Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/emZGBmh3FKMfi_4ZndBXUMxAjCA.roa
File: emZGBmh3FKMfi_4ZndBXUMxAjCA.roa (raw, json)
Hash identifier: nUiS11VP2N00+BI0zfQ0pPfo/c3+HZ+kX/cwcqoS050=
Subject key identifier: 7A:66:46:06:68:77:14:A3:1F:8B:FE:19:9D:D0:57:50:CC:40:8C:20
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018789C723A9732FCC46AD0D6279CE5EFF82
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/emZGBmh3FKMfi_4ZndBXUMxAjCA.roa
Signing time: Sun 16 Apr 2023 11:15:41 +0000
ROA not before: Sun 16 Apr 2023 11:15:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:89:c7:23:a9:73:2f:cc:46:ad:0d:62:79:ce:5e:ff:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 16 11:15:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a664606687714a31f8bfe199dd05750cc408c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b0:19:04:65:33:f8:01:3f:fe:0f:14:11:ea:
24:bc:54:f4:2f:6b:b0:9a:4c:6c:6b:3b:59:83:bc:
37:ed:27:6f:47:7e:ab:a1:fc:18:f9:1f:75:f6:57:
cb:06:e3:ec:1d:68:1a:bd:8f:53:a9:06:3e:7d:a5:
b3:35:7e:79:66:8c:be:71:9b:88:f7:f4:74:ef:d6:
94:6f:15:84:8f:cc:c8:b8:1f:ee:ce:c9:b1:3f:81:
27:66:49:cf:9f:fb:c4:3f:d5:8a:90:07:a3:7e:3c:
9c:a6:ac:b3:be:d6:e2:7b:00:52:08:e8:1a:60:f7:
08:36:2c:95:30:bc:6d:92:bf:87:8c:6a:bb:f9:4b:
53:db:39:77:00:c8:90:a4:00:da:70:6d:60:49:ca:
32:18:df:f0:39:36:a4:56:01:94:c1:6a:5b:a0:56:
95:a8:cf:00:9d:04:28:77:79:7e:ad:de:52:a3:eb:
2d:cb:60:f0:19:43:2f:82:eb:4c:4f:f5:07:51:94:
1d:64:71:53:7e:c6:2d:03:0a:92:b7:64:64:29:b9:
37:ff:29:e6:24:f9:e0:6a:f7:98:e1:90:02:bd:d6:
a6:ab:08:68:77:2e:26:b0:f4:c8:6f:0e:52:22:74:
10:e5:34:44:cc:98:48:fc:06:33:c1:56:6b:32:ae:
f6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:66:46:06:68:77:14:A3:1F:8B:FE:19:9D:D0:57:50:CC:40:8C:20
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/emZGBmh3FKMfi_4ZndBXUMxAjCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
aa:aa:52:cb:08:eb:ac:4d:4c:ce:63:fe:0f:46:2c:52:fd:62:
fc:98:7a:e5:62:eb:70:e3:c2:90:86:10:da:2e:78:5f:76:55:
db:bb:99:ac:e3:11:44:15:94:25:7a:d2:16:34:3f:f3:4b:b9:
95:33:22:24:68:6d:00:14:74:d1:9d:ba:bb:52:96:97:53:ab:
61:dc:8f:d6:85:90:c3:81:b5:4e:78:54:a3:56:2d:ee:25:18:
5e:36:53:5c:7a:b5:9c:93:d1:b6:11:09:82:fc:5d:39:74:28:
29:0d:60:9f:16:ec:1d:83:0d:32:8c:0a:b7:b3:47:b4:dd:bd:
f9:b6:3d:93:aa:b6:0a:20:77:23:bd:ab:8d:10:74:99:36:08:
fc:ff:38:e6:91:82:22:c8:3d:36:22:20:ad:34:54:c6:89:a5:
b3:ec:e0:16:c4:7d:21:d6:1a:10:e0:c0:2c:ef:58:97:f3:f3:
02:be:33:df:bb:88:39:ba:32:39:b4:36:4f:cb:d9:c6:96:1b:
46:00:1d:2d:28:c1:b6:18:8c:a3:e4:d6:f3:00:23:d7:07:38:
a1:ca:89:c8:06:bb:a1:13:00:20:a7:e6:ab:31:10:6f:4f:8b:
46:20:e7:ab:26:56:d1:fe:db:1c:61:40:3f:a4:ef:c3:f0:63:
ab:a4:36:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeJxyOpcy/MRq0NYnnOXv+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDE2MTExNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTY2NDYwNjY4NzcxNGEzMWY4YmZlMTk5ZGQwNTc1MGNjNDA4YzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7AZBGUz+AE//g8UEeokvFT0L2uw
mkxsaztZg7w37SdvR36rofwY+R919lfLBuPsHWgavY9TqQY+faWzNX55Zoy+cZuI
9/R079aUbxWEj8zIuB/uzsmxP4EnZknPn/vEP9WKkAejfjycpqyzvtbiewBSCOga
YPcINiyVMLxtkr+HjGq7+UtT2zl3AMiQpADacG1gScoyGN/wOTakVgGUwWpboFaV
qM8AnQQod3l+rd5So+sty2DwGUMvgutMT/UHUZQdZHFTfsYtAwqSt2RkKbk3/ynm
JPngaveY4ZACvdamqwhody4msPTIbw5SInQQ5TREzJhI/AYzwVZrMq72bwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHpmRgZodxSjH4v+GZ3QV1DMQIwgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZW1aR0JtaDNGS01maV80Wm5kQlhVTXhBakNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKqqUssI66xNTM5j/g9G
LFL9YvyYeuVi63DjwpCGENoueF92Vdu7mazjEUQVlCV60hY0P/NLuZUzIiRobQAU
dNGdurtSlpdTq2Hcj9aFkMOBtU54VKNWLe4lGF42U1x6tZyT0bYRCYL8XTl0KCkN
YJ8W7B2DDTKMCrezR7Tdvfm2PZOqtgogdyO9q40QdJk2CPz/OOaRgiLIPTYiIK00
VMaJpbPs4BbEfSHWGhDgwCzvWJfz8wK+M9+7iDm6Mjm0Nk/L2caWG0YAHS0owbYY
jKPk1vMAI9cHOKHKicgGu6ETACCn5qsxEG9Pi0Yg56smVtH+2xxhQD+k78PwY6uk
NuE=
-----END CERTIFICATE-----
Generated at Sat Jun 14 14:58:22 2025 by rpki-client