNP1QEHQxiO5krisZ2ZkYbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:7c:4c:6d:0d:8c:58:a6:45:40:71:02:2d:4f:dd:bd:5a:90:
92:76:3c:ce:38:93:7e:6f:fe:dc:45:b7:b3:3a:27:fa:86:a0:
66:41:df:75:ad:d9:9c:3a:7d:95:77:a7:3a:40:8d:06:14:b0:
56:a4:dc:75:e9:19:c9:10:d7:a7:c0:11:8a:e0:dc:73:bc:3f:
88:da:47:f7:62:02:ec:1e:c1:1e:5e:1d:36:9d:1a:7d:47:8f:
2e:4e:ab:7c:87:4b:88:a3:db:7f:e6:45:a1:11:8e:c5:36:c1:
d9:0c:a9:2c:70:e4:85:e3:33:a3:24:4f:f5:60:e8:e3:d7:34:
b7:ab:55:00:15:1a:d2:da:b8:34:1e:fb:f3:cc:7a:ed:63:4d:
8b:b5:fc:92:a1:8c:5b:af:2d:27:17:20:54:c2:ca:61:96:9e:
e3:5a:96:c8:9b:e6:2b:4d:0e:31:37:df:4c:e8:de:a6:46:07:
dd:9b:6e:57:04:38:4f:28:b8:a8:00:6d:3a:a0:3f:02:80:94:
5d:e4:98:2a:b1:be:b3:ac:49:e7:6e:e4:b5:ab:8f:0a:4f:6e:
e6:18:b4:f2:cc:54:05:b3:c4:10:2a:1d:50:57:67:62:68:19:
09:70:09:e8:50:80:2b:5d:52:4b:b5:38:a4:1f:ba:5f:8a:70:
0f:42:76:06
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaFf5Du+uFli3d6EfKO8w9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI0MjIxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQ0OWY0OGQzZjU0MDQxZDBjNjIzYjk5MmI4YWM2NzY2NjQ2MWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTc3/4XDwA8rQILEtQm5rJYalSXX
FKjDl4MNnSIVVb7b6l+pidf5tKqlyorRC4vvL1XIXVvocQGWrBf7pFa83y8poNz+
UMjRTFVry+vxofhWEQyylU0EeuYmBP4qb0FDYSNW+reenMPhvcm2QiPX240CcQc1
2AviAoDhg8DN8FvCL/bJaagHMVnPdfIT8JgL46Vlf9sliqBflCrJ65ITaOCiyox5
uVdmahAQPj3vqBVwQW+LLuYi22nn7vmLZv4a6Pzfbuj8mRZCE3hzDaeO3CXqC62n
Sj1z6a3DLoigBmVX3snE80jPHNACwPwvnERx6HapPJ/IwdAL7lmge1zTgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLFEn0jT9UBB0MYjuZK4rGdmZGG6MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvc1VTZlNOUDFRRUhReGlPNWtyaXNaMlprWWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAp8TG0NjFimRUBxAi1P
3b1akJJ2PM44k35v/txFt7M6J/qGoGZB33Wt2Zw6fZV3pzpAjQYUsFak3HXpGckQ
16fAEYrg3HO8P4jaR/diAuwewR5eHTadGn1Hjy5Oq3yHS4ij23/mRaERjsU2wdkM
qSxw5IXjM6MkT/Vg6OPXNLerVQAVGtLauDQe+/PMeu1jTYu1/JKhjFuvLScXIFTC
ymGWnuNalsib5itNDjE330zo3qZGB92bblcEOE8ouKgAbTqgPwKAlF3kmCqxvrOs
Sedu5LWrjwpPbuYYtPLMVAWzxBAqHVBXZ2JoGQlwCehQgCtdUku1OKQful+KcA9C
dgY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:20:18 2025 by rpki-client