Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZYt5qxzITUwwmf7N-SpKIpGf5xg.roa
File: ZYt5qxzITUwwmf7N-SpKIpGf5xg.roa (raw, json)
Hash identifier: beut5t2k+NLLpD5wlYJ43P+rn47oBzJ9Bm+MC/q46Dc=
Subject key identifier: 65:8B:79:AB:1C:C8:4D:4C:30:99:FE:CD:F9:2A:4A:22:91:9F:E7:18
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01865D96501FD32E0F0DEDEA43AEBDEC780E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZYt5qxzITUwwmf7N-SpKIpGf5xg.roa
Signing time: Fri 17 Feb 2023 04:16:17 +0000
ROA not before: Fri 17 Feb 2023 04:16:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5d:96:50:1f:d3:2e:0f:0d:ed:ea:43:ae:bd:ec:78:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 17 04:16:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=658b79ab1cc84d4c3099fecdf92a4a22919fe718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:07:14:e0:84:7f:77:3c:a2:b3:c3:1c:76:e7:
1e:01:3c:75:bb:c1:6a:28:21:c1:bb:47:c0:2b:fb:
a8:b9:56:96:25:62:44:4f:90:f7:d6:e8:e7:88:69:
42:ba:24:90:79:dd:e8:10:e8:b9:27:90:ec:fe:7b:
31:f7:79:64:59:ba:d0:8e:8d:32:34:dd:40:41:96:
33:f0:fb:ec:f6:d2:89:94:f9:f5:86:03:4f:ec:06:
c3:77:40:ae:b8:3a:f1:41:5f:6a:a6:2e:ad:23:33:
6b:ee:67:9e:77:82:93:41:ef:2c:a6:86:32:0f:b1:
76:67:70:be:dd:23:b5:e1:6c:d3:51:63:57:56:1d:
3c:c6:d7:62:bc:5c:28:5b:8a:c2:3b:27:1e:4a:d2:
81:44:38:f1:51:02:01:d6:a6:4c:1e:fd:44:7a:0e:
1d:50:a2:00:10:ca:eb:11:bb:b2:de:69:03:d2:de:
db:4a:6d:c2:42:c7:f3:e8:d3:89:6a:d2:1c:51:5b:
d9:a0:93:ea:8b:7c:eb:24:d6:a9:7a:dd:da:24:31:
bb:f0:a6:fa:82:cb:1a:d3:78:3e:fc:a9:8d:da:c2:
1d:cd:d4:82:f4:25:bd:f3:f9:f3:cb:15:d6:d9:b7:
f6:53:ab:ba:c3:32:6d:f3:ca:f9:32:76:7f:15:de:
39:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:8B:79:AB:1C:C8:4D:4C:30:99:FE:CD:F9:2A:4A:22:91:9F:E7:18
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZYt5qxzITUwwmf7N-SpKIpGf5xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:fd:af:6b:98:fd:44:90:49:1e:11:d8:fa:f5:95:5c:0b:74:
ad:38:c6:dc:76:32:6f:f0:67:fe:a9:08:86:26:6a:c5:96:86:
44:54:83:2f:85:2a:0e:01:4d:b3:0b:bc:2a:10:0b:62:fd:b7:
31:61:ad:d5:4b:c2:96:a0:ce:72:94:90:07:0c:4a:64:71:95:
29:48:c9:78:e8:ca:97:56:c6:d6:36:c7:40:94:7d:31:7a:60:
2d:e1:9f:c9:a6:79:57:28:ef:20:94:34:fe:96:02:ef:6c:b9:
98:5b:4b:6f:0b:1b:52:6b:8f:30:20:dd:5a:d2:23:b7:2f:9b:
dc:91:5b:55:e3:48:62:a1:00:1a:ee:60:ef:bd:7a:4b:5a:9b:
24:71:d0:9b:33:57:d1:4e:5d:96:53:a4:d7:9a:75:32:9e:b5:
b8:07:42:c7:d1:1a:f6:2b:14:41:40:3d:81:72:bc:40:53:9c:
15:b5:ad:c6:79:51:a4:61:bc:8c:c9:ec:65:bb:11:54:f9:2a:
d1:17:dd:a8:39:c7:81:c8:a3:b9:38:8e:34:6d:be:eb:fd:f4:
1b:2d:b7:f9:e8:33:b4:fc:40:35:aa:ef:dc:c9:b5:67:87:e9:
69:4c:13:49:64:72:7b:70:1b:6d:b8:9c:a9:54:9e:9d:d3:02:
2e:e9:91:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZdllAf0y4PDe3qQ6697HgOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE3MDQxNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NThiNzlhYjFjYzg0ZDRjMzA5OWZlY2RmOTJhNGEyMjkxOWZlNzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswcU4IR/dzyis8McduceATx1u8Fq
KCHBu0fAK/uouVaWJWJET5D31ujniGlCuiSQed3oEOi5J5Ds/nsx93lkWbrQjo0y
NN1AQZYz8Pvs9tKJlPn1hgNP7AbDd0CuuDrxQV9qpi6tIzNr7meed4KTQe8spoYy
D7F2Z3C+3SO14WzTUWNXVh08xtdivFwoW4rCOyceStKBRDjxUQIB1qZMHv1Eeg4d
UKIAEMrrEbuy3mkD0t7bSm3CQsfz6NOJatIcUVvZoJPqi3zrJNapet3aJDG78Kb6
gssa03g+/KmN2sIdzdSC9CW98/nzyxXW2bf2U6u6wzJt88r5MnZ/Fd45rQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGWLeascyE1MMJn+zfkqSiKRn+cYMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWll0NXF4eklUVXd3bWY3Ti1TcEtJcEdmNXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIL9r2uY/USQSR4R2Pr1
lVwLdK04xtx2Mm/wZ/6pCIYmasWWhkRUgy+FKg4BTbMLvCoQC2L9tzFhrdVLwpag
znKUkAcMSmRxlSlIyXjoypdWxtY2x0CUfTF6YC3hn8mmeVco7yCUNP6WAu9suZhb
S28LG1JrjzAg3VrSI7cvm9yRW1XjSGKhABruYO+9ektamyRx0JszV9FOXZZTpNea
dTKetbgHQsfRGvYrFEFAPYFyvEBTnBW1rcZ5UaRhvIzJ7GW7EVT5KtEX3ag5x4HI
o7k4jjRtvuv99Bstt/noM7T8QDWq79zJtWeH6WlME0lkcntwG224nKlUnp3TAi7p
kT8=
-----END CERTIFICATE-----
Generated at Mon Jun 9 03:46:23 2025 by rpki-client