Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Z5_Q39bjv8w9aRCgb5vqfRtbBI8.roa
File: Z5_Q39bjv8w9aRCgb5vqfRtbBI8.roa (raw, json)
Hash identifier: upkaOpr6Z6vRa/i0K+STDxki7fnAbloGrl0NZll0s7I=
Subject key identifier: 67:9F:D0:DF:D6:E3:BF:CC:3D:69:10:A0:6F:9B:EA:7D:1B:5B:04:8F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018679715A7A5AEF7A1C0A204AAD5872A9BB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Z5_Q39bjv8w9aRCgb5vqfRtbBI8.roa
Signing time: Wed 22 Feb 2023 14:05:17 +0000
ROA not before: Wed 22 Feb 2023 14:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:7970:bfd6/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:71:5a:7a:5a:ef:7a:1c:0a:20:4a:ad:58:72:a9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 14:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=679fd0dfd6e3bfcc3d6910a06f9bea7d1b5b048f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2d:b3:cc:ef:72:7c:a0:ff:ee:f6:04:99:73:
2b:b9:4a:de:61:39:0e:1d:1f:64:ad:0c:6b:5d:ba:
76:a6:60:6d:fe:63:f7:7c:0c:6a:3e:f3:24:ee:0b:
0f:13:6f:db:b5:a9:35:40:35:4a:11:a0:45:a5:c6:
95:d3:85:92:39:d4:c0:96:f9:78:77:b5:5a:10:3f:
82:7d:ae:84:80:db:98:2e:a2:34:0b:51:98:29:4e:
04:15:e7:52:dc:8e:9b:76:3f:38:be:fb:97:cd:d7:
de:f1:3c:cb:5d:31:54:20:0f:8e:db:d4:19:e8:91:
26:c4:bb:03:56:51:39:32:2b:fc:f6:64:ad:9c:eb:
ab:dd:2c:6e:ed:9a:f8:ed:05:82:2c:bb:53:d8:c7:
3a:68:cb:38:b9:5c:cd:8e:30:bc:4d:0f:69:ad:86:
7d:88:5d:b7:55:53:c3:fb:ff:2f:9e:aa:05:cc:35:
48:84:fa:dc:ae:26:ee:39:bf:79:f0:72:95:07:6b:
ac:fe:df:fe:c7:ed:d5:08:85:7d:58:90:68:d6:12:
6f:79:74:5e:9d:6d:1e:e0:8a:21:a2:cd:fd:10:a8:
43:60:e5:64:37:58:a0:fa:21:69:c5:0b:c3:cd:54:
d6:32:dd:c4:64:f1:3a:03:12:0c:27:9b:08:d9:d5:
52:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9F:D0:DF:D6:E3:BF:CC:3D:69:10:A0:6F:9B:EA:7D:1B:5B:04:8F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Z5_Q39bjv8w9aRCgb5vqfRtbBI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:48:ee:36:03:ab:f2:f7:58:5c:bf:10:03:9b:21:38:a3:e1:
85:6b:8c:2c:2f:f5:a5:77:5d:ae:ab:e8:f0:0d:e1:a8:39:f4:
aa:04:ca:4a:27:14:a8:53:39:a0:04:fd:89:19:74:ce:35:20:
2b:21:d0:ec:9f:d5:07:ad:1d:27:b7:4e:22:8c:0a:18:11:42:
89:1d:30:de:49:f6:6e:4c:23:18:ad:3e:3a:98:0b:36:7a:0e:
d5:ce:7a:a4:ae:cb:65:01:8d:3f:88:9d:ab:43:f7:4e:b7:1e:
2d:6e:3a:45:e1:9f:8d:21:23:eb:52:be:d5:61:ba:79:8c:12:
cd:5a:50:16:9e:ac:e1:0e:59:20:1f:b4:85:01:08:8f:22:e5:
7b:41:37:ea:33:3c:b0:84:02:0d:31:72:5e:6c:52:56:af:94:
8e:9e:90:d2:02:2e:9d:ab:b8:1b:bb:27:38:67:68:49:8d:a9:
fa:cd:49:ed:b4:f6:18:24:d2:86:da:09:15:5b:2d:8f:d2:5b:
79:6f:84:2b:4f:28:42:11:01:a7:bb:f8:8d:ad:d6:ba:a0:d8:
9b:d5:ca:fe:6a:72:b9:a3:ae:ec:ac:ad:08:64:ea:c5:2d:89:
9a:77:f6:db:1a:6f:c6:0a:b0:15:56:7d:e1:28:e9:58:e2:c3:
fe:1c:06:b7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ5cVp6Wu96HAogSq1Ycqm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMTQwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzlmZDBkZmQ2ZTNiZmNjM2Q2OTEwYTA2ZjliZWE3ZDFiNWIwNDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy2zzO9yfKD/7vYEmXMruUreYTkO
HR9krQxrXbp2pmBt/mP3fAxqPvMk7gsPE2/btak1QDVKEaBFpcaV04WSOdTAlvl4
d7VaED+Cfa6EgNuYLqI0C1GYKU4EFedS3I6bdj84vvuXzdfe8TzLXTFUIA+O29QZ
6JEmxLsDVlE5Miv89mStnOur3Sxu7Zr47QWCLLtT2Mc6aMs4uVzNjjC8TQ9prYZ9
iF23VVPD+/8vnqoFzDVIhPrcribuOb958HKVB2us/t/+x+3VCIV9WJBo1hJveXRe
nW0e4Iohos39EKhDYOVkN1ig+iFpxQvDzVTWMt3EZPE6AxIMJ5sI2dVS5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGef0N/W47/MPWkQoG+b6n0bWwSPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWjVfUTM5Ymp2OHc5YVJDZ2I1dnFmUnRiQkk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJtI7jYDq/L3WFy/EAOb
ITij4YVrjCwv9aV3Xa6r6PAN4ag59KoEykonFKhTOaAE/YkZdM41ICsh0Oyf1Qet
HSe3TiKMChgRQokdMN5J9m5MIxitPjqYCzZ6DtXOeqSuy2UBjT+InatD9063Hi1u
OkXhn40hI+tSvtVhunmMEs1aUBaerOEOWSAftIUBCI8i5XtBN+ozPLCEAg0xcl5s
UlavlI6ekNICLp2ruBu7JzhnaEmNqfrNSe209hgk0obaCRVbLY/SW3lvhCtPKEIR
Aae7+I2t1rqg2JvVyv5qcrmjruysrQhk6sUtiZp39tsab8YKsBVWfeEo6Vjiw/4c
Brc=
-----END CERTIFICATE-----
Generated at Wed Jun 11 13:45:49 2025 by rpki-client