Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RehLZzSoNs7KPFa7gdVvsDKF_dw.roa
File: RehLZzSoNs7KPFa7gdVvsDKF_dw.roa (raw, json)
Hash identifier: 32jGRko9/qfpAdvFAZbQRz3HWeI9aRSUUbrKG77CeEU=
Subject key identifier: 45:E8:4B:67:34:A8:36:CE:CA:3C:56:BB:81:D5:6F:B0:32:85:FD:DC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189FEE7B4FF6BE4B0565D1A72DB2573BBBD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RehLZzSoNs7KPFa7gdVvsDKF_dw.roa
Signing time: Wed 16 Aug 2023 15:12:25 +0000
ROA not before: Wed 16 Aug 2023 15:12:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fe:e7:b4:ff:6b:e4:b0:56:5d:1a:72:db:25:73:bb:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 16 15:12:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45e84b6734a836ceca3c56bb81d56fb03285fddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a6:9a:a1:38:21:a6:47:09:63:3d:f3:ba:7f:
e9:8f:3a:31:4f:a1:eb:f8:12:f7:14:98:86:8d:9b:
55:e8:d0:e1:a5:cb:34:6b:42:bf:e7:bd:71:ee:be:
7c:6d:7c:01:92:10:22:12:dc:d1:fc:37:29:16:db:
83:75:9b:5a:c1:58:fe:99:af:33:b4:68:23:32:25:
0f:13:1c:fe:28:3a:cc:9a:fc:49:a4:0e:13:8e:c4:
84:2d:47:30:d8:f1:89:59:d0:9e:33:da:a3:d2:38:
33:fe:ac:8a:98:e7:ed:a4:c3:8d:a8:ef:65:bc:95:
8f:aa:c9:a2:1d:a1:30:67:25:37:23:17:77:c7:ff:
29:5c:c7:e5:57:40:26:9e:8a:6a:a3:c8:20:67:4e:
be:66:3d:db:e0:11:1d:30:50:c1:26:86:04:11:2b:
85:75:21:ca:63:e3:4b:e1:83:8f:2c:dc:14:03:cb:
67:a9:f0:e7:89:1a:b8:c0:97:ca:15:cf:cd:64:ed:
4d:4b:53:18:9e:bb:df:77:ce:6e:09:d6:dd:dd:e9:
74:95:52:69:61:93:3f:03:43:c1:14:1e:04:e9:a0:
c3:ea:b7:c2:10:b9:ce:c7:c2:95:2d:c3:a9:49:c5:
9f:71:db:f5:52:6c:14:ca:4f:d4:b3:37:c5:14:fc:
1d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E8:4B:67:34:A8:36:CE:CA:3C:56:BB:81:D5:6F:B0:32:85:FD:DC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RehLZzSoNs7KPFa7gdVvsDKF_dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:3e:ed:68:5e:8c:f7:57:41:70:ea:df:9d:b4:0e:aa:a4:25:
69:ea:7a:78:6b:ba:c4:2a:e7:27:db:a5:65:52:cc:7a:52:9a:
99:d9:89:18:b8:7b:80:d8:65:67:40:e5:1f:e9:ea:f6:f1:a1:
bf:6d:ce:11:d4:2d:a9:6e:f9:de:a9:d8:14:d6:0d:d1:f8:1e:
a0:37:d5:cb:df:1e:c8:50:fe:17:0b:f1:55:78:9d:f4:42:16:
98:54:c3:20:c1:fb:69:ac:55:f6:bb:68:db:e3:9c:03:22:64:
a3:0a:66:66:13:a7:c8:cd:24:da:e6:e1:53:cb:84:f7:b8:16:
a0:d1:9f:bc:03:3c:ce:ce:25:d1:f2:65:9a:d5:dc:97:69:0e:
c9:35:02:b0:0b:8d:58:3e:71:78:2f:62:cf:1e:1e:4b:60:78:
f9:84:2b:c1:00:94:84:4b:9a:ac:cb:81:60:1f:ab:9e:9e:1d:
12:22:56:20:15:e6:bf:08:8b:1f:73:11:da:4c:00:8e:ac:bd:
b7:da:d8:bc:91:8c:6d:06:39:1f:2c:63:b6:47:7b:85:7e:93:
5e:8b:fd:e2:6b:6b:c0:31:96:0c:f6:53:af:d8:24:b2:70:35:
f2:10:bd:32:c0:51:1e:eb:a1:a5:b4:b7:b4:04:0e:a1:87:46:
ec:60:ad:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn+57T/a+SwVl0actslc7u9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE2MTUxMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWU4NGI2NzM0YTgzNmNlY2EzYzU2YmI4MWQ1NmZiMDMyODVmZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqaaoTghpkcJYz3zun/pjzoxT6Hr
+BL3FJiGjZtV6NDhpcs0a0K/571x7r58bXwBkhAiEtzR/DcpFtuDdZtawVj+ma8z
tGgjMiUPExz+KDrMmvxJpA4TjsSELUcw2PGJWdCeM9qj0jgz/qyKmOftpMONqO9l
vJWPqsmiHaEwZyU3Ixd3x/8pXMflV0Amnopqo8ggZ06+Zj3b4BEdMFDBJoYEESuF
dSHKY+NL4YOPLNwUA8tnqfDniRq4wJfKFc/NZO1NS1MYnrvfd85uCdbd3el0lVJp
YZM/A0PBFB4E6aDD6rfCELnOx8KVLcOpScWfcdv1UmwUyk/UszfFFPwdgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEXoS2c0qDbOyjxWu4HVb7Ayhf3cMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUmVoTFp6U29OczdLUEZhN2dkVnZzREtGX2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ4+7WhejPdXQXDq3520
DqqkJWnqenhrusQq5yfbpWVSzHpSmpnZiRi4e4DYZWdA5R/p6vbxob9tzhHULalu
+d6p2BTWDdH4HqA31cvfHshQ/hcL8VV4nfRCFphUwyDB+2msVfa7aNvjnAMiZKMK
ZmYTp8jNJNrm4VPLhPe4FqDRn7wDPM7OJdHyZZrV3JdpDsk1ArALjVg+cXgvYs8e
HktgePmEK8EAlIRLmqzLgWAfq56eHRIiViAV5r8Iix9zEdpMAI6svbfa2LyRjG0G
OR8sY7ZHe4V+k16L/eJra8Axlgz2U6/YJLJwNfIQvTLAUR7roaW0t7QEDqGHRuxg
rV0=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:10:52 2025 by rpki-client