Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z5JoEYLqGHVU8c5cn8Cztd_NwfI.roa
File: z5JoEYLqGHVU8c5cn8Cztd_NwfI.roa (raw, json)
Hash identifier: af8NL2i1PPtRVNQv57MMfFtKNWYGwLahzkbH9KGtCzU=
Subject key identifier: CF:92:68:11:82:EA:18:75:54:F1:CE:5C:9F:C0:B3:B5:DF:CD:C1:F2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867AC41AEB8306EDF4232E53F02E49D6E1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z5JoEYLqGHVU8c5cn8Cztd_NwfI.roa
Signing time: Wed 22 Feb 2023 20:15:17 +0000
ROA not before: Wed 22 Feb 2023 20:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7a:c4:1a:eb:83:06:ed:f4:23:2e:53:f0:2e:49:d6:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 20:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf92681182ea187554f1ce5c9fc0b3b5dfcdc1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8b:34:d0:ff:0a:19:f4:9f:7e:d9:89:cd:e4:
91:33:ae:82:51:06:2d:ec:87:3f:ca:97:cf:5f:2c:
39:53:0b:05:01:bd:d1:43:b6:63:63:1b:98:75:f0:
17:c8:f9:15:55:fb:fe:b3:c3:d8:dd:e3:29:b2:d9:
8a:ad:a4:9d:09:78:20:32:de:d2:a5:96:f8:92:f3:
bf:10:8e:57:78:26:97:9d:ab:fb:61:c7:31:e3:bf:
29:f9:b8:ef:e7:2e:96:b6:e0:1b:9a:e2:e2:30:24:
d8:b1:09:0e:f7:94:6a:d4:e6:f3:85:d5:d6:1c:2d:
26:e9:02:e4:9d:bb:ba:fa:49:5a:7a:2b:61:0e:5c:
ef:e8:6d:5a:4f:97:8c:cd:8e:ad:88:94:03:a9:bc:
6a:a6:22:5a:c3:3e:7e:a7:13:0f:d3:66:eb:99:6d:
dc:8b:e6:bd:84:da:11:2c:90:ee:e2:82:30:3f:91:
46:ba:c2:eb:60:ac:e5:60:0e:ac:23:0c:7e:52:e9:
57:29:12:65:04:d0:5f:fa:7c:e3:fb:ee:35:69:15:
c8:dc:ad:18:f1:e0:99:62:30:40:a0:0a:c4:8c:45:
5c:67:ed:94:a1:1d:7d:c7:16:fb:8e:2f:fa:16:e4:
90:b9:0e:8c:4c:de:e9:50:37:31:a8:99:f7:f5:79:
0c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:92:68:11:82:EA:18:75:54:F1:CE:5C:9F:C0:B3:B5:DF:CD:C1:F2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z5JoEYLqGHVU8c5cn8Cztd_NwfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:ce:b4:64:a2:44:10:45:ff:91:3a:dc:f8:b9:3b:ca:58:79:
60:cd:c8:f3:b0:c4:81:62:5a:86:3a:c7:73:ed:4c:5c:de:4d:
a9:b3:38:0a:9a:2e:13:09:f6:09:7f:34:da:e2:67:c9:6d:6a:
b7:a8:4b:85:06:bb:1e:b0:88:c7:af:c7:82:9b:17:f2:dd:95:
96:b3:04:16:4b:fa:ae:e9:f3:4a:52:41:01:ab:1e:a1:1d:99:
be:8b:b1:07:ae:c6:be:cc:dc:88:c5:a9:74:2a:0a:3c:53:c8:
c2:83:80:bf:0d:ed:2c:90:e6:82:8a:2f:fd:92:6b:3c:0e:57:
23:c3:9f:be:83:94:e9:c6:f2:e8:db:33:0f:a0:7c:3c:21:0f:
d2:fb:38:c9:8e:30:a6:5d:86:35:0a:a8:4f:5d:e2:01:b5:37:
26:83:5b:64:77:47:c8:54:8b:b5:18:bd:ea:0b:c4:bd:9d:9f:
24:9d:a4:10:dc:5c:02:d1:11:d5:f0:6d:ba:34:fc:cc:13:4b:
60:7c:1a:37:ab:78:27:ec:2f:e3:c2:d8:20:5c:1f:97:bd:f6:
2f:7d:15:9a:dd:11:63:3d:f4:94:45:df:82:c0:ff:8f:a4:98:
b7:bf:5e:c6:29:42:dc:93:b7:cf:42:09:06:3a:54:4e:8d:e6:
c7:00:7a:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ6xBrrgwbt9CMuU/AuSdbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMjAxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjkyNjgxMTgyZWExODc1NTRmMWNlNWM5ZmMwYjNiNWRmY2RjMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhos00P8KGfSfftmJzeSRM66CUQYt
7Ic/ypfPXyw5UwsFAb3RQ7ZjYxuYdfAXyPkVVfv+s8PY3eMpstmKraSdCXggMt7S
pZb4kvO/EI5XeCaXnav7Yccx478p+bjv5y6WtuAbmuLiMCTYsQkO95Rq1ObzhdXW
HC0m6QLknbu6+klaeithDlzv6G1aT5eMzY6tiJQDqbxqpiJawz5+pxMP02brmW3c
i+a9hNoRLJDu4oIwP5FGusLrYKzlYA6sIwx+UulXKRJlBNBf+nzj++41aRXI3K0Y
8eCZYjBAoArEjEVcZ+2UoR19xxb7ji/6FuSQuQ6MTN7pUDcxqJn39XkMVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM+SaBGC6hh1VPHOXJ/As7XfzcHyMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvejVKb0VZTHFHSFZVOGM1Y244Q3p0ZF9Od2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKHOtGSiRBBF/5E63Pi5
O8pYeWDNyPOwxIFiWoY6x3PtTFzeTamzOAqaLhMJ9gl/NNriZ8ltareoS4UGux6w
iMevx4KbF/LdlZazBBZL+q7p80pSQQGrHqEdmb6LsQeuxr7M3IjFqXQqCjxTyMKD
gL8N7SyQ5oKKL/2SazwOVyPDn76DlOnG8ujbMw+gfDwhD9L7OMmOMKZdhjUKqE9d
4gG1NyaDW2R3R8hUi7UYveoLxL2dnySdpBDcXALREdXwbbo0/MwTS2B8GjereCfs
L+PC2CBcH5e99i99FZrdEWM99JRF34LA/4+kmLe/XsYpQtyTt89CCQY6VE6N5scA
elg=
-----END CERTIFICATE-----
Generated at Thu May 1 00:35:43 2025 by rpki-client