Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tNIdKfYEHuhRfrsviCsniuy1OW0.roa
File: tNIdKfYEHuhRfrsviCsniuy1OW0.roa (raw, json)
Hash identifier: WSmCBSOspwtxdsLSqLw0Pdmc/s3bao/+hppmGh9R2E8=
Subject key identifier: B4:D2:1D:29:F6:04:1E:E8:51:7E:BB:2F:88:2B:27:8A:EC:B5:39:6D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186865A5F1CB69826D496BC785EA1972B30
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tNIdKfYEHuhRfrsviCsniuy1OW0.roa
Signing time: Sat 25 Feb 2023 02:15:14 +0000
ROA not before: Sat 25 Feb 2023 02:15:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:86:5a:5f:1c:b6:98:26:d4:96:bc:78:5e:a1:97:2b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 02:15:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4d21d29f6041ee8517ebb2f882b278aecb5396d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bc:12:7c:92:8d:7a:1c:f4:ef:2b:93:bf:22:
c0:7f:65:38:67:a7:b7:92:91:20:18:29:c9:28:ff:
66:84:0c:a5:bd:ea:ff:29:5a:ba:58:36:e2:37:12:
f4:b5:f6:2f:9a:73:e4:78:1a:e1:14:d3:39:57:6e:
d3:0c:e2:7c:e7:29:d6:30:57:ab:69:a7:6f:13:66:
fb:ca:62:8e:07:d5:36:52:ff:c7:7b:7e:df:6f:24:
ca:ac:14:20:b6:d0:08:23:fa:dc:19:c3:e9:33:3f:
d3:fc:a7:3d:ba:9e:5a:d8:a2:01:9d:75:af:d7:25:
45:88:6c:7d:ed:21:62:50:43:7f:42:64:74:3c:e1:
8b:3c:67:70:a5:3e:08:05:47:8c:b2:b5:4c:82:84:
cd:48:97:24:0c:44:97:d2:3f:a6:82:ea:a5:3e:e4:
28:b0:50:2e:73:7f:34:a8:7f:00:54:69:d9:73:ba:
1a:d2:3d:44:9e:03:ea:2b:2e:95:c9:bf:ee:3b:82:
b7:96:7b:2d:c1:2e:08:cd:81:43:2a:48:6a:32:2a:
3d:6e:df:02:49:6f:51:4a:69:31:16:7b:2c:d2:04:
4f:ba:e8:91:c2:3a:81:23:93:8b:4b:15:da:62:ca:
b3:fa:6c:6c:f9:c3:29:32:9a:a7:4f:7a:3c:56:e5:
24:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D2:1D:29:F6:04:1E:E8:51:7E:BB:2F:88:2B:27:8A:EC:B5:39:6D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tNIdKfYEHuhRfrsviCsniuy1OW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:eb:d6:f6:a3:38:25:aa:b1:7c:f6:70:58:f1:56:9e:77:36:
ee:d8:05:3a:fb:88:01:80:7c:c2:78:47:e1:38:cd:21:b2:7f:
11:01:f3:72:ea:28:7a:da:7c:88:1e:a2:35:cb:ab:16:73:a1:
83:cb:5d:88:8b:c5:3a:c8:f4:c9:1b:3e:e7:ff:5c:a2:96:0b:
13:b5:28:cb:ed:e9:01:97:dc:84:c9:51:26:73:d7:77:8b:7a:
fd:43:44:b6:12:ad:15:b3:cb:86:41:f2:b3:c0:35:f4:b7:cb:
8e:c8:f0:56:19:a2:a8:cf:79:b4:18:82:96:6b:4a:4c:70:ee:
db:d0:8c:f3:d3:54:ac:96:31:20:52:99:a0:64:c2:ed:fc:ec:
f3:84:88:c1:c8:2c:d4:3e:7f:43:53:29:9c:ae:a7:0d:50:b2:
18:15:ce:2e:95:35:f5:c7:40:ba:fa:3a:09:cb:3e:ce:59:91:
b2:09:15:6d:ff:06:3f:2e:60:84:05:d8:fd:b5:eb:58:1c:97:
d9:cf:25:f2:ac:53:dd:d1:37:8d:b0:82:71:57:aa:a7:26:50:
e4:94:c1:fa:86:88:02:fa:2a:59:a5:b5:ad:5a:fd:4b:f6:74:
c5:d8:a0:42:c2:81:a0:65:9e:d9:92:20:44:ea:fc:2f:9c:1c:
a0:a9:43:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaGWl8ctpgm1Ja8eF6hlyswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MDIxNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQyMWQyOWY2MDQxZWU4NTE3ZWJiMmY4ODJiMjc4YWVjYjUzOTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLwSfJKNehz07yuTvyLAf2U4Z6e3
kpEgGCnJKP9mhAylver/KVq6WDbiNxL0tfYvmnPkeBrhFNM5V27TDOJ85ynWMFer
aadvE2b7ymKOB9U2Uv/He37fbyTKrBQgttAII/rcGcPpMz/T/Kc9up5a2KIBnXWv
1yVFiGx97SFiUEN/QmR0POGLPGdwpT4IBUeMsrVMgoTNSJckDESX0j+mguqlPuQo
sFAuc380qH8AVGnZc7oa0j1EngPqKy6Vyb/uO4K3lnstwS4IzYFDKkhqMio9bt8C
SW9RSmkxFnss0gRPuuiRwjqBI5OLSxXaYsqz+mxs+cMpMpqnT3o8VuUkzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLTSHSn2BB7oUX67L4grJ4rstTltMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdE5JZEtmWUVIdWhSZnJzdmlDc25pdXkxT1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGzr1vajOCWqsXz2cFjx
Vp53Nu7YBTr7iAGAfMJ4R+E4zSGyfxEB83LqKHrafIgeojXLqxZzoYPLXYiLxTrI
9MkbPuf/XKKWCxO1KMvt6QGX3ITJUSZz13eLev1DRLYSrRWzy4ZB8rPANfS3y47I
8FYZoqjPebQYgpZrSkxw7tvQjPPTVKyWMSBSmaBkwu387POEiMHILNQ+f0NTKZyu
pw1QshgVzi6VNfXHQLr6OgnLPs5ZkbIJFW3/Bj8uYIQF2P2161gcl9nPJfKsU93R
N42wgnFXqqcmUOSUwfqGiAL6Klmlta1a/Uv2dMXYoELCgaBlntmSIETq/C+cHKCp
QwA=
-----END CERTIFICATE-----
Generated at Sat May 3 05:07:39 2025 by rpki-client