Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sttozsiLVCkPMlLIK8Zuah8fDAQ.roa
File: sttozsiLVCkPMlLIK8Zuah8fDAQ.roa (raw, json)
Hash identifier: zyc/otm5QLpc6ia1Xx/BtSpGWyC+nD7g/t8fr6MJRmU=
Subject key identifier: B2:DB:68:CE:C8:8B:54:29:0F:32:52:C8:2B:C6:6E:6A:1F:1F:0C:04
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A0B8FC07E64E30EC9B2849F7C4AB9454E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sttozsiLVCkPMlLIK8Zuah8fDAQ.roa
Signing time: Sat 19 Aug 2023 02:11:24 +0000
ROA not before: Sat 19 Aug 2023 02:11:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0b:8f:c0:7e:64:e3:0e:c9:b2:84:9f:7c:4a:b9:45:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 19 02:11:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2db68cec88b54290f3252c82bc66e6a1f1f0c04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b0:37:d5:2b:a9:53:97:99:81:a5:59:8b:3c:
4e:81:9b:d5:61:02:07:c5:1d:11:40:c2:40:50:e9:
41:16:fb:8d:3d:d6:97:2a:a6:80:a5:c4:3d:d7:8d:
10:7b:6a:aa:8d:6f:9f:49:45:53:59:99:f0:8b:b5:
74:7b:97:1f:22:ef:9d:1f:f6:57:a9:bf:75:49:3d:
2f:b5:17:07:65:b5:b1:86:3c:cf:17:47:1f:d7:52:
f7:17:16:5c:3e:34:35:cf:90:eb:61:59:0e:77:69:
c9:73:5b:f1:96:4a:a8:97:9b:11:da:34:85:da:8e:
b8:7c:5f:29:5a:c6:cb:9a:df:ac:75:68:d8:73:99:
91:55:f8:f4:06:55:44:a3:ed:2a:58:05:79:a7:41:
da:0e:ea:52:36:e2:37:f0:5a:b2:bd:2d:26:40:15:
2e:54:f0:bb:5e:6f:57:69:e2:9e:63:f3:40:65:d0:
3c:bb:34:e9:9c:11:bc:0f:bf:63:a9:0c:3b:3b:1f:
b9:a0:87:e0:ad:50:fa:56:0a:7d:09:ef:6b:8b:40:
8c:3c:37:ac:c5:fd:f0:ca:31:de:44:c5:ad:d0:a3:
e8:2f:42:61:39:5c:e4:97:d4:4d:e3:f1:cb:ac:85:
bb:e2:af:3b:47:b0:11:93:60:87:7d:18:6a:04:20:
0d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DB:68:CE:C8:8B:54:29:0F:32:52:C8:2B:C6:6E:6A:1F:1F:0C:04
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sttozsiLVCkPMlLIK8Zuah8fDAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:16:1d:d4:61:66:b8:d1:d6:ed:9c:bb:68:36:7f:71:87:d5:
e0:d0:86:aa:13:3b:fe:14:74:0a:aa:c3:b7:7f:6a:e9:64:24:
41:68:fe:7e:1a:90:20:83:8a:43:72:a3:61:ba:8f:ec:aa:45:
9a:05:e4:99:a4:e5:16:23:e4:25:74:d1:94:8e:f3:12:fb:8a:
cc:da:ba:00:ae:45:73:c8:80:62:37:57:22:10:55:3f:27:b4:
1f:de:1a:08:9d:3e:e6:c3:85:2e:5f:fe:a8:56:db:aa:29:9a:
f6:22:04:f2:35:68:2e:76:8e:93:55:06:8c:7f:8e:25:24:55:
07:18:2a:1a:57:95:4f:70:2f:be:ef:4f:18:22:ff:cc:f7:79:
5c:58:7e:79:64:9e:a6:9b:96:b3:36:a7:c1:7d:d5:c6:82:70:
2f:49:0e:04:be:29:20:20:29:1c:55:2b:fb:19:2e:f9:bb:54:
d2:ab:e1:ce:d0:3d:8a:ea:6f:85:cf:21:f8:f0:f1:5a:d4:c5:
46:90:99:c4:0c:09:83:f8:2d:16:ef:1b:3b:38:de:8e:75:1c:
2a:dc:d7:76:9b:1b:de:15:2e:80:46:34:fd:93:90:26:3e:68:
76:d8:65:ad:89:df:74:1b:7f:fe:b7:5b:4c:4b:94:b2:14:1d:
c6:89:d7:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoLj8B+ZOMOybKEn3xKuUVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE5MDIxMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmRiNjhjZWM4OGI1NDI5MGYzMjUyYzgyYmM2NmU2YTFmMWYwYzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLA31SupU5eZgaVZizxOgZvVYQIH
xR0RQMJAUOlBFvuNPdaXKqaApcQ9140Qe2qqjW+fSUVTWZnwi7V0e5cfIu+dH/ZX
qb91ST0vtRcHZbWxhjzPF0cf11L3FxZcPjQ1z5DrYVkOd2nJc1vxlkqol5sR2jSF
2o64fF8pWsbLmt+sdWjYc5mRVfj0BlVEo+0qWAV5p0HaDupSNuI38FqyvS0mQBUu
VPC7Xm9XaeKeY/NAZdA8uzTpnBG8D79jqQw7Ox+5oIfgrVD6Vgp9Ce9ri0CMPDes
xf3wyjHeRMWt0KPoL0JhOVzkl9RN4/HLrIW74q87R7ARk2CHfRhqBCANswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLLbaM7Ii1QpDzJSyCvGbmofHwwEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvc3R0b3pzaUxWQ2tQTWxMSUs4WnVhaDhmREFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGIWHdRhZrjR1u2cu2g2
f3GH1eDQhqoTO/4UdAqqw7d/aulkJEFo/n4akCCDikNyo2G6j+yqRZoF5Jmk5RYj
5CV00ZSO8xL7iszaugCuRXPIgGI3VyIQVT8ntB/eGgidPubDhS5f/qhW26opmvYi
BPI1aC52jpNVBox/jiUkVQcYKhpXlU9wL77vTxgi/8z3eVxYfnlknqablrM2p8F9
1caCcC9JDgS+KSAgKRxVK/sZLvm7VNKr4c7QPYrqb4XPIfjw8VrUxUaQmcQMCYP4
LRbvGzs43o51HCrc13abG94VLoBGNP2TkCY+aHbYZa2J33Qbf/63W0xLlLIUHcaJ
16I=
-----END CERTIFICATE-----
Generated at Thu May 1 06:24:43 2025 by rpki-client