Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zW6cATPStfh3UAikf4cq7Lm4Dh4.roa
File: zW6cATPStfh3UAikf4cq7Lm4Dh4.roa (raw, json)
Hash identifier: eRcgsrVsl607SrBUm5TFv9zyyR+tWmvJIZ6Bq3eBRI0=
Subject key identifier: CD:6E:9C:01:33:D2:B5:F8:77:50:08:A4:7F:87:2A:EC:B9:B8:0E:1E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01854477D4D8FFDB29517A2B4E694E9044C2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zW6cATPStfh3UAikf4cq7Lm4Dh4.roa
Signing time: Sat 24 Dec 2022 14:09:41 +0000
ROA not before: Sat 24 Dec 2022 14:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:44:77:d4:d8:ff:db:29:51:7a:2b:4e:69:4e:90:44:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 24 14:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd6e9c0133d2b5f8775008a47f872aecb9b80e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:91:26:43:0c:df:2c:09:d1:d8:4d:4c:a3:9d:
9a:c1:10:30:93:3d:10:9b:d4:aa:ad:ac:c9:69:c1:
06:7c:9c:42:e9:d1:a1:68:b8:2d:c7:db:d0:f2:61:
26:bb:98:1e:03:a4:a9:35:5e:85:9f:50:13:53:60:
4f:98:08:e4:84:5c:84:57:ab:74:e7:a1:dc:0c:b9:
32:79:d7:49:a8:14:7b:08:7b:15:ef:9a:44:17:35:
9e:7d:2e:b1:eb:b4:44:a7:64:98:15:c3:52:53:1f:
bd:6b:31:59:4f:8e:36:49:e7:e3:7b:d3:5f:ed:6b:
36:46:70:d8:97:32:de:2d:34:5e:a9:a5:4c:14:09:
46:d5:c6:ab:77:b8:a5:05:e0:b5:63:57:c0:a3:5a:
1d:6e:fb:11:4e:1f:4c:b4:60:26:6f:d6:24:7e:ad:
0a:16:2e:81:b4:21:87:75:4d:76:cd:1c:22:8c:ab:
ae:c4:b9:1e:8e:77:a8:61:fd:83:4f:c8:d1:76:ca:
94:08:82:2c:d4:9b:8f:53:57:1a:48:22:61:4e:43:
6f:53:5d:95:f3:cb:37:7e:8e:4d:d0:d6:43:dd:8c:
7f:b9:d0:5b:b7:31:5e:ba:6e:0c:6a:81:0f:c0:04:
82:f7:f4:79:68:5d:39:6b:2e:3f:e7:94:c7:a6:ff:
42:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:6E:9C:01:33:D2:B5:F8:77:50:08:A4:7F:87:2A:EC:B9:B8:0E:1E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zW6cATPStfh3UAikf4cq7Lm4Dh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:1f:5b:03:a9:e9:73:6b:f2:77:cf:4e:da:2b:d1:53:b6:fe:
6a:da:76:bc:9a:b0:cc:b8:73:50:1b:19:90:e1:1b:60:19:04:
b9:af:76:9d:26:a9:df:a7:f1:b1:d5:3d:61:e9:cb:89:1c:5d:
9b:52:37:62:ce:b1:0c:e7:36:d9:f3:5d:f1:f7:b4:2f:42:04:
e8:c8:d8:34:85:8a:a5:79:d5:09:b8:c0:5e:da:72:be:67:57:
32:5c:fd:87:de:70:75:59:57:82:f7:2c:b4:03:78:ab:91:0d:
5b:ad:28:09:6f:70:6b:f7:8d:7f:ec:f0:55:36:a8:53:20:27:
65:54:3b:f3:b2:24:19:1b:c5:d8:8c:6a:60:e9:e9:60:31:2d:
27:50:0a:56:87:60:dd:05:b5:d8:73:90:65:db:1a:79:a3:62:
43:d5:9e:63:d5:d7:68:7f:5d:8d:6b:5b:9e:ea:1a:70:f7:b3:
15:97:00:a2:5e:15:0b:26:b1:3b:54:47:98:26:d6:40:cd:c4:
6d:27:63:f6:42:fe:97:74:ba:ea:6b:4a:35:8b:48:57:c9:14:
b7:fb:e5:87:c2:94:00:7b:04:65:80:8f:59:d5:d4:e8:87:9b:
cf:4c:b8:91:60:9e:76:df:be:58:60:59:12:bd:5e:a3:d2:f0:
cc:35:b4:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVEd9TY/9spUXorTmlOkETCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI0MTQwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDZlOWMwMTMzZDJiNWY4Nzc1MDA4YTQ3Zjg3MmFlY2I5YjgwZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZEmQwzfLAnR2E1Mo52awRAwkz0Q
m9SqrazJacEGfJxC6dGhaLgtx9vQ8mEmu5geA6SpNV6Fn1ATU2BPmAjkhFyEV6t0
56HcDLkyeddJqBR7CHsV75pEFzWefS6x67REp2SYFcNSUx+9azFZT442Sefje9Nf
7Ws2RnDYlzLeLTReqaVMFAlG1card7ilBeC1Y1fAo1odbvsRTh9MtGAmb9Ykfq0K
Fi6BtCGHdU12zRwijKuuxLkejneoYf2DT8jRdsqUCIIs1JuPU1caSCJhTkNvU12V
88s3fo5N0NZD3Yx/udBbtzFeum4MaoEPwASC9/R5aF05ay4/55THpv9ClwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM1unAEz0rX4d1AIpH+HKuy5uA4eMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvelc2Y0FUUFN0ZmgzVUFpa2Y0Y3E3TG00RGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFYfWwOp6XNr8nfPTtor
0VO2/mradryasMy4c1AbGZDhG2AZBLmvdp0mqd+n8bHVPWHpy4kcXZtSN2LOsQzn
NtnzXfH3tC9CBOjI2DSFiqV51Qm4wF7acr5nVzJc/YfecHVZV4L3LLQDeKuRDVut
KAlvcGv3jX/s8FU2qFMgJ2VUO/OyJBkbxdiMamDp6WAxLSdQClaHYN0FtdhzkGXb
GnmjYkPVnmPV12h/XY1rW57qGnD3sxWXAKJeFQsmsTtUR5gm1kDNxG0nY/ZC/pd0
uuprSjWLSFfJFLf75YfClAB7BGWAj1nV1OiHm89MuJFgnnbfvlhgWRK9XqPS8Mw1
tIA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:35:47 2025 by rpki-client