Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zXJHlQPIPAfPeM8pgb15N0C1o_g.roa
File: zXJHlQPIPAfPeM8pgb15N0C1o_g.roa (raw, json)
Hash identifier: s6hXDxfW4tinMyYgMoQCP4pxQt1p7tmrGgwWGl6+WcY=
Subject key identifier: CD:72:47:95:03:C8:3C:07:CF:78:CF:29:81:BD:79:37:40:B5:A3:F8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187228F1C79DDC2D9DBC88FDB75E956C6D7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zXJHlQPIPAfPeM8pgb15N0C1o_g.roa
Signing time: Mon 27 Mar 2023 10:13:36 +0000
ROA not before: Mon 27 Mar 2023 10:13:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:22:8f:1c:79:dd:c2:d9:db:c8:8f:db:75:e9:56:c6:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 27 10:13:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd72479503c83c07cf78cf2981bd793740b5a3f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b4:e1:dd:0d:66:36:bf:ce:e3:fd:61:6d:58:
68:9e:ac:e2:ff:ae:fe:25:3a:e3:d3:f4:77:74:1c:
40:49:77:8e:27:99:5a:60:e9:37:58:29:98:25:65:
8d:a0:97:f7:f6:bb:e2:eb:22:79:6b:99:da:a8:1f:
66:45:9f:bb:f2:1d:a0:c4:ea:93:62:33:d5:01:7e:
cb:51:63:08:28:41:60:6c:7f:0e:07:70:f2:05:53:
a7:19:e4:dd:d3:30:bb:bc:af:61:9c:75:80:8a:57:
cb:87:31:39:39:18:2d:ea:27:0a:f5:16:1b:44:d2:
56:b0:a2:91:aa:a4:18:53:da:f2:e7:3a:8f:bd:d9:
fd:1b:29:2c:b2:95:7b:b6:4d:c9:93:c9:54:72:f9:
8c:fb:6e:47:d5:8c:cd:2f:fb:03:e8:fb:a1:60:e3:
f8:9f:a5:da:91:37:a3:a1:df:2d:7d:d6:39:68:3b:
6d:71:31:a2:30:7b:e3:3c:32:3a:eb:21:ac:a9:2f:
43:6d:08:1d:31:52:7e:cd:a5:a6:15:55:2b:04:1d:
34:50:22:67:56:10:57:4a:94:37:7f:41:42:3f:ab:
c9:08:99:8d:3d:28:1a:7c:c5:fa:ab:1a:4a:da:a7:
5d:45:62:9b:bf:66:e2:18:56:ad:46:2b:ac:c2:ac:
f1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:72:47:95:03:C8:3C:07:CF:78:CF:29:81:BD:79:37:40:B5:A3:F8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zXJHlQPIPAfPeM8pgb15N0C1o_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:8a:0b:b0:0a:10:c1:a6:d2:b6:2f:1c:b9:ea:f7:c1:4e:4a:
bc:99:0b:90:0a:56:33:90:1b:10:47:50:c7:73:4f:ad:4d:70:
43:68:08:4b:0d:5c:cb:4d:f4:c0:69:34:4b:4e:9d:a5:e0:45:
09:69:d5:6e:14:7a:b7:39:f5:64:0c:63:50:76:63:91:86:4c:
a5:e3:57:a2:53:59:a5:f0:2a:25:e5:15:1e:9b:7b:bf:a0:67:
07:e3:65:dd:71:bf:c8:b7:a1:74:60:0a:ec:f5:99:ea:42:f7:
aa:cb:10:a6:62:f8:2c:78:f0:1d:7e:4a:76:41:28:11:88:25:
1d:9c:e0:76:ed:91:38:0a:45:13:be:15:cc:78:21:a7:db:bc:
92:88:69:a3:46:59:1a:04:be:ab:63:06:60:12:19:29:fa:43:
a1:c7:f8:41:df:55:0f:83:bf:3d:f4:14:02:35:7a:1a:63:94:
84:6b:05:87:0d:bb:b3:4f:31:a9:20:46:9a:31:c2:dc:2a:ca:
57:b1:27:18:e8:12:84:90:95:99:b5:a2:86:9c:72:d8:55:e9:
c7:98:55:e7:80:75:60:54:b3:af:4e:4b:5a:cb:a6:6c:cf:51:
4b:4d:00:1f:3b:09:94:40:72:f2:13:3b:b0:d2:d2:00:8b:9f:
60:45:32:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcijxx53cLZ28iP23XpVsbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI3MTAxMzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDcyNDc5NTAzYzgzYzA3Y2Y3OGNmMjk4MWJkNzkzNzQwYjVhM2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbTh3Q1mNr/O4/1hbVhonqzi/67+
JTrj0/R3dBxASXeOJ5laYOk3WCmYJWWNoJf39rvi6yJ5a5naqB9mRZ+78h2gxOqT
YjPVAX7LUWMIKEFgbH8OB3DyBVOnGeTd0zC7vK9hnHWAilfLhzE5ORgt6icK9RYb
RNJWsKKRqqQYU9ry5zqPvdn9GyksspV7tk3Jk8lUcvmM+25H1YzNL/sD6PuhYOP4
n6XakTejod8tfdY5aDttcTGiMHvjPDI66yGsqS9DbQgdMVJ+zaWmFVUrBB00UCJn
VhBXSpQ3f0FCP6vJCJmNPSgafMX6qxpK2qddRWKbv2biGFatRiuswqzxpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM1yR5UDyDwHz3jPKYG9eTdAtaP4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvelhKSGxRUElQQWZQZU04cGdiMTVOMEMxb19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAECKC7AKEMGm0rYvHLnq
98FOSryZC5AKVjOQGxBHUMdzT61NcENoCEsNXMtN9MBpNEtOnaXgRQlp1W4Uerc5
9WQMY1B2Y5GGTKXjV6JTWaXwKiXlFR6be7+gZwfjZd1xv8i3oXRgCuz1mepC96rL
EKZi+Cx48B1+SnZBKBGIJR2c4HbtkTgKRRO+Fcx4IafbvJKIaaNGWRoEvqtjBmAS
GSn6Q6HH+EHfVQ+Dvz30FAI1ehpjlIRrBYcNu7NPMakgRpoxwtwqylexJxjoEoSQ
lZm1ooaccthV6ceYVeeAdWBUs69OS1rLpmzPUUtNAB87CZRAcvITO7DS0gCLn2BF
MuI=
-----END CERTIFICATE-----
Generated at Thu May 1 05:00:18 2025 by rpki-client