Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sXZSivkVW8TM6wO09C_EFwe_ShY.roa
File: sXZSivkVW8TM6wO09C_EFwe_ShY.roa (raw, json)
Hash identifier: SHNDERug/hHVNRJb5ml2cqBmmjhwKnIAgzS/P8RYHpM=
Subject key identifier: B1:76:52:8A:F9:15:5B:C4:CC:EB:03:B4:F4:2F:C4:17:07:BF:4A:16
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3D1B62EA5BEB605B504E2487403CF45B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sXZSivkVW8TM6wO09C_EFwe_ShY.roa
Signing time: Mon 28 Aug 2023 17:05:19 +0000
ROA not before: Mon 28 Aug 2023 17:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:3d1a:7cc8/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3d:1b:62:ea:5b:eb:60:5b:50:4e:24:87:40:3c:f4:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 17:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b176528af9155bc4cceb03b4f42fc41707bf4a16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:03:19:0e:6b:eb:bd:5b:45:09:77:43:6a:fb:
c4:e3:f7:58:11:b7:b1:a5:b9:87:8d:5a:2d:d2:2f:
0d:6b:0a:03:86:26:31:83:8a:c6:55:f8:dc:32:36:
bd:49:9b:c7:7b:d4:d9:18:7b:4e:9b:4e:94:10:e6:
4e:c4:f4:70:0d:97:91:6a:86:fb:66:a1:f8:1e:89:
19:6e:1b:2f:50:74:25:6d:4a:4d:24:10:79:bd:8d:
f6:c6:fd:2c:81:4e:4a:38:2d:d0:76:6e:26:6f:4f:
f2:85:d8:ca:27:be:bf:35:9b:e1:77:c8:3d:f9:c2:
de:15:0e:0a:a2:76:98:d4:e3:49:cf:65:00:94:09:
e9:c6:77:69:f4:6f:49:1c:b3:8e:06:7d:86:91:0c:
85:6e:bd:54:ac:59:31:fb:56:7b:ee:14:36:ae:9f:
00:40:cc:36:e6:08:d0:ed:81:e5:1d:56:3f:bf:fc:
92:fd:47:ce:a6:d0:19:76:be:de:4b:7c:1c:41:31:
c9:db:4e:e5:fc:56:1d:b3:9b:43:34:d1:e6:c0:7c:
ef:b9:08:57:5d:7c:83:3a:15:38:3a:e3:d1:d2:fa:
72:de:15:dd:45:45:ae:1c:21:4e:30:43:b3:aa:67:
70:99:25:ad:a7:8b:20:7d:67:90:bc:4e:0b:58:48:
48:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:76:52:8A:F9:15:5B:C4:CC:EB:03:B4:F4:2F:C4:17:07:BF:4A:16
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sXZSivkVW8TM6wO09C_EFwe_ShY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:8c:da:99:cc:e5:67:7f:03:73:05:2f:a6:94:07:b1:c7:93:
3f:da:60:58:a8:37:fe:15:bf:ee:5a:61:eb:16:e6:8e:b0:a7:
c0:94:de:84:6e:a9:36:21:9b:52:58:9d:41:9f:84:80:c2:24:
21:71:c2:e4:91:1e:f3:6a:bc:c6:d9:86:f9:dd:5a:37:03:3c:
5d:73:4e:f9:06:f3:03:eb:d2:98:2f:8b:fb:0c:77:30:a9:bd:
61:c8:91:b0:cc:8a:1a:30:a2:2e:98:a3:60:cb:1d:2e:a2:4d:
ca:7d:9f:ab:1f:c5:0c:4d:a0:3d:33:1d:30:f8:39:65:1d:e1:
9c:54:54:61:2c:80:df:b8:bd:fe:73:e6:d9:bb:a5:7f:34:1e:
40:07:ae:52:ab:1f:2a:f7:81:24:87:a8:fb:6c:2b:14:a1:b7:
6f:db:9b:51:b2:3b:b9:56:3f:73:18:7b:49:8e:58:2f:57:9f:
ff:d0:71:12:c3:ae:de:bb:da:d6:e0:a4:14:53:1f:91:4a:0b:
28:47:1a:1c:44:28:91:d5:a9:25:cb:43:62:62:92:dc:85:24:
90:ff:4e:51:cd:eb:df:0a:32:d5:bf:1c:20:ad:cc:7c:19:af:
a5:c8:70:9e:27:ac:09:d6:28:6a:98:6d:b4:75:57:5c:95:d4:
c4:03:b4:fc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo9G2LqW+tgW1BOJIdAPPRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI4MTcwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTc2NTI4YWY5MTU1YmM0Y2NlYjAzYjRmNDJmYzQxNzA3YmY0YTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAMZDmvrvVtFCXdDavvE4/dYEbex
pbmHjVot0i8NawoDhiYxg4rGVfjcMja9SZvHe9TZGHtOm06UEOZOxPRwDZeRaob7
ZqH4HokZbhsvUHQlbUpNJBB5vY32xv0sgU5KOC3Qdm4mb0/yhdjKJ76/NZvhd8g9
+cLeFQ4KonaY1ONJz2UAlAnpxndp9G9JHLOOBn2GkQyFbr1UrFkx+1Z77hQ2rp8A
QMw25gjQ7YHlHVY/v/yS/UfOptAZdr7eS3wcQTHJ207l/FYds5tDNNHmwHzvuQhX
XXyDOhU4OuPR0vpy3hXdRUWuHCFOMEOzqmdwmSWtp4sgfWeQvE4LWEhItQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLF2Uor5FVvEzOsDtPQvxBcHv0oWMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvc1haU2l2a1ZXOFRNNndPMDlDX0VGd2VfU2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ2M2pnM5Wd/A3MFL6aU
B7HHkz/aYFioN/4Vv+5aYesW5o6wp8CU3oRuqTYhm1JYnUGfhIDCJCFxwuSRHvNq
vMbZhvndWjcDPF1zTvkG8wPr0pgvi/sMdzCpvWHIkbDMihowoi6Yo2DLHS6iTcp9
n6sfxQxNoD0zHTD4OWUd4ZxUVGEsgN+4vf5z5tm7pX80HkAHrlKrHyr3gSSHqPts
KxSht2/bm1GyO7lWP3MYe0mOWC9Xn//QcRLDrt672tbgpBRTH5FKCyhHGhxEKJHV
qSXLQ2JiktyFJJD/TlHN698KMtW/HCCtzHwZr6XIcJ4nrAnWKGqYbbR1V1yV1MQD
tPw=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:13:42 2025 by rpki-client