Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zSbyN-g_eeT-6OxsrcPz49OAAZY.roa
File: zSbyN-g_eeT-6OxsrcPz49OAAZY.roa (raw, json)
Hash identifier: b9f523vbc9fo0Fq7ZQr9PWuIgfyyASOjzXOy4E56hpw=
Subject key identifier: CD:26:F2:37:E8:3F:79:E4:FE:E8:EC:6C:AD:C3:F3:E3:D3:80:01:96
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018701503876C0FFBB5D07FDF6351257DF66
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zSbyN-g_eeT-6OxsrcPz49OAAZY.roa
Signing time: Mon 20 Mar 2023 23:17:27 +0000
ROA not before: Mon 20 Mar 2023 23:17:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:01:50:38:76:c0:ff:bb:5d:07:fd:f6:35:12:57:df:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 20 23:17:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd26f237e83f79e4fee8ec6cadc3f3e3d3800196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:01:44:15:70:6a:d8:b9:75:68:4a:13:4f:d4:
59:03:db:d6:5f:b1:2e:48:9d:ec:17:6a:81:be:80:
13:66:e1:d8:38:f3:b1:58:0f:3c:17:87:09:36:f1:
c4:55:41:6b:f1:d6:68:44:54:c7:1f:ad:ae:bd:d1:
14:f4:d1:cf:9c:cf:26:9a:2e:65:19:3c:ca:21:a5:
fb:e1:bb:11:fc:9c:ee:e2:c1:f5:74:27:19:53:46:
a2:43:1c:c0:e1:1d:c8:60:44:04:53:c2:25:22:6f:
22:72:81:cc:3c:5f:64:7b:62:eb:d3:b8:15:5a:34:
68:e5:cb:58:2f:c8:4b:61:5c:94:03:3f:75:7b:b1:
87:98:14:da:ef:65:fa:8a:26:c9:8e:27:fd:53:ce:
1a:1a:51:fb:59:73:fc:6a:6a:13:28:dc:0b:39:bc:
d4:5c:35:c6:43:a6:08:a6:29:5f:7e:9c:15:8e:49:
7e:85:70:4a:c5:b3:49:77:f8:be:ec:40:5b:d0:99:
e1:90:cc:9a:d9:02:a3:2e:70:e4:58:ab:e6:7b:c5:
10:0b:a3:41:b9:7e:60:b5:b9:81:7e:4b:c8:e2:81:
ab:c5:67:95:4c:d2:45:ee:8b:f8:1c:b2:ab:d7:60:
f9:e0:50:ab:31:01:22:b0:46:18:83:c7:a4:43:c4:
86:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:26:F2:37:E8:3F:79:E4:FE:E8:EC:6C:AD:C3:F3:E3:D3:80:01:96
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zSbyN-g_eeT-6OxsrcPz49OAAZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:b9:e7:60:78:36:4a:2a:8e:ff:b6:88:e7:20:7e:33:ec:0e:
86:76:d6:44:f8:92:9e:54:f8:48:54:39:41:ba:38:4f:09:c9:
64:1e:fe:1e:78:4a:e8:23:7e:54:7e:1c:a6:88:73:3d:a5:47:
5b:64:ad:8e:68:8c:06:f1:a1:78:bf:6a:ec:0b:57:c4:fe:00:
8d:a5:09:69:22:a9:08:ef:ee:6e:eb:64:e0:08:0c:96:9a:a6:
5d:cc:59:69:5a:c0:39:c9:92:1f:86:d2:7d:c1:61:f9:55:d1:
c6:9c:ef:8a:74:b5:49:c0:87:35:f9:7f:e9:96:51:e5:5f:2e:
1a:34:42:4d:3d:c7:f0:a3:83:f4:e3:77:82:e8:c9:79:2b:6d:
3c:e2:49:eb:fd:1f:5f:2e:31:05:43:16:b4:62:69:6a:6d:4a:
03:ce:85:f4:5e:4d:b6:b2:57:10:23:6a:af:3e:d9:a9:dd:9a:
ea:81:77:02:3f:0c:fb:f2:17:c7:a8:d5:cb:14:62:81:11:7a:
4f:d6:4f:d2:fb:4e:b2:9b:44:1b:82:a7:b1:9a:e3:c2:60:3c:
55:cc:ae:5b:c9:24:ed:45:c2:90:b0:1e:fb:04:ff:9b:a6:cb:
eb:67:54:02:be:d6:ca:5e:9e:f8:7c:4f:fd:43:3e:88:0a:b6:
75:40:5b:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcBUDh2wP+7XQf99jUSV99mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzIwMjMxNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDI2ZjIzN2U4M2Y3OWU0ZmVlOGVjNmNhZGMzZjNlM2QzODAwMTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAFEFXBq2Ll1aEoTT9RZA9vWX7Eu
SJ3sF2qBvoATZuHYOPOxWA88F4cJNvHEVUFr8dZoRFTHH62uvdEU9NHPnM8mmi5l
GTzKIaX74bsR/Jzu4sH1dCcZU0aiQxzA4R3IYEQEU8IlIm8icoHMPF9ke2Lr07gV
WjRo5ctYL8hLYVyUAz91e7GHmBTa72X6iibJjif9U84aGlH7WXP8amoTKNwLObzU
XDXGQ6YIpilffpwVjkl+hXBKxbNJd/i+7EBb0JnhkMya2QKjLnDkWKvme8UQC6NB
uX5gtbmBfkvI4oGrxWeVTNJF7ov4HLKr12D54FCrMQEisEYYg8ekQ8SG2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM0m8jfoP3nk/ujsbK3D8+PTgAGWMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvelNieU4tZ19lZVQtNk94c3JjUHo0OU9BQVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHi552B4Nkoqjv+2iOcg
fjPsDoZ21kT4kp5U+EhUOUG6OE8JyWQe/h54SugjflR+HKaIcz2lR1tkrY5ojAbx
oXi/auwLV8T+AI2lCWkiqQjv7m7rZOAIDJaapl3MWWlawDnJkh+G0n3BYflV0cac
74p0tUnAhzX5f+mWUeVfLho0Qk09x/Cjg/Tjd4LoyXkrbTziSev9H18uMQVDFrRi
aWptSgPOhfReTbayVxAjaq8+2andmuqBdwI/DPvyF8eo1csUYoERek/WT9L7TrKb
RBuCp7Ga48JgPFXMrlvJJO1FwpCwHvsE/5umy+tnVAK+1spenvh8T/1DPogKtnVA
W9w=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:19:01 2025 by rpki-client