Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/84M5ajYPvcOyKIWbLklSpTrQO-4.roa
File: 84M5ajYPvcOyKIWbLklSpTrQO-4.roa (raw, json)
Hash identifier: AsOpRWrJe89Hyx7EBwTlOiKVTexGTA3BbxMn3vKbBrs=
Subject key identifier: F3:83:39:6A:36:0F:BD:C3:B2:28:85:9B:2E:49:52:A5:3A:D0:3B:EE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01893910330747D5A485144DD1BE0CC7449F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/84M5ajYPvcOyKIWbLklSpTrQO-4.roa
Signing time: Sun 09 Jul 2023 05:11:50 +0000
ROA not before: Sun 09 Jul 2023 05:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:39:10:33:07:47:d5:a4:85:14:4d:d1:be:0c:c7:44:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 9 05:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f383396a360fbdc3b228859b2e4952a53ad03bee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:58:3a:b1:47:d5:ab:45:0d:9d:e0:23:3b:65:
35:7a:70:bf:13:ee:a4:7f:d3:32:3f:f0:0c:a1:3f:
2b:fb:57:94:9a:fe:5c:c9:53:b0:db:73:2d:3f:f3:
97:98:8e:31:25:55:03:cb:92:c5:8b:61:8c:fe:d6:
cb:d3:9f:ed:4f:6d:b8:e0:88:30:34:d9:06:7c:a8:
e9:da:d5:02:3d:ac:67:35:95:29:23:88:3b:09:3b:
01:d6:b6:79:79:9f:12:6d:28:18:ce:8d:3e:e6:3c:
af:45:10:40:4c:6c:52:5c:7f:2c:4a:96:8b:3d:d1:
a2:a1:e4:29:01:3c:b1:17:03:0a:8c:e1:13:2b:8c:
6d:51:f9:c6:a5:8a:a3:c2:3c:46:81:51:48:79:eb:
2c:f7:74:e7:5d:79:33:ef:a0:bc:45:e7:95:32:da:
f6:ea:39:6e:83:d8:ba:81:e4:7f:dd:23:da:a0:85:
b5:14:3b:37:b8:55:ca:19:7f:30:5d:d2:1c:32:92:
89:67:f9:3e:81:90:5b:bc:61:86:22:51:9a:a9:fc:
5e:1c:40:20:a6:70:24:fd:18:83:65:d9:d2:58:02:
da:92:75:b0:84:53:55:1c:ec:f5:e0:fd:9d:09:9a:
b2:de:68:b7:15:7a:44:9a:bf:67:99:cf:78:9e:a8:
be:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:83:39:6A:36:0F:BD:C3:B2:28:85:9B:2E:49:52:A5:3A:D0:3B:EE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/84M5ajYPvcOyKIWbLklSpTrQO-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:bc:de:dc:b2:0a:f7:a5:be:c3:6a:30:73:33:1f:99:fa:0e:
f0:91:87:4b:5e:07:2d:d0:6b:9e:ec:db:29:32:c8:d6:21:cd:
fd:a6:0b:27:7a:22:5e:b1:81:2c:61:e2:f7:c8:39:a7:9d:10:
49:2f:fe:0a:4b:88:9f:2c:60:63:01:89:82:37:3a:02:de:94:
1d:3b:c3:73:36:c3:88:74:5b:bb:93:64:4f:e2:bf:86:97:09:
76:10:7d:dd:05:f8:e1:a6:2f:f8:5f:65:a6:bc:16:e1:cd:50:
1a:0c:3f:b0:51:62:60:43:aa:8b:59:00:05:e8:b9:1c:be:33:
f8:a6:75:a2:a2:f8:4f:c4:7d:5f:10:97:78:c9:20:92:6a:de:
c6:b7:10:d1:08:35:1b:35:f8:da:d7:e7:d1:5d:6b:45:07:12:
d3:aa:25:ed:ee:e8:74:00:1c:45:53:a3:6c:2e:c8:52:09:39:
1a:ae:a4:f3:59:80:74:83:63:00:b7:78:d5:e4:df:ba:6f:f3:
04:78:03:94:c9:4b:d9:2c:93:ef:22:70:fa:38:b8:f5:04:93:
fa:22:31:e4:b2:21:35:92:4a:78:af:12:4a:61:ff:c6:72:b0:
1a:ac:ab:02:e2:64:f2:dc:29:67:e2:dc:6b:e4:20:b5:0a:50:
5b:22:1e:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYk5EDMHR9WkhRRN0b4Mx0SfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzA5MDUxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzgzMzk2YTM2MGZiZGMzYjIyODg1OWIyZTQ5NTJhNTNhZDAzYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1g6sUfVq0UNneAjO2U1enC/E+6k
f9MyP/AMoT8r+1eUmv5cyVOw23MtP/OXmI4xJVUDy5LFi2GM/tbL05/tT2244Igw
NNkGfKjp2tUCPaxnNZUpI4g7CTsB1rZ5eZ8SbSgYzo0+5jyvRRBATGxSXH8sSpaL
PdGioeQpATyxFwMKjOETK4xtUfnGpYqjwjxGgVFIeess93TnXXkz76C8ReeVMtr2
6jlug9i6geR/3SPaoIW1FDs3uFXKGX8wXdIcMpKJZ/k+gZBbvGGGIlGaqfxeHEAg
pnAk/RiDZdnSWALaknWwhFNVHOz14P2dCZqy3mi3FXpEmr9nmc94nqi+KwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPODOWo2D73DsiiFmy5JUqU60DvuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvODRNNWFqWVB2Y095S0lXYkxrbFNwVHJRTy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKG83tyyCvelvsNqMHMz
H5n6DvCRh0teBy3Qa57s2ykyyNYhzf2mCyd6Il6xgSxh4vfIOaedEEkv/gpLiJ8s
YGMBiYI3OgLelB07w3M2w4h0W7uTZE/iv4aXCXYQfd0F+OGmL/hfZaa8FuHNUBoM
P7BRYmBDqotZAAXouRy+M/imdaKi+E/EfV8Ql3jJIJJq3sa3ENEINRs1+NrX59Fd
a0UHEtOqJe3u6HQAHEVTo2wuyFIJORqupPNZgHSDYwC3eNXk37pv8wR4A5TJS9ks
k+8icPo4uPUEk/oiMeSyITWSSnivEkph/8ZysBqsqwLiZPLcKWfi3GvkILUKUFsi
Hjs=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:43:41 2025 by rpki-client