Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z9gIomSfS_X4uLyZvDVwZ90y36w.roa
File: z9gIomSfS_X4uLyZvDVwZ90y36w.roa (raw, json)
Hash identifier: aZMYzBQfMShHGNPpaWsGNH95y6YyXMW3x2Mxe0OvxtA=
Subject key identifier: CF:D8:08:A2:64:9F:4B:F5:F8:B8:BC:99:BC:35:70:67:DD:32:DF:AC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189A7259D5D89A67A120CA7AED678E51EE6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z9gIomSfS_X4uLyZvDVwZ90y36w.roa
Signing time: Sun 30 Jul 2023 14:13:27 +0000
ROA not before: Sun 30 Jul 2023 14:13:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a7:25:9d:5d:89:a6:7a:12:0c:a7:ae:d6:78:e5:1e:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 30 14:13:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfd808a2649f4bf5f8b8bc99bc357067dd32dfac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:51:aa:ef:a1:46:3b:ba:8e:64:1e:1e:1d:b5:
ae:c0:cb:75:8e:2c:50:92:2c:51:33:ef:fa:e1:78:
39:2c:61:a7:db:0d:54:eb:29:1d:ae:2f:05:6e:79:
56:d6:a1:4a:f1:51:9e:6a:28:c8:4a:0b:e5:9e:4f:
e1:1b:3a:0a:ac:85:de:f8:02:c6:4b:25:03:f7:e0:
2a:68:b0:23:6c:c9:6e:c6:a1:68:15:05:da:dd:85:
67:66:e3:70:e0:e4:bc:20:e5:9b:90:06:17:81:46:
82:a1:c8:81:f4:64:90:d8:98:94:1e:41:f9:58:41:
ca:d5:eb:12:21:44:36:ef:a2:62:c8:84:e8:4a:03:
a4:ac:36:70:f0:fc:bc:fa:c4:43:de:8c:2a:87:42:
ef:6c:39:39:44:31:1c:a6:97:fb:2c:51:92:5f:25:
1e:3e:db:43:a4:70:d5:81:3c:e0:9d:c3:96:0e:23:
a2:a8:82:ee:9e:0a:5c:e6:6d:18:43:e5:ad:27:c2:
92:02:5f:af:6e:f4:fe:8c:d9:d8:86:d7:51:2b:08:
1d:e0:0a:5e:73:a8:7b:ad:ee:b7:fb:99:87:5d:dc:
b6:54:54:82:83:d0:62:ea:e2:a0:1d:08:ea:7d:27:
97:bd:cc:95:0b:a3:b6:44:d8:c5:fe:11:9a:b3:ed:
fc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D8:08:A2:64:9F:4B:F5:F8:B8:BC:99:BC:35:70:67:DD:32:DF:AC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z9gIomSfS_X4uLyZvDVwZ90y36w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:22:90:c9:5a:8e:c9:0c:77:d8:24:75:0a:94:6b:a1:6b:48:
ec:f0:a7:a1:39:55:79:de:00:98:eb:87:72:f7:e7:e7:e7:31:
c5:cc:d1:c9:1a:a7:ac:d7:d7:a0:47:2a:a4:1c:85:11:29:d7:
2b:f8:0e:a7:7f:60:78:57:fc:8a:fe:2f:ce:25:c5:8e:77:95:
cb:4a:b6:ca:bc:af:6b:6d:ae:ff:c3:d1:ad:ad:66:e6:17:d2:
47:45:61:f0:5b:e0:f9:4c:f0:1d:5d:9f:1a:4a:08:c3:a9:b9:
66:f6:84:55:e6:81:b3:3d:fc:4f:c2:f0:5a:78:06:65:90:59:
0d:4a:b8:19:d9:7c:5f:19:e7:d8:df:58:08:56:06:af:1a:f5:
08:76:2a:f5:6b:01:ca:3d:d3:50:45:28:42:25:38:be:4e:d7:
4d:89:dd:5d:be:3a:1e:24:8f:9f:a3:ef:fc:05:95:e9:95:2b:
f4:be:c1:e0:6c:a0:a9:61:4c:59:db:95:a9:4f:3f:e4:eb:df:
62:75:c3:c2:7b:32:f5:2b:ed:fa:19:38:c1:bc:fd:be:46:80:
85:32:ec:e9:30:4e:93:5c:80:a9:fb:1c:06:9c:96:30:44:d8:
10:cd:82:8e:26:95:f7:6f:a7:10:9e:b7:ba:9d:8e:d3:78:4b:
9f:41:f2:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmnJZ1diaZ6EgynrtZ45R7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMwMTQxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmQ4MDhhMjY0OWY0YmY1ZjhiOGJjOTliYzM1NzA2N2RkMzJkZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11Gq76FGO7qOZB4eHbWuwMt1jixQ
kixRM+/64Xg5LGGn2w1U6ykdri8FbnlW1qFK8VGeaijISgvlnk/hGzoKrIXe+ALG
SyUD9+AqaLAjbMluxqFoFQXa3YVnZuNw4OS8IOWbkAYXgUaCociB9GSQ2JiUHkH5
WEHK1esSIUQ276JiyIToSgOkrDZw8Py8+sRD3owqh0LvbDk5RDEcppf7LFGSXyUe
PttDpHDVgTzgncOWDiOiqILungpc5m0YQ+WtJ8KSAl+vbvT+jNnYhtdRKwgd4Ape
c6h7re63+5mHXdy2VFSCg9Bi6uKgHQjqfSeXvcyVC6O2RNjF/hGas+38FQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM/YCKJkn0v1+Li8mbw1cGfdMt+sMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvejlnSW9tU2ZTX1g0dUx5WnZEVndaOTB5MzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI8ikMlajskMd9gkdQqU
a6FrSOzwp6E5VXneAJjrh3L35+fnMcXM0ckap6zX16BHKqQchREp1yv4Dqd/YHhX
/Ir+L84lxY53lctKtsq8r2ttrv/D0a2tZuYX0kdFYfBb4PlM8B1dnxpKCMOpuWb2
hFXmgbM9/E/C8Fp4BmWQWQ1KuBnZfF8Z59jfWAhWBq8a9Qh2KvVrAco901BFKEIl
OL5O102J3V2+Oh4kj5+j7/wFlemVK/S+weBsoKlhTFnblalPP+Tr32J1w8J7MvUr
7foZOMG8/b5GgIUy7OkwTpNcgKn7HAacljBE2BDNgo4mlfdvpxCet7qdjtN4S59B
8uk=
-----END CERTIFICATE-----
Generated at Fri May 2 08:14:40 2025 by rpki-client