Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z_2LD2u8BYM1ekeKQ-OrKsb2BZo.roa
File: z_2LD2u8BYM1ekeKQ-OrKsb2BZo.roa (raw, json)
Hash identifier: 1cMFWcTAw+61CcTasCuU859XmFb7yLvuQiCbhnETrqc=
Subject key identifier: CF:FD:8B:0F:6B:BC:05:83:35:7A:47:8A:43:E3:AB:2A:C6:F6:05:9A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189EB616E4EFF75738D87F73AAEEA8E0E36
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z_2LD2u8BYM1ekeKQ-OrKsb2BZo.roa
Signing time: Sat 12 Aug 2023 20:12:58 +0000
ROA not before: Sat 12 Aug 2023 20:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:eb:61:6e:4e:ff:75:73:8d:87:f7:3a:ae:ea:8e:0e:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 12 20:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cffd8b0f6bbc0583357a478a43e3ab2ac6f6059a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7a:d0:25:16:61:1f:9d:f4:94:bb:5c:47:5a:
75:b6:cf:a0:d7:7a:d8:30:17:1a:e3:44:5a:bb:9d:
30:b2:86:0b:10:7a:f4:bd:a5:e0:5e:cd:1c:80:5d:
ac:80:43:f8:92:bf:23:e9:85:c4:b7:19:54:45:09:
4e:46:ec:28:79:00:26:0f:67:ff:b3:4c:4d:28:e7:
50:46:cd:15:bf:02:e6:11:24:22:a0:9f:93:35:e7:
f6:da:ca:a8:74:1b:50:48:9d:af:6d:55:34:c8:cb:
aa:c8:e2:50:b4:e6:b1:7a:50:c2:46:34:fa:4f:a3:
f2:d7:6a:92:49:32:f7:0b:04:c3:a9:5c:55:7e:64:
a7:3a:86:e9:1f:d5:5d:96:d7:ea:e2:fd:74:b9:b5:
c0:ba:bc:a7:a3:3e:63:5e:d1:3d:3f:8e:ec:8d:39:
7e:44:5a:2c:cb:9c:fe:84:81:dc:33:dd:c9:b8:fe:
2d:01:cf:a9:ff:e2:26:3e:68:c4:14:c2:3c:20:bf:
cb:83:20:eb:0d:01:ae:33:e6:46:da:bb:b7:72:57:
29:5b:6c:47:46:c8:92:25:36:8e:77:05:a3:51:5e:
5e:a3:9e:10:ca:b7:d3:33:30:b7:11:a5:f1:56:74:
04:2c:3e:cc:e1:50:33:20:4f:6f:d8:1a:13:fe:55:
68:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:FD:8B:0F:6B:BC:05:83:35:7A:47:8A:43:E3:AB:2A:C6:F6:05:9A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/z_2LD2u8BYM1ekeKQ-OrKsb2BZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
17:14:0e:b6:7e:69:46:6d:7a:ce:99:04:59:26:48:3e:24:d4:
25:fd:14:e3:a3:e3:cd:3a:1d:1d:40:3a:61:c3:3e:c3:b0:1c:
fc:e4:06:73:73:ce:5a:88:99:be:be:50:46:35:80:58:bc:ba:
4d:67:7c:67:c9:37:b2:c3:b6:8b:13:30:32:4e:d5:ef:76:b3:
25:b5:63:72:43:45:02:f6:81:97:a7:86:42:25:59:b0:c0:60:
b3:9f:78:5b:f4:26:a9:b4:7b:56:25:1f:6b:99:b0:7a:f9:65:
6d:f2:f3:d8:c7:dc:4f:21:41:c9:51:2e:c0:28:b8:c6:ba:46:
47:98:bc:99:35:d5:41:aa:5a:4b:db:b6:a6:ba:d7:c9:37:81:
8b:4e:93:4e:1c:50:0e:6c:3f:01:95:f0:1d:7c:43:07:ad:7d:
1c:00:07:37:10:2d:f0:47:34:df:9a:50:1e:78:fd:ce:fb:c4:
dd:90:a4:fc:fc:6b:96:ad:4a:42:02:32:15:69:23:e9:1d:25:
18:ed:bf:1b:06:54:d8:0c:5b:5f:5c:85:5d:4d:e9:e9:87:38:
74:d2:bf:96:32:2c:31:f1:38:2e:5a:b8:17:b5:7d:d0:ef:80:
e5:86:d2:b1:cd:c7:29:df:ce:49:26:b1:99:50:58:df:53:ad:
f7:4c:38:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnrYW5O/3VzjYf3Oq7qjg42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEyMjAxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmZkOGIwZjZiYmMwNTgzMzU3YTQ3OGE0M2UzYWIyYWM2ZjYwNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3rQJRZhH530lLtcR1p1ts+g13rY
MBca40Rau50wsoYLEHr0vaXgXs0cgF2sgEP4kr8j6YXEtxlURQlORuwoeQAmD2f/
s0xNKOdQRs0VvwLmESQioJ+TNef22sqodBtQSJ2vbVU0yMuqyOJQtOaxelDCRjT6
T6Py12qSSTL3CwTDqVxVfmSnOobpH9Vdltfq4v10ubXAurynoz5jXtE9P47sjTl+
RFosy5z+hIHcM93JuP4tAc+p/+ImPmjEFMI8IL/LgyDrDQGuM+ZG2ru3clcpW2xH
RsiSJTaOdwWjUV5eo54QyrfTMzC3EaXxVnQELD7M4VAzIE9v2BoT/lVoGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM/9iw9rvAWDNXpHikPjqyrG9gWaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvel8yTEQydThCWU0xZWtlS1EtT3JLc2IyQlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABcUDrZ+aUZtes6ZBFkm
SD4k1CX9FOOj4806HR1AOmHDPsOwHPzkBnNzzlqImb6+UEY1gFi8uk1nfGfJN7LD
tosTMDJO1e92syW1Y3JDRQL2gZenhkIlWbDAYLOfeFv0Jqm0e1YlH2uZsHr5ZW3y
89jH3E8hQclRLsAouMa6RkeYvJk11UGqWkvbtqa618k3gYtOk04cUA5sPwGV8B18
QwetfRwABzcQLfBHNN+aUB54/c77xN2QpPz8a5atSkICMhVpI+kdJRjtvxsGVNgM
W19chV1N6emHOHTSv5YyLDHxOC5auBe1fdDvgOWG0rHNxynfzkkmsZlQWN9TrfdM
OD4=
-----END CERTIFICATE-----
Generated at Fri May 2 07:13:09 2025 by rpki-client