Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sZVNEoAGP4g9kz_oC86mAtvK1hA.roa
File: sZVNEoAGP4g9kz_oC86mAtvK1hA.roa (raw, json)
Hash identifier: cpl0xi1hmQIrVz2xIvRnnw3qL/24b25d2ZaF0LhgB2U=
Subject key identifier: B1:95:4D:12:80:06:3F:88:3D:93:3F:E8:0B:CE:A6:02:DB:CA:D6:10
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867754471BBEB64AEF9A15DC09D72E5CB5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sZVNEoAGP4g9kz_oC86mAtvK1hA.roa
Signing time: Wed 22 Feb 2023 04:14:17 +0000
ROA not before: Wed 22 Feb 2023 04:14:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:77:54:47:1b:be:b6:4a:ef:9a:15:dc:09:d7:2e:5c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 04:14:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1954d1280063f883d933fe80bcea602dbcad610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e3:8e:5b:26:a0:50:2c:f0:a5:6a:07:5d:e3:
1e:c1:ce:7e:00:9c:96:dc:88:cf:4d:24:c7:5b:d7:
97:84:47:94:42:6e:38:4b:eb:7d:bd:cc:aa:12:a9:
8d:fc:41:85:18:3c:da:37:31:94:cf:e3:60:d3:7f:
31:06:92:10:45:ce:72:39:e7:d4:1d:73:6e:1d:3c:
d9:d7:e6:44:b6:8b:d9:52:dc:28:40:4e:9e:01:e2:
57:e1:4b:0c:99:f6:05:f8:a3:9e:8e:e4:ff:eb:20:
09:56:0f:98:25:2e:5a:85:be:0f:b6:93:68:c6:37:
c9:4b:5a:29:8a:92:c6:ff:07:bb:d1:27:86:11:8c:
1b:9c:4e:b3:93:c6:16:47:b8:ad:74:92:49:82:4f:
12:dc:8a:43:8c:00:52:61:66:30:fc:98:6b:52:9d:
11:49:ce:06:c8:19:e4:6a:f7:f6:27:9d:f0:cc:a4:
31:48:2f:03:83:68:59:7a:ab:c7:0a:d9:35:8f:68:
40:0b:b0:50:48:79:57:50:41:db:aa:82:5e:ed:b6:
32:04:db:b5:7d:15:b2:1a:c5:f9:5b:67:9f:6d:51:
8b:a4:fb:51:4f:70:65:b4:1e:eb:11:a9:77:15:d6:
9d:33:54:1a:7a:40:36:9e:7c:fc:0b:be:e3:e4:be:
f5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:95:4D:12:80:06:3F:88:3D:93:3F:E8:0B:CE:A6:02:DB:CA:D6:10
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sZVNEoAGP4g9kz_oC86mAtvK1hA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:5f:bc:00:a1:f6:8b:16:50:60:72:fb:e0:c8:11:c9:65:11:
69:df:c8:61:fe:d4:fb:b7:d2:60:64:3f:fd:38:62:53:0f:41:
a4:82:72:d0:9f:b2:06:19:fc:36:bc:92:dd:f5:72:6f:07:e2:
65:d3:9e:73:15:61:e8:51:58:63:c3:f3:fc:29:9b:9d:55:e0:
0d:71:34:81:ed:85:9c:6e:75:86:5c:9f:ae:c3:a9:98:91:2d:
ac:de:4f:cd:f5:f2:93:69:2c:80:d6:48:d1:72:19:e8:b5:8f:
10:bc:03:75:dd:75:4e:b0:da:ad:df:c2:9f:a2:ca:f6:a3:a5:
6c:00:0e:fc:d4:57:ac:66:70:c1:74:e9:9e:8a:34:70:b1:49:
cc:f4:13:b8:be:9b:5e:43:41:e4:61:16:8b:35:d8:a7:cb:b5:
34:51:a3:32:4d:a1:61:e8:28:33:2c:3f:21:8b:29:d6:5c:bd:
84:0d:10:59:c9:fd:28:33:30:d6:63:82:d9:52:e5:ab:62:db:
27:7b:47:0f:44:cb:63:62:c7:08:43:7c:90:34:78:69:e2:29:
dc:fc:33:20:11:d8:c7:ab:ab:d9:c0:1b:4a:e3:58:a8:de:53:
07:a9:03:d1:89:5e:fb:b4:a2:42:9d:11:19:61:cc:5e:09:59:
16:02:e2:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ3VEcbvrZK75oV3AnXLly1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMDQxNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTk1NGQxMjgwMDYzZjg4M2Q5MzNmZTgwYmNlYTYwMmRiY2FkNjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleOOWyagUCzwpWoHXeMewc5+AJyW
3IjPTSTHW9eXhEeUQm44S+t9vcyqEqmN/EGFGDzaNzGUz+Ng038xBpIQRc5yOefU
HXNuHTzZ1+ZEtovZUtwoQE6eAeJX4UsMmfYF+KOejuT/6yAJVg+YJS5ahb4PtpNo
xjfJS1opipLG/we70SeGEYwbnE6zk8YWR7itdJJJgk8S3IpDjABSYWYw/JhrUp0R
Sc4GyBnkavf2J53wzKQxSC8Dg2hZeqvHCtk1j2hAC7BQSHlXUEHbqoJe7bYyBNu1
fRWyGsX5W2efbVGLpPtRT3BltB7rEal3FdadM1QaekA2nnz8C77j5L71UQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLGVTRKABj+IPZM/6AvOpgLbytYQMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvc1pWTkVvQUdQNGc5a3pfb0M4Nm1BdHZLMWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGlfvACh9osWUGBy++DI
EcllEWnfyGH+1Pu30mBkP/04YlMPQaSCctCfsgYZ/Da8kt31cm8H4mXTnnMVYehR
WGPD8/wpm51V4A1xNIHthZxudYZcn67DqZiRLazeT8318pNpLIDWSNFyGei1jxC8
A3XddU6w2q3fwp+iyvajpWwADvzUV6xmcMF06Z6KNHCxScz0E7i+m15DQeRhFos1
2KfLtTRRozJNoWHoKDMsPyGLKdZcvYQNEFnJ/SgzMNZjgtlS5ati2yd7Rw9Ey2Ni
xwhDfJA0eGniKdz8MyAR2Merq9nAG0rjWKjeUwepA9GJXvu0okKdERlhzF4JWRYC
4pI=
-----END CERTIFICATE-----
Generated at Fri May 2 22:05:24 2025 by rpki-client