Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z1pNXLlm5AbGdYw-g5tioHCY7zs.roa
File: z1pNXLlm5AbGdYw-g5tioHCY7zs.roa (raw, json)
Hash identifier: k2tqRBy3MJWv/jlnq4SeK7EcTSF3V8dCpBE1ko2OrPM=
Subject key identifier: CF:5A:4D:5C:B9:66:E4:06:C6:75:8C:3E:83:9B:62:A0:70:98:EF:3B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 865B1BBB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z1pNXLlm5AbGdYw-g5tioHCY7zs.roa
Signing time: Sun 22 May 2022 16:11:29 +0000
ROA not before: Sun 22 May 2022 16:11:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:ddb5:bc5/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:e0ec:efe1/128 maxlen: 128
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2254117819 (0x865b1bbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 22 16:11:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf5a4d5cb966e406c6758c3e839b62a07098ef3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:17:ed:c7:43:ac:d0:02:47:3b:21:c3:2a:05:
1f:74:05:13:bd:ee:6c:f2:49:22:c1:a0:0c:f2:2a:
54:f4:88:f1:42:95:33:29:7b:24:ef:24:ba:61:91:
cb:23:3a:33:d7:69:ab:95:7e:fb:c4:06:7b:db:16:
2c:4e:48:eb:1e:bb:6d:38:a8:2f:dc:01:c6:5c:92:
60:4c:88:99:71:09:31:bd:ea:e1:fe:b4:58:c5:7f:
93:67:c7:75:0d:78:73:19:b0:5a:6e:cc:c0:f5:fe:
c3:fe:96:b2:40:ce:7e:a2:2a:41:e0:d8:f6:e2:eb:
aa:fe:5c:4d:3f:4a:e5:c6:8f:31:9c:75:ea:b3:21:
67:1b:11:dd:26:f1:ca:a3:a7:ff:2e:3a:d8:0c:47:
78:7d:04:59:f6:ae:45:f1:5d:61:bc:aa:33:ac:17:
f1:8b:3e:ab:62:00:59:6c:ed:c8:fe:a3:55:02:a9:
24:a8:6e:1d:96:25:25:7f:57:ba:f1:4e:2a:7f:05:
87:4e:b1:30:f6:c1:6d:dc:0e:60:f9:1e:f2:23:6d:
6f:f0:ff:10:4b:8a:13:b1:dd:50:17:a3:76:3c:1c:
e2:45:71:a6:eb:a8:7a:e9:3e:60:7a:ac:f1:85:df:
40:79:01:a7:bf:af:a1:cf:c6:c4:c7:65:a3:1b:c9:
6c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:5A:4D:5C:B9:66:E4:06:C6:75:8C:3E:83:9B:62:A0:70:98:EF:3B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z1pNXLlm5AbGdYw-g5tioHCY7zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:55:d6:b4:29:98:5f:ad:d2:d4:fa:9c:26:15:17:89:18:50:
7a:cf:15:95:d5:36:e1:6f:4f:a1:36:1d:7d:e4:10:5e:7b:5c:
6e:67:a1:c9:93:ff:96:3e:a9:3c:4b:20:a1:b5:f0:02:c2:f2:
54:6b:f9:c3:05:a7:16:75:65:ee:5f:0c:ca:88:66:9f:8a:91:
63:cf:8b:60:85:5a:24:1a:96:d2:45:ac:1c:a9:ea:bc:2e:22:
86:6e:e4:83:f4:54:c7:20:d5:4e:6e:88:ff:3d:3c:15:ed:66:
5a:6f:db:b3:e4:37:b4:d0:55:97:be:72:39:75:ea:de:d9:03:
18:94:11:52:8b:f3:0e:a3:3b:45:c1:de:7d:d2:9a:ec:3b:b4:
18:eb:41:a1:e9:fd:49:c0:7e:95:e4:cd:6d:01:bd:db:ac:95:
45:e0:de:2f:7e:2a:b9:1e:7c:f8:ce:d8:cd:46:06:2d:0b:d7:
2a:bd:d4:bd:73:80:f2:48:ca:ad:b9:09:5a:51:bd:08:cd:07:
d7:18:96:fb:37:c4:3f:85:30:04:55:15:e6:e8:7e:15:5d:61:
d2:fa:db:88:47:0a:ba:69:54:05:7a:1a:7a:44:72:1c:b2:af:
11:e9:ab:17:7a:00:41:01:e5:b4:1d:4e:91:20:ed:42:e5:e2:
d8:a9:36:d2
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIZbG7swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjIxNjExMjlaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGNmNWE0ZDVjYjk2
NmU0MDZjNjc1OGMzZTgzOWI2MmEwNzA5OGVmM2IwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDOF+3HQ6zQAkc7IcMqBR90BRO97mzySSLBoAzyKlT0iPFC
lTMpeyTvJLphkcsjOjPXaauVfvvEBnvbFixOSOseu204qC/cAcZckmBMiJlxCTG9
6uH+tFjFf5Nnx3UNeHMZsFpuzMD1/sP+lrJAzn6iKkHg2Pbi66r+XE0/SuXGjzGc
deqzIWcbEd0m8cqjp/8uOtgMR3h9BFn2rkXxXWG8qjOsF/GLPqtiAFls7cj+o1UC
qSSobh2WJSV/V7rxTip/BYdOsTD2wW3cDmD5HvIjbW/w/xBLihOx3VAXo3Y8HOJF
cabrqHrpPmB6rPGF30B5Aae/r6HPxsTHZaMbyWxvAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUz1pNXLlm5AbGdYw+g5tioHCY7zswHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS96MXBOWExsbTVBYkdkWXctZzV0aW9IQ1k3enMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAIlXWtCmYX63S1PqcJhUXiRhQes8VldU24W9P
oTYdfeQQXntcbmehyZP/lj6pPEsgobXwAsLyVGv5wwWnFnVl7l8Myohmn4qRY8+L
YIVaJBqW0kWsHKnqvC4ihm7kg/RUxyDVTm6I/z08Fe1mWm/bs+Q3tNBVl75yOXXq
3tkDGJQRUovzDqM7RcHefdKa7Du0GOtBoen9ScB+leTNbQG926yVReDeL34quR58
+M7YzUYGLQvXKr3UvXOA8kjKrbkJWlG9CM0H1xiW+zfEP4UwBFUV5uh+FV1h0vrb
iEcKumlUBXoaekRyHLKvEemrF3oAQQHltB1OkSDtQuXi2Kk20g==
-----END CERTIFICATE-----
Generated at Fri May 2 11:40:54 2025 by rpki-client