Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZrpuYHxxUhEWJhvDZwmXMK7yvCw.roa
File: ZrpuYHxxUhEWJhvDZwmXMK7yvCw.roa (raw, json)
Hash identifier: mypYQU+urebNm/H1AGekjrzQnMzxFasgJyF3WSWbCb0=
Subject key identifier: 66:BA:6E:60:7C:71:52:11:16:26:1B:C3:67:09:97:30:AE:F2:BC:2C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185247FD469E34060F1A0FDE9FFA724C3BE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZrpuYHxxUhEWJhvDZwmXMK7yvCw.roa
Signing time: Sun 18 Dec 2022 09:10:35 +0000
ROA not before: Sun 18 Dec 2022 09:10:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:24:7f:d4:69:e3:40:60:f1:a0:fd:e9:ff:a7:24:c3:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 18 09:10:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66ba6e607c71521116261bc367099730aef2bc2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c6:0a:07:4c:c3:b0:36:89:b5:24:6f:4a:0b:
53:fb:d6:21:0e:99:4b:05:d5:4c:12:92:a8:49:a6:
a9:73:8a:97:18:c9:76:5c:fb:28:6e:64:e6:1d:4d:
fa:73:3d:ef:36:a3:fb:58:fc:8c:c5:26:f9:d2:e8:
fa:6b:f8:69:18:e4:0a:6c:f4:fa:24:a7:38:93:62:
68:64:b0:bb:0f:c9:db:d8:6d:01:74:49:a3:dc:57:
9f:60:45:48:08:3d:1c:e7:3e:aa:6d:bd:65:e6:2c:
09:e1:e7:38:70:fa:f5:13:b5:36:2b:c6:26:5f:98:
0d:82:0c:4f:e9:58:65:de:f9:dc:fa:5e:f5:4b:a9:
cb:bc:02:6b:87:f7:4a:41:08:57:1a:46:71:fa:bb:
b7:49:bc:88:f4:3e:1c:a3:26:95:55:f0:cf:fc:09:
84:94:56:e5:98:44:a2:6e:4e:2f:ce:b1:41:48:6a:
57:94:4f:4c:14:5a:1b:68:88:73:39:c6:29:49:b0:
f0:fa:62:4f:d2:42:20:48:f5:55:10:ae:8c:c5:ff:
c0:92:78:30:5e:04:9f:27:51:ee:95:0a:1c:10:b0:
ca:21:25:ab:97:ad:e9:30:99:57:5c:c3:4c:5a:17:
86:a8:0e:1d:d5:0b:03:d6:bc:7f:2d:2c:74:78:51:
e9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:BA:6E:60:7C:71:52:11:16:26:1B:C3:67:09:97:30:AE:F2:BC:2C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZrpuYHxxUhEWJhvDZwmXMK7yvCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:c6:f7:5a:0e:c7:7b:3b:56:e8:74:b5:6a:88:d0:77:ee:23:
b8:88:6a:95:33:c8:6c:f4:2f:69:49:71:74:e3:9b:b6:af:2b:
29:ad:71:75:18:e5:17:22:25:24:f0:14:6e:5f:9f:c0:18:bd:
cc:30:4e:af:50:0e:17:13:6d:5c:12:20:7c:56:27:f4:ed:4c:
c5:cd:9b:46:b4:d1:22:32:ad:1c:8e:bb:bb:3f:8d:4f:35:f4:
e7:da:8c:0d:75:49:65:ca:35:d9:50:9d:3e:4e:27:e6:7a:54:
4d:ea:1c:38:0f:20:0e:47:01:90:47:70:2a:52:31:51:be:31:
c3:1e:4b:48:90:f3:23:e0:08:5d:20:2f:af:81:e7:fc:7f:c5:
a9:85:92:f9:99:e5:bb:96:ac:e3:de:52:96:27:3a:cd:2b:33:
a8:0c:a3:77:36:ca:5c:ee:fa:a2:f4:77:c9:a8:86:fd:b9:bb:
e3:d8:a9:f9:50:56:5b:9c:c1:60:9f:3b:83:30:49:cb:5c:a4:
88:71:7c:41:b8:15:07:0d:79:15:c8:5a:af:3e:d2:8e:39:19:
71:0f:5b:26:62:a4:21:36:7e:da:6d:bd:32:1c:7c:22:92:1c:
79:58:29:42:26:f0:1f:36:62:6f:64:b6:bf:8a:af:3e:3a:01:
c5:77:c0:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUkf9Rp40Bg8aD96f+nJMO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE4MDkxMDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmJhNmU2MDdjNzE1MjExMTYyNjFiYzM2NzA5OTczMGFlZjJiYzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcYKB0zDsDaJtSRvSgtT+9YhDplL
BdVMEpKoSaapc4qXGMl2XPsobmTmHU36cz3vNqP7WPyMxSb50uj6a/hpGOQKbPT6
JKc4k2JoZLC7D8nb2G0BdEmj3FefYEVICD0c5z6qbb1l5iwJ4ec4cPr1E7U2K8Ym
X5gNggxP6Vhl3vnc+l71S6nLvAJrh/dKQQhXGkZx+ru3SbyI9D4coyaVVfDP/AmE
lFblmESibk4vzrFBSGpXlE9MFFobaIhzOcYpSbDw+mJP0kIgSPVVEK6Mxf/Akngw
XgSfJ1HulQocELDKISWrl63pMJlXXMNMWheGqA4d1QsD1rx/LSx0eFHpTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGa6bmB8cVIRFiYbw2cJlzCu8rwsMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvWnJwdVlIeHhVaEVXSmh2RFp3bVhNSzd5dkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADvG91oOx3s7Vuh0tWqI
0HfuI7iIapUzyGz0L2lJcXTjm7avKymtcXUY5RciJSTwFG5fn8AYvcwwTq9QDhcT
bVwSIHxWJ/TtTMXNm0a00SIyrRyOu7s/jU819OfajA11SWXKNdlQnT5OJ+Z6VE3q
HDgPIA5HAZBHcCpSMVG+McMeS0iQ8yPgCF0gL6+B5/x/xamFkvmZ5buWrOPeUpYn
Os0rM6gMo3c2ylzu+qL0d8mohv25u+PYqflQVlucwWCfO4MwSctcpIhxfEG4FQcN
eRXIWq8+0o45GXEPWyZipCE2ftptvTIcfCKSHHlYKUIm8B82Ym9ktr+Krz46AcV3
wPY=
-----END CERTIFICATE-----
Generated at Thu Jun 12 02:35:27 2025 by rpki-client