Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4yDHkP1CvwJp_MBNiy0BznIFm0U.roa
File: 4yDHkP1CvwJp_MBNiy0BznIFm0U.roa (raw, json)
Hash identifier: PWdtHz4Zc0m8szZjsceS5q2Srs+EL+MokRSAhvl+7/o=
Subject key identifier: E3:20:C7:90:FD:42:BF:02:69:FC:C0:4D:8B:2D:01:CE:72:05:9B:45
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01853FF72CD00E9BE4313FAD00CD663F758B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4yDHkP1CvwJp_MBNiy0BznIFm0U.roa
Signing time: Fri 23 Dec 2022 17:10:41 +0000
ROA not before: Fri 23 Dec 2022 17:10:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:f7:2c:d0:0e:9b:e4:31:3f:ad:00:cd:66:3f:75:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 23 17:10:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e320c790fd42bf0269fcc04d8b2d01ce72059b45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:43:90:91:fd:45:f1:88:0f:55:7a:6f:7a:ee:
48:17:92:40:70:eb:5b:ba:a4:b6:06:67:4c:dd:be:
a4:df:0c:f0:ea:23:b4:75:e5:76:d9:8e:38:7d:00:
a7:d1:5b:01:a1:b8:9d:c9:ec:b1:b0:bb:7a:8c:fb:
99:4b:e5:df:e0:a8:1f:bf:01:22:b9:7a:c7:60:48:
7f:2a:85:0b:4c:7b:7e:4c:0f:43:96:2c:46:1f:24:
26:f0:2a:47:af:c1:ea:89:b9:99:1d:18:54:a1:de:
e1:87:ae:ed:fd:50:c0:12:0e:b6:b5:3d:79:dc:e0:
da:9c:e5:0a:0c:02:14:20:17:63:ba:63:69:ef:d9:
de:f4:36:78:39:2b:45:e0:61:e3:59:0f:34:dc:2f:
d1:46:2d:ce:dd:4c:ef:c9:a7:25:da:5c:27:90:ee:
f5:d7:9f:bd:ec:74:c0:cb:fd:35:1e:e6:42:f9:ff:
4b:d7:79:cc:a2:6a:84:d5:c1:7b:d7:9b:0a:e6:3c:
02:ce:d8:9e:27:e4:16:10:de:35:c6:6b:db:bb:5d:
59:0a:c8:a7:2a:2e:1f:c6:e5:5e:90:ad:92:81:8c:
4c:9a:96:9c:63:1d:79:c7:f1:54:08:8c:0a:8a:a0:
93:97:88:06:05:2a:3b:64:c2:6b:b2:68:31:1c:05:
31:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:20:C7:90:FD:42:BF:02:69:FC:C0:4D:8B:2D:01:CE:72:05:9B:45
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4yDHkP1CvwJp_MBNiy0BznIFm0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:21:86:d2:d0:8c:8d:0a:ee:a8:74:cb:b8:55:4e:3f:c1:97:
24:a4:67:d4:b3:4b:32:8c:3e:17:f0:55:c4:15:71:b1:ed:b8:
e6:80:77:1c:6d:88:48:77:06:63:ec:57:94:b6:fa:15:28:bd:
ca:e1:20:aa:47:5a:9b:26:5e:f8:2f:89:e0:f4:82:5a:55:f3:
c8:ff:37:31:3d:a0:1b:94:96:05:8f:1d:a9:2e:1d:4b:f2:cd:
9f:63:ed:42:cb:68:b8:27:39:b7:45:92:db:ad:fb:2e:b9:cb:
dc:65:3e:7e:62:50:ec:cb:6a:3f:9a:9b:5d:de:e7:ec:ec:69:
e2:4a:23:43:dc:e9:80:d9:97:6d:6d:9a:4e:f6:66:47:98:48:
5e:8d:20:3a:61:08:e8:8c:e3:38:c4:cb:03:12:7d:96:c0:50:
d9:04:d1:9a:64:79:e7:6d:d8:7a:54:a4:af:11:32:c1:e3:99:
fe:ff:18:92:84:0c:1f:0f:02:35:29:a8:4e:a8:31:3c:f0:e6:
03:0b:28:38:2d:97:a7:5f:90:47:5f:ef:3d:91:17:43:f7:6f:
bb:f3:30:d0:64:ab:8e:b2:1e:3c:be:3b:10:fc:19:63:5c:c3:
4f:c5:17:0d:57:df:e9:db:6d:da:41:04:9e:2c:5f:60:b6:7c:
66:8b:60:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYU/9yzQDpvkMT+tAM1mP3WLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjIzMTcxMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzIwYzc5MGZkNDJiZjAyNjlmY2MwNGQ4YjJkMDFjZTcyMDU5YjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EOQkf1F8YgPVXpveu5IF5JAcOtb
uqS2BmdM3b6k3wzw6iO0deV22Y44fQCn0VsBobidyeyxsLt6jPuZS+Xf4KgfvwEi
uXrHYEh/KoULTHt+TA9DlixGHyQm8CpHr8HqibmZHRhUod7hh67t/VDAEg62tT15
3ODanOUKDAIUIBdjumNp79ne9DZ4OStF4GHjWQ803C/RRi3O3Uzvyacl2lwnkO71
15+97HTAy/01HuZC+f9L13nMomqE1cF715sK5jwCztieJ+QWEN41xmvbu11ZCsin
Ki4fxuVekK2SgYxMmpacYx15x/FUCIwKiqCTl4gGBSo7ZMJrsmgxHAUxxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOMgx5D9Qr8CafzATYstAc5yBZtFMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNHlESGtQMUN2d0pwX01CTml5MEJ6bklGbTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEIhhtLQjI0K7qh0y7hV
Tj/BlySkZ9SzSzKMPhfwVcQVcbHtuOaAdxxtiEh3BmPsV5S2+hUovcrhIKpHWpsm
XvgvieD0glpV88j/NzE9oBuUlgWPHakuHUvyzZ9j7ULLaLgnObdFktut+y65y9xl
Pn5iUOzLaj+am13e5+zsaeJKI0Pc6YDZl21tmk72ZkeYSF6NIDphCOiM4zjEywMS
fZbAUNkE0Zpkeedt2HpUpK8RMsHjmf7/GJKEDB8PAjUpqE6oMTzw5gMLKDgtl6df
kEdf7z2RF0P3b7vzMNBkq46yHjy+OxD8GWNcw0/FFw1X3+nbbdpBBJ4sX2C2fGaL
YCY=
-----END CERTIFICATE-----
Generated at Mon Jun 9 09:04:20 2025 by rpki-client