Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zT24LETg9qEgPoy2AFAvteIQHkI.roa
File: zT24LETg9qEgPoy2AFAvteIQHkI.roa (raw, json)
Hash identifier: cOiwyicTNMxhiNfrilmdvA66c5hiT6FRqTKzCLNGq9w=
Subject key identifier: CD:3D:B8:2C:44:E0:F6:A1:20:3E:8C:B6:00:50:2F:B5:E2:10:1E:42
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01831A7031C2E9983BFE4E2FA28413A06D65
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zT24LETg9qEgPoy2AFAvteIQHkI.roa
Signing time: Thu 08 Sep 2022 00:11:43 +0000
ROA not before: Thu 08 Sep 2022 00:11:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1a:70:31:c2:e9:98:3b:fe:4e:2f:a2:84:13:a0:6d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 8 00:11:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd3db82c44e0f6a1203e8cb600502fb5e2101e42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:83:0a:22:97:b0:94:22:ba:fa:d7:3f:18:4d:
d5:8b:fd:a9:66:5a:06:9e:29:40:75:ad:de:9d:9f:
48:70:a6:66:e8:c1:7d:9c:63:ec:1c:a2:26:0c:08:
ba:bd:3e:3e:64:66:4b:1a:7c:72:eb:8a:78:e8:ca:
8b:6c:c1:fd:5e:51:71:08:05:bd:c2:fd:11:ea:3a:
3a:89:59:6a:16:36:88:a1:8c:dc:f9:fb:a2:05:d6:
de:76:9f:63:de:cb:30:35:0c:5a:e7:81:63:22:2e:
6e:e0:30:87:d0:13:2e:1b:0d:12:6e:f8:57:86:81:
47:b5:b7:54:a2:1f:61:0b:72:8a:56:2f:8a:95:5a:
a2:1e:9b:bb:25:77:13:a4:bb:af:0d:d1:0a:34:e0:
a6:66:49:4e:49:55:4a:f3:bd:45:1e:37:c6:4b:70:
23:eb:c8:cb:83:e1:52:83:2d:8b:ab:33:ca:37:41:
c4:33:9b:73:96:33:23:bd:41:1d:e6:4d:fa:d5:11:
41:43:ab:26:d8:b4:4f:76:92:0e:a0:5d:93:0f:22:
09:1a:67:ab:9c:3a:7a:53:04:42:2f:c8:24:1b:e5:
df:05:36:55:12:2f:5e:8c:d5:66:de:fd:09:24:d3:
30:4b:32:40:cd:8b:d3:2e:d5:49:ac:92:e5:b9:e9:
6f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:3D:B8:2C:44:E0:F6:A1:20:3E:8C:B6:00:50:2F:B5:E2:10:1E:42
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zT24LETg9qEgPoy2AFAvteIQHkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:95:0e:16:2e:2a:39:d0:5d:e8:2c:f3:93:9e:43:61:f7:66:
e4:17:c9:b4:82:4d:1b:4f:71:ad:8d:ec:23:cb:42:35:fb:58:
dd:f4:8f:f2:69:b7:7e:28:98:69:ea:07:6c:f2:93:c0:f8:e3:
d8:ee:36:1c:2b:f9:bc:4e:0e:9b:45:8d:f2:dd:04:79:ec:dd:
72:03:d8:97:8c:0a:36:9d:46:fe:d1:da:6a:e7:09:c0:a1:d0:
57:29:6e:04:c3:b2:07:b3:30:9b:10:6c:cb:0d:0c:69:85:7d:
51:7b:4d:d7:e8:71:f8:76:08:04:a1:81:70:3d:2b:3d:77:6a:
0e:7a:01:0a:e7:87:92:48:df:07:8f:29:b5:4d:19:d9:6c:11:
b8:86:b8:0e:77:32:5e:67:a9:0b:91:8b:33:73:61:e2:9c:83:
af:9f:37:2e:de:95:f4:bb:8d:d6:ef:a2:a8:7f:54:46:e3:fe:
26:3d:eb:52:8c:d2:08:d1:37:46:f9:62:e5:33:2c:1f:e6:41:
3d:01:d1:1c:8d:a0:84:19:8f:7e:e1:0c:ff:9e:27:44:2f:f5:
ba:5a:0a:12:0a:5c:67:bb:56:ee:46:3d:46:39:9d:66:0d:1f:
14:d2:70:a4:98:07:eb:fe:9f:17:dd:d6:08:90:a1:eb:df:b9:
75:e7:99:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMacDHC6Zg7/k4vooQToG1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTA4MDAxMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDNkYjgyYzQ0ZTBmNmExMjAzZThjYjYwMDUwMmZiNWUyMTAxZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoMKIpewlCK6+tc/GE3Vi/2pZloG
nilAda3enZ9IcKZm6MF9nGPsHKImDAi6vT4+ZGZLGnxy64p46MqLbMH9XlFxCAW9
wv0R6jo6iVlqFjaIoYzc+fuiBdbedp9j3sswNQxa54FjIi5u4DCH0BMuGw0SbvhX
hoFHtbdUoh9hC3KKVi+KlVqiHpu7JXcTpLuvDdEKNOCmZklOSVVK871FHjfGS3Aj
68jLg+FSgy2LqzPKN0HEM5tzljMjvUEd5k361RFBQ6sm2LRPdpIOoF2TDyIJGmer
nDp6UwRCL8gkG+XfBTZVEi9ejNVm3v0JJNMwSzJAzYvTLtVJrJLluelvsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM09uCxE4PahID6MtgBQL7XiEB5CMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvelQyNExFVGc5cUVnUG95MkFGQXZ0ZUlRSGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGSVDhYuKjnQXegs85Oe
Q2H3ZuQXybSCTRtPca2N7CPLQjX7WN30j/Jpt34omGnqB2zyk8D449juNhwr+bxO
DptFjfLdBHns3XID2JeMCjadRv7R2mrnCcCh0FcpbgTDsgezMJsQbMsNDGmFfVF7
Tdfocfh2CAShgXA9Kz13ag56AQrnh5JI3wePKbVNGdlsEbiGuA53Ml5nqQuRizNz
YeKcg6+fNy7elfS7jdbvoqh/VEbj/iY961KM0gjRN0b5YuUzLB/mQT0B0RyNoIQZ
j37hDP+eJ0Qv9bpaChIKXGe7Vu5GPUY5nWYNHxTScKSYB+v+nxfd1giQoevfuXXn
mQM=
-----END CERTIFICATE-----
Generated at Thu May 1 00:43:31 2025 by rpki-client