Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/x7vYZVvxmQ9UaQZxor4OdkNfOCU.roa
File: x7vYZVvxmQ9UaQZxor4OdkNfOCU.roa (raw, json)
Hash identifier: D4NYkNolTOUo0kaVsvTiy/hApjo67f4OCAlXXsDWEzg=
Subject key identifier: C7:BB:D8:65:5B:F1:99:0F:54:69:06:71:A2:BE:0E:76:43:5F:38:25
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186960B273E466F48DF9E6D4A4E9BB125E1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/x7vYZVvxmQ9UaQZxor4OdkNfOCU.roa
Signing time: Tue 28 Feb 2023 03:22:38 +0000
ROA not before: Tue 28 Feb 2023 03:22:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:96:0b:27:3e:46:6f:48:df:9e:6d:4a:4e:9b:b1:25:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 28 03:22:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7bbd8655bf1990f54690671a2be0e76435f3825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5a:d0:cd:91:d5:1a:81:6f:63:44:6f:96:a0:
cf:1f:9f:aa:46:ae:00:4e:4f:12:ff:2f:c0:62:e6:
b2:3e:ad:a0:09:7d:c5:91:c6:51:f9:8c:f0:c6:53:
a6:61:00:3c:17:f4:5e:25:5f:f8:3b:3d:44:09:87:
c5:99:eb:ad:fc:94:c9:01:d9:7e:f9:3d:21:75:fd:
8d:7c:ea:12:d0:c4:d5:45:99:19:a8:58:2c:e8:be:
09:78:af:b6:17:30:67:73:a1:a8:1c:44:4e:9a:a2:
de:4c:a9:f6:4d:7d:22:ef:91:0f:18:38:b2:fb:29:
44:df:70:19:21:3f:f1:3a:5a:24:91:05:4a:9c:ce:
27:8e:1f:07:17:d8:f5:dd:22:65:c2:7c:0d:94:b4:
c8:67:eb:43:04:fe:76:70:d7:27:cd:3c:48:22:80:
6d:80:28:63:e2:01:84:e5:e2:06:a7:54:3a:15:ef:
1b:2b:1b:5c:fa:c1:ca:71:49:ea:36:28:f3:27:a2:
41:32:ec:6c:25:47:41:8e:32:28:c5:15:02:87:e3:
5c:59:84:fb:d8:81:5f:4e:f4:80:ab:39:bb:a2:3d:
59:4b:58:6b:42:a6:ca:54:fd:a9:cb:a4:89:07:21:
e9:55:f2:53:98:ce:7a:f6:89:19:05:a7:8b:d5:63:
67:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:BB:D8:65:5B:F1:99:0F:54:69:06:71:A2:BE:0E:76:43:5F:38:25
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/x7vYZVvxmQ9UaQZxor4OdkNfOCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:fa:17:a0:c6:48:f1:4e:57:bc:d3:39:7a:97:f4:f6:ff:81:
63:9c:fb:87:19:45:84:45:19:65:94:73:6b:8b:b2:47:9b:95:
74:b9:39:c3:8f:09:b5:2a:68:d2:86:cc:ab:cc:54:ba:e5:61:
3e:8f:2b:ad:d7:e1:1a:e6:0b:f6:26:57:63:67:88:6c:c5:89:
28:16:6f:7c:70:b8:10:d0:18:93:cd:c1:d3:c1:35:43:0b:39:
01:a8:16:46:62:8a:24:68:32:f9:4e:d5:15:df:b6:39:da:f0:
0f:ab:cd:1f:68:29:cf:79:e0:b7:36:b7:9e:db:18:0f:21:be:
55:65:19:d6:d5:19:05:d7:a6:94:c4:ac:18:eb:f3:5f:e2:ed:
9c:eb:87:d8:d9:ed:10:13:31:0b:74:a5:15:b2:72:4e:2c:34:
4a:44:5b:73:cb:e2:ac:19:dd:29:76:45:91:92:1f:50:1f:b3:
78:62:2a:5d:86:03:d8:c2:5b:a2:9f:2c:9c:43:1b:76:cd:93:
11:36:ec:b9:0a:ce:04:d8:d0:98:5f:2a:8f:a3:28:24:6d:ef:
1c:19:e2:1c:c4:b1:04:c3:e5:e4:6d:83:e5:2a:9c:87:bf:c5:
a4:73:4c:47:16:82:fb:4b:95:b6:5c:ce:ef:d8:dc:fe:71:f0:
e8:94:4c:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaWCyc+Rm9I355tSk6bsSXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI4MDMyMjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2JiZDg2NTViZjE5OTBmNTQ2OTA2NzFhMmJlMGU3NjQzNWYzODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFrQzZHVGoFvY0RvlqDPH5+qRq4A
Tk8S/y/AYuayPq2gCX3FkcZR+YzwxlOmYQA8F/ReJV/4Oz1ECYfFmeut/JTJAdl+
+T0hdf2NfOoS0MTVRZkZqFgs6L4JeK+2FzBnc6GoHEROmqLeTKn2TX0i75EPGDiy
+ylE33AZIT/xOlokkQVKnM4njh8HF9j13SJlwnwNlLTIZ+tDBP52cNcnzTxIIoBt
gChj4gGE5eIGp1Q6Fe8bKxtc+sHKcUnqNijzJ6JBMuxsJUdBjjIoxRUCh+NcWYT7
2IFfTvSAqzm7oj1ZS1hrQqbKVP2py6SJByHpVfJTmM569okZBaeL1WNnJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMe72GVb8ZkPVGkGcaK+DnZDXzglMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveDd2WVpWdnhtUTlVYVFaeG9yNE9ka05mT0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ36F6DGSPFOV7zTOXqX
9Pb/gWOc+4cZRYRFGWWUc2uLskeblXS5OcOPCbUqaNKGzKvMVLrlYT6PK63X4Rrm
C/YmV2NniGzFiSgWb3xwuBDQGJPNwdPBNUMLOQGoFkZiiiRoMvlO1RXftjna8A+r
zR9oKc954Lc2t57bGA8hvlVlGdbVGQXXppTErBjr81/i7Zzrh9jZ7RATMQt0pRWy
ck4sNEpEW3PL4qwZ3Sl2RZGSH1Afs3hiKl2GA9jCW6KfLJxDG3bNkxE27LkKzgTY
0JhfKo+jKCRt7xwZ4hzEsQTD5eRtg+UqnIe/xaRzTEcWgvtLlbZczu/Y3P5x8OiU
TFI=
-----END CERTIFICATE-----
Generated at Thu May 1 15:09:50 2025 by rpki-client