Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/saPTIvnzjs0woXnr2QtV6Ck051Y.roa
File: saPTIvnzjs0woXnr2QtV6Ck051Y.roa (raw, json)
Hash identifier: 32Jcud0uy8akadYg4fSm7Ke8qlMXic9lQgmD3z7jaAs=
Subject key identifier: B1:A3:D3:22:F9:F3:8E:CD:30:A1:79:EB:D9:0B:55:E8:29:34:E7:56
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189C671DD16495528D996BA4C0A5BAADD58
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/saPTIvnzjs0woXnr2QtV6Ck051Y.roa
Signing time: Sat 05 Aug 2023 16:04:58 +0000
ROA not before: Sat 05 Aug 2023 16:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:c671:3333/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c6:71:dd:16:49:55:28:d9:96:ba:4c:0a:5b:aa:dd:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 5 16:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1a3d322f9f38ecd30a179ebd90b55e82934e756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c8:3c:e0:8f:37:42:c2:95:f9:74:f5:8a:21:
26:f9:7f:d0:0d:8f:27:32:85:fb:c0:a4:37:ba:6a:
6a:3c:2d:e4:aa:2e:2f:07:86:b7:4f:82:40:d3:65:
49:14:54:7b:20:fc:f9:a6:cd:07:7a:6f:0b:7d:7a:
4d:cd:a8:b6:64:0c:e3:13:78:ed:fe:4a:bd:a3:a1:
f8:6d:08:74:0c:2d:0a:82:5f:88:0a:55:2f:ad:9b:
b4:36:ae:0b:47:e3:b4:41:9c:f4:33:94:49:e6:35:
43:6f:32:a2:27:69:1b:f4:e0:88:c0:eb:ce:d2:a3:
fa:b0:ca:60:2b:f5:3a:a9:e0:7a:04:f9:58:8f:ba:
34:0d:05:8c:b9:52:4a:ad:ad:f8:1e:21:cd:e2:3e:
cd:ff:cc:0e:01:2b:e9:f4:8b:3a:4c:6f:92:5f:46:
b9:b5:5d:d1:45:2e:90:4e:89:0d:96:f2:8e:a2:04:
e2:72:d6:d2:d9:ae:62:79:e9:03:98:7f:09:06:7c:
e1:0d:68:e6:ca:fc:47:16:13:83:ff:cf:a8:88:e3:
10:cb:48:b5:26:5e:8f:82:bf:62:0d:7b:85:d9:21:
c6:28:38:ba:8d:f1:b8:0e:6b:ca:af:8b:e0:bb:d3:
4e:3d:63:25:be:1e:22:13:fe:26:f4:b0:1e:0a:5a:
8a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A3:D3:22:F9:F3:8E:CD:30:A1:79:EB:D9:0B:55:E8:29:34:E7:56
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/saPTIvnzjs0woXnr2QtV6Ck051Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:79:49:f6:e7:03:a7:96:a3:82:b1:58:cd:b1:0c:c9:52:3e:
6c:c6:45:fe:67:80:e5:52:d5:37:5a:08:15:29:68:2e:07:f8:
15:39:79:5e:6d:3a:ae:f7:c7:0b:3b:d3:e8:b0:28:4d:aa:0a:
98:32:f7:c1:fd:62:76:2d:33:cc:ca:6b:fe:7d:72:3b:3e:55:
be:63:dc:71:41:79:f5:6c:16:52:8f:51:d2:f1:b3:d2:c9:17:
bc:bc:b5:95:98:c9:8b:9d:38:29:2e:37:e0:db:a0:fa:18:30:
b1:13:16:70:86:50:ad:5e:45:52:3a:28:be:18:50:e4:aa:ea:
b7:91:14:d1:ff:ca:d0:5e:df:9a:55:07:8b:74:74:61:04:c1:
22:77:8c:41:18:66:db:43:15:e2:a2:f3:b0:84:9e:35:62:38:
29:36:0b:64:90:c3:c2:29:fc:41:16:03:61:97:c4:e7:df:53:
81:a9:22:55:77:ff:34:b5:fe:81:77:41:92:e3:75:5a:37:d1:
30:62:32:a3:49:30:2c:c5:eb:1c:a6:19:cc:3e:dc:68:a2:5c:
28:e3:e5:47:f7:48:d6:c0:bf:f1:ba:1a:e5:3b:63:ea:cb:a0:
ba:c7:2f:ef:99:63:fe:b6:fd:27:4f:66:96:f9:fd:8b:0f:12:
59:3e:5c:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnGcd0WSVUo2Za6TApbqt1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA1MTYwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWEzZDMyMmY5ZjM4ZWNkMzBhMTc5ZWJkOTBiNTVlODI5MzRlNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8g84I83QsKV+XT1iiEm+X/QDY8n
MoX7wKQ3umpqPC3kqi4vB4a3T4JA02VJFFR7IPz5ps0Hem8LfXpNzai2ZAzjE3jt
/kq9o6H4bQh0DC0Kgl+IClUvrZu0Nq4LR+O0QZz0M5RJ5jVDbzKiJ2kb9OCIwOvO
0qP6sMpgK/U6qeB6BPlYj7o0DQWMuVJKra34HiHN4j7N/8wOASvp9Is6TG+SX0a5
tV3RRS6QTokNlvKOogTictbS2a5ieekDmH8JBnzhDWjmyvxHFhOD/8+oiOMQy0i1
Jl6Pgr9iDXuF2SHGKDi6jfG4DmvKr4vgu9NOPWMlvh4iE/4m9LAeClqKlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLGj0yL5847NMKF569kLVegpNOdWMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvc2FQVEl2bnpqczB3b1hucjJRdFY2Q2swNTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGR5SfbnA6eWo4KxWM2x
DMlSPmzGRf5ngOVS1TdaCBUpaC4H+BU5eV5tOq73xws70+iwKE2qCpgy98H9YnYt
M8zKa/59cjs+Vb5j3HFBefVsFlKPUdLxs9LJF7y8tZWYyYudOCkuN+DboPoYMLET
FnCGUK1eRVI6KL4YUOSq6reRFNH/ytBe35pVB4t0dGEEwSJ3jEEYZttDFeKi87CE
njViOCk2C2SQw8Ip/EEWA2GXxOffU4GpIlV3/zS1/oF3QZLjdVo30TBiMqNJMCzF
6xymGcw+3GiiXCjj5Uf3SNbAv/G6GuU7Y+rLoLrHL++ZY/62/SdPZpb5/YsPElk+
XNM=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:36:30 2025 by rpki-client