Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dJtSHzyHEBWFPOtQ-ZEJ06eWf2s.roa
File: dJtSHzyHEBWFPOtQ-ZEJ06eWf2s.roa (raw, json)
Hash identifier: 4ldYdcJ6tYjXTyos/t3uWJrFFOmQ/sG/7rKsapunxVw=
Subject key identifier: 74:9B:52:1F:3C:87:10:15:85:3C:EB:50:F9:91:09:D3:A7:96:7F:6B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189B6C7DA7B00408D98A5CEA6CABB64CF23
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dJtSHzyHEBWFPOtQ-ZEJ06eWf2s.roa
Signing time: Wed 02 Aug 2023 15:04:58 +0000
ROA not before: Wed 02 Aug 2023 15:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:189:b6c7:4903/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:c7:da:7b:00:40:8d:98:a5:ce:a6:ca:bb:64:cf:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 2 15:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=749b521f3c871015853ceb50f99109d3a7967f6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:92:85:7f:57:d1:10:f3:e2:e3:13:f2:98:25:
14:55:33:9b:c3:48:ac:32:b4:c6:da:47:07:48:53:
81:fe:6c:ca:e7:d0:c3:ce:b6:30:7d:7b:e6:61:2a:
1c:68:81:14:2a:e7:78:d4:99:ed:61:c5:b6:5f:a3:
e9:d6:67:c9:5f:d7:52:e5:ea:ee:6a:64:0b:3a:29:
08:f8:56:2a:8f:ce:a4:38:3a:56:c8:f0:5b:38:37:
db:46:de:91:42:af:ea:82:9b:ba:8d:2c:ed:ae:b4:
80:21:fe:69:db:aa:06:93:d4:d0:3b:f2:dc:b6:02:
1e:f9:f9:29:8f:4e:44:6f:6f:fe:78:cb:ec:88:bb:
63:ae:c9:de:e9:2e:b1:ac:86:59:80:4e:ea:fb:a3:
31:db:33:98:15:44:05:82:bb:ad:8a:b8:13:52:b5:
d5:47:0b:43:22:12:06:d6:91:65:57:ef:c6:be:73:
92:3d:05:63:01:8e:59:1d:29:cb:f1:bb:53:60:79:
21:bb:97:1c:a4:11:36:9c:3f:a3:83:57:df:4a:f4:
4d:ff:0d:36:63:2d:56:71:f4:df:17:f5:a9:4e:e7:
23:6e:97:b6:6a:23:56:93:e6:6b:44:98:64:5b:05:
4b:1a:0c:23:08:a4:b2:44:2a:6f:b2:a1:b1:d1:b0:
65:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:9B:52:1F:3C:87:10:15:85:3C:EB:50:F9:91:09:D3:A7:96:7F:6B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dJtSHzyHEBWFPOtQ-ZEJ06eWf2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:a6:72:6c:86:62:e4:05:c4:65:21:2c:c4:91:6b:29:ef:97:
9b:e8:1e:a5:f5:18:c2:c8:8e:f3:6c:f6:61:69:d1:69:8d:fd:
5e:64:12:7a:ab:b0:5e:ea:f3:6e:5d:82:1e:45:73:72:bb:85:
ae:fc:b7:77:b6:fd:50:9b:58:d9:67:ef:80:ea:a2:73:18:99:
f4:a8:db:fe:08:91:38:11:44:6c:09:82:8e:91:a3:8d:4f:0c:
e0:2a:f9:4e:3a:63:4c:b0:c6:56:94:0f:52:b6:37:29:11:3c:
03:ea:e5:b0:c8:26:a4:7b:b0:ed:0f:cb:c4:66:8f:3d:cc:e7:
27:3c:66:4d:87:c2:1a:d8:88:1a:12:97:3a:d0:a0:cf:b3:12:
7a:12:b8:73:41:e2:af:5e:76:c1:97:22:f3:b4:1e:f6:ca:06:
c4:d5:1c:47:c2:c2:23:2b:19:4c:5a:2a:ed:99:d1:f0:ac:ab:
3a:45:c3:11:31:3d:7c:e9:c8:dc:81:b8:4e:ea:6c:bc:f2:fc:
95:95:3f:f4:5a:4f:00:c5:20:18:9d:94:01:f7:21:f1:0d:2f:
d6:88:7d:24:2d:08:ff:a6:d5:ac:c7:1c:30:41:97:01:61:c2:
95:95:c4:f5:b7:8d:95:ed:e8:2a:30:5e:17:13:7e:97:ef:72:
80:e5:62:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm2x9p7AECNmKXOpsq7ZM8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODAyMTUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDliNTIxZjNjODcxMDE1ODUzY2ViNTBmOTkxMDlkM2E3OTY3ZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5KFf1fREPPi4xPymCUUVTObw0is
MrTG2kcHSFOB/mzK59DDzrYwfXvmYSocaIEUKud41JntYcW2X6Pp1mfJX9dS5eru
amQLOikI+FYqj86kODpWyPBbODfbRt6RQq/qgpu6jSztrrSAIf5p26oGk9TQO/Lc
tgIe+fkpj05Eb2/+eMvsiLtjrsne6S6xrIZZgE7q+6Mx2zOYFUQFgrutirgTUrXV
RwtDIhIG1pFlV+/GvnOSPQVjAY5ZHSnL8btTYHkhu5ccpBE2nD+jg1ffSvRN/w02
Yy1WcfTfF/WpTucjbpe2aiNWk+ZrRJhkWwVLGgwjCKSyRCpvsqGx0bBlMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHSbUh88hxAVhTzrUPmRCdOnln9rMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZEp0U0h6eUhFQldGUE90US1aRUowNmVXZjJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFumcmyGYuQFxGUhLMSR
aynvl5voHqX1GMLIjvNs9mFp0WmN/V5kEnqrsF7q825dgh5Fc3K7ha78t3e2/VCb
WNln74DqonMYmfSo2/4IkTgRRGwJgo6Ro41PDOAq+U46Y0ywxlaUD1K2NykRPAPq
5bDIJqR7sO0Py8Rmjz3M5yc8Zk2HwhrYiBoSlzrQoM+zEnoSuHNB4q9edsGXIvO0
HvbKBsTVHEfCwiMrGUxaKu2Z0fCsqzpFwxExPXzpyNyBuE7qbLzy/JWVP/RaTwDF
IBidlAH3IfENL9aIfSQtCP+m1azHHDBBlwFhwpWVxPW3jZXt6CowXhcTfpfvcoDl
YvY=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:26:38 2025 by rpki-client