Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zs9hGmYvGpLwohEGzN--PCyZ2RI.roa
File: zs9hGmYvGpLwohEGzN--PCyZ2RI.roa (raw, json)
Hash identifier: RzovnN5FxXjL+nq9GeDFMDJu/o2PYf6Fi482+qCCQkY=
Subject key identifier: CE:CF:61:1A:66:2F:1A:92:F0:A2:11:06:CC:DF:BE:3C:2C:99:D9:12
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01894E195B5D7CCDAD48460AAA756CC060A4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zs9hGmYvGpLwohEGzN--PCyZ2RI.roa
Signing time: Thu 13 Jul 2023 07:13:51 +0000
ROA not before: Thu 13 Jul 2023 07:13:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4e:19:5b:5d:7c:cd:ad:48:46:0a:aa:75:6c:c0:60:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 13 07:13:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cecf611a662f1a92f0a21106ccdfbe3c2c99d912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:72:33:14:2f:f1:11:9b:42:ba:11:b0:5a:da:
54:0d:06:93:6a:bf:26:04:7d:68:f9:63:5a:17:ed:
57:90:a8:ae:b9:02:72:98:a4:e7:66:4c:f6:fc:7d:
db:b0:93:62:15:82:0c:39:16:e7:3d:c7:5f:f8:bb:
f3:b0:ec:2f:9e:46:05:69:ec:a7:12:9e:f2:4d:d1:
5e:c2:95:26:e6:bb:02:1f:4e:23:56:54:9c:ad:30:
12:7d:56:49:98:52:7c:23:7c:7d:99:1a:21:07:91:
db:3b:1e:6e:fe:cb:be:80:8c:ff:3c:ff:e9:76:e1:
a9:16:4f:03:07:d7:73:42:46:25:fe:55:e7:37:ed:
ea:19:43:bd:6d:7f:12:cb:ec:36:ac:09:8a:3c:19:
c7:7d:73:d8:21:cc:28:67:75:bd:17:1f:72:7a:9c:
5a:5f:e2:68:0f:19:a1:36:fb:18:2b:7b:4d:b1:d1:
6e:5e:fd:22:67:69:59:36:c3:4e:0b:76:63:85:ad:
bb:0c:ef:d7:e5:11:a5:1b:e7:68:fd:ed:d6:39:7e:
e0:c2:ee:bd:6d:7a:3d:ed:f5:ad:d3:0a:9f:b4:81:
06:ea:1b:99:7f:8c:a2:12:7d:4d:50:56:11:45:55:
83:b7:66:8d:82:c8:30:6c:e0:d5:cb:d9:57:bb:aa:
9d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:CF:61:1A:66:2F:1A:92:F0:A2:11:06:CC:DF:BE:3C:2C:99:D9:12
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zs9hGmYvGpLwohEGzN--PCyZ2RI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:c4:41:28:10:07:99:46:ea:1b:d7:48:f9:12:77:10:4b:29:
fc:a0:04:fe:99:37:4c:ca:11:f3:0b:5e:c3:50:cb:69:38:7d:
d1:f1:50:64:68:e1:e5:ac:23:ee:f7:f6:43:b9:3c:db:df:f8:
3f:cd:bf:96:b0:c1:77:ba:d5:82:d9:cf:75:8f:b3:e9:f2:4a:
7e:09:89:c6:99:f5:77:19:46:1d:1c:10:1f:db:01:b8:06:d8:
9c:c1:f0:d9:b4:d7:9b:29:98:70:b5:07:13:57:d4:2a:78:80:
da:82:04:2e:42:71:dc:d3:28:a3:e1:0f:c1:8d:c1:51:ca:c9:
33:22:b1:df:a8:d2:86:8f:ad:4a:1f:ec:9f:0b:d1:71:1c:d9:
75:f6:af:aa:0b:40:af:00:6c:67:4c:e6:fd:24:55:af:98:5d:
c5:e0:e4:01:69:cc:9f:b9:4f:6e:69:7c:52:5c:8b:96:a8:79:
b0:f5:3c:a2:36:71:d2:8b:ea:ec:62:4e:a8:37:68:44:03:07:
8c:c5:6b:a6:dc:42:09:c9:80:b4:82:01:10:39:a6:c4:76:74:
07:dd:0e:c2:28:ae:ab:91:74:44:eb:e9:83:e5:99:37:d7:29:
82:a8:4c:cf:7d:67:08:f1:b3:34:91:f5:3a:7e:d5:5d:14:ae:
7d:62:4b:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlOGVtdfM2tSEYKqnVswGCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzEzMDcxMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWNmNjExYTY2MmYxYTkyZjBhMjExMDZjY2RmYmUzYzJjOTlkOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XIzFC/xEZtCuhGwWtpUDQaTar8m
BH1o+WNaF+1XkKiuuQJymKTnZkz2/H3bsJNiFYIMORbnPcdf+LvzsOwvnkYFaeyn
Ep7yTdFewpUm5rsCH04jVlScrTASfVZJmFJ8I3x9mRohB5HbOx5u/su+gIz/PP/p
duGpFk8DB9dzQkYl/lXnN+3qGUO9bX8Sy+w2rAmKPBnHfXPYIcwoZ3W9Fx9yepxa
X+JoDxmhNvsYK3tNsdFuXv0iZ2lZNsNOC3Zjha27DO/X5RGlG+do/e3WOX7gwu69
bXo97fWt0wqftIEG6huZf4yiEn1NUFYRRVWDt2aNgsgwbODVy9lXu6qdxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM7PYRpmLxqS8KIRBszfvjwsmdkSMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvenM5aEdtWXZHcEx3b2hFR3pOLS1QQ3laMlJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHPEQSgQB5lG6hvXSPkS
dxBLKfygBP6ZN0zKEfMLXsNQy2k4fdHxUGRo4eWsI+739kO5PNvf+D/Nv5awwXe6
1YLZz3WPs+nySn4JicaZ9XcZRh0cEB/bAbgG2JzB8Nm015spmHC1BxNX1Cp4gNqC
BC5CcdzTKKPhD8GNwVHKyTMisd+o0oaPrUof7J8L0XEc2XX2r6oLQK8AbGdM5v0k
Va+YXcXg5AFpzJ+5T25pfFJci5aoebD1PKI2cdKL6uxiTqg3aEQDB4zFa6bcQgnJ
gLSCARA5psR2dAfdDsIorquRdETr6YPlmTfXKYKoTM99ZwjxszSR9Tp+1V0Urn1i
S1M=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:43:47 2025 by rpki-client