Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zky3w8iDI193aAbu4CLGdjkJCaA.roa
File: zky3w8iDI193aAbu4CLGdjkJCaA.roa (raw, json)
Hash identifier: r4hfTSxT3hPi1iC1WeeUFRG6/zSGMGgWEvkRmDqXL7w=
Subject key identifier: CE:4C:B7:C3:C8:83:23:5F:77:68:06:EE:E0:22:C6:76:39:09:09:A0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01865151125D99EB88D0ADF08CC555690AB6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zky3w8iDI193aAbu4CLGdjkJCaA.roa
Signing time: Tue 14 Feb 2023 19:05:12 +0000
ROA not before: Tue 14 Feb 2023 19:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:5150:57fe/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:51:51:12:5d:99:eb:88:d0:ad:f0:8c:c5:55:69:0a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 14 19:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce4cb7c3c883235f776806eee022c676390909a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:29:e4:04:1d:10:70:13:ec:52:f4:c2:11:bd:
db:a6:5d:83:00:86:0a:2a:65:85:ad:a4:05:ea:32:
fb:cb:27:ca:2e:56:23:ac:1e:c0:8a:e4:f8:2c:49:
51:d8:eb:6d:1a:50:1f:47:e6:6b:31:0e:8b:31:e3:
d2:4d:e3:30:ee:32:c7:0f:70:f7:90:9f:cc:b4:21:
66:17:c8:e7:b2:35:76:66:59:f0:3b:e3:11:38:d9:
71:91:eb:f4:0f:6d:70:0e:97:14:6f:1d:d2:9c:53:
98:7a:94:79:aa:b8:a6:8c:5c:01:68:8d:7c:11:eb:
9d:c4:48:a0:50:db:3a:42:f0:80:d6:5c:bc:f2:01:
31:6b:98:d9:a7:1c:26:88:d1:d7:6a:5b:06:b6:92:
8a:05:4f:73:3c:e2:86:12:dc:83:51:38:da:3b:dd:
11:28:69:71:d2:91:dd:96:fa:d7:c9:dd:fb:b0:4c:
92:92:02:58:9a:8c:c6:7b:4f:55:60:87:42:69:09:
8b:ba:f9:a8:33:d5:71:fb:4a:92:c6:5d:7d:94:1c:
5c:46:b3:1f:7b:ed:e2:16:7d:b1:ea:2b:5b:6c:57:
87:f8:8c:81:1e:f6:87:30:12:5e:be:5d:9e:bf:7b:
24:3a:31:9d:ed:9a:8f:e2:67:7a:80:7a:17:8d:c9:
84:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4C:B7:C3:C8:83:23:5F:77:68:06:EE:E0:22:C6:76:39:09:09:A0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zky3w8iDI193aAbu4CLGdjkJCaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:1b:e3:b6:8b:37:57:16:b4:b7:41:11:cb:83:82:5e:6a:02:
b5:b8:b3:a0:a0:d7:e5:65:aa:9d:ff:b8:ff:ba:ab:c9:23:de:
23:0f:fb:ca:c9:6b:16:9b:69:04:83:8b:8b:87:8e:fe:20:76:
92:e5:8a:0c:43:73:6e:ea:55:a4:e1:f5:4b:f9:9b:e9:27:16:
75:cf:e0:45:69:65:c5:f8:18:c1:5e:4f:73:b4:7e:dc:ea:42:
32:9e:0e:58:2d:ea:4d:30:c5:a9:69:1d:1c:fd:9b:f2:71:92:
1d:8e:b3:1e:b9:41:bf:1b:99:ba:4d:31:64:8d:12:8b:35:8f:
21:27:8e:4d:be:a4:7e:db:94:a0:de:24:82:0f:a3:f3:e2:03:
49:9f:a4:fd:ec:a8:5a:19:ed:69:58:7e:41:d2:db:ce:ed:1a:
7a:5e:89:b3:a9:c1:7c:2f:f9:1a:b1:f3:0a:b8:4a:1e:57:92:
6a:ea:eb:01:76:a6:32:0c:87:1f:a4:10:0b:eb:ae:4b:1a:f9:
b6:ee:9d:06:cb:67:c9:5c:66:6b:03:b3:a2:22:ca:6c:b7:eb:
3e:67:57:99:dd:e0:68:eb:d6:a8:0c:64:61:1c:51:a9:4e:74:
d5:52:76:9c:78:12:59:c5:30:27:fa:b5:30:aa:39:61:87:8e:
45:f8:e4:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZRURJdmeuI0K3wjMVVaQq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE0MTkwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTRjYjdjM2M4ODMyMzVmNzc2ODA2ZWVlMDIyYzY3NjM5MDkwOWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCnkBB0QcBPsUvTCEb3bpl2DAIYK
KmWFraQF6jL7yyfKLlYjrB7AiuT4LElR2OttGlAfR+ZrMQ6LMePSTeMw7jLHD3D3
kJ/MtCFmF8jnsjV2ZlnwO+MRONlxkev0D21wDpcUbx3SnFOYepR5qrimjFwBaI18
EeudxEigUNs6QvCA1ly88gExa5jZpxwmiNHXalsGtpKKBU9zPOKGEtyDUTjaO90R
KGlx0pHdlvrXyd37sEySkgJYmozGe09VYIdCaQmLuvmoM9Vx+0qSxl19lBxcRrMf
e+3iFn2x6itbbFeH+IyBHvaHMBJevl2ev3skOjGd7ZqP4md6gHoXjcmEzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM5Mt8PIgyNfd2gG7uAixnY5CQmgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvemt5M3c4aURJMTkzYUFidTRDTEdkamtKQ2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEAb47aLN1cWtLdBEcuD
gl5qArW4s6Cg1+Vlqp3/uP+6q8kj3iMP+8rJaxabaQSDi4uHjv4gdpLligxDc27q
VaTh9Uv5m+knFnXP4EVpZcX4GMFeT3O0ftzqQjKeDlgt6k0wxalpHRz9m/Jxkh2O
sx65Qb8bmbpNMWSNEos1jyEnjk2+pH7blKDeJIIPo/PiA0mfpP3sqFoZ7WlYfkHS
287tGnpeibOpwXwv+Rqx8wq4Sh5Xkmrq6wF2pjIMhx+kEAvrrksa+bbunQbLZ8lc
ZmsDs6Iiymy36z5nV5nd4Gjr1qgMZGEcUalOdNVSdpx4ElnFMCf6tTCqOWGHjkX4
5NQ=
-----END CERTIFICATE-----
Generated at Sun May 4 14:15:17 2025 by rpki-client