Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i7LofNf9hIavqmsBzKP45rbvD4c.roa
File: i7LofNf9hIavqmsBzKP45rbvD4c.roa (raw, json)
Hash identifier: /7JVIwUJ+jAkAxVtbh4T0ZD0aoaz04igyBglNa35Yx4=
Subject key identifier: 8B:B2:E8:7C:D7:FD:84:86:AF:AA:6B:01:CC:A3:F8:E6:B6:EF:0F:87
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867BCD99A134437F1A1D3ADCF16F27EED1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i7LofNf9hIavqmsBzKP45rbvD4c.roa
Signing time: Thu 23 Feb 2023 01:05:17 +0000
ROA not before: Thu 23 Feb 2023 01:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:7bcc:c553/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7b:cd:99:a1:34:43:7f:1a:1d:3a:dc:f1:6f:27:ee:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 23 01:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bb2e87cd7fd8486afaa6b01cca3f8e6b6ef0f87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:40:f2:4f:97:18:53:65:b0:a4:08:e7:6c:a5:
ff:9c:5f:2f:d0:7a:5a:11:4e:49:e0:45:d4:2f:27:
05:1f:fa:d7:bb:cb:38:d7:55:a4:7f:9c:46:4c:c4:
1a:40:5c:fb:ce:f3:60:ec:f7:fb:70:3a:85:a5:51:
7f:9f:c7:a7:c7:ae:3e:3a:72:9f:a4:71:91:d8:8c:
60:e7:2d:a8:f7:62:f0:a0:74:5d:f5:4a:a1:84:2d:
4a:49:f6:e7:95:10:8c:81:c0:ce:0e:8b:25:9f:46:
1f:31:2d:cf:62:e8:4c:7c:76:46:04:aa:c4:8b:e8:
52:7f:0f:a0:d6:5e:c0:16:5e:83:61:cc:16:d2:dc:
32:58:86:ee:80:39:ee:7f:6c:f3:b4:3e:91:ce:30:
74:36:d3:21:5e:de:1e:e4:90:aa:f2:87:bb:8f:86:
61:d7:20:50:5c:36:0b:5c:6d:6e:ed:33:96:33:b3:
52:db:b9:26:96:3e:8f:1d:7a:d9:80:97:46:b6:c2:
aa:e3:43:46:d5:65:b6:8d:10:e3:95:5f:29:75:f8:
0a:d4:a2:ec:74:84:52:87:a7:1e:6b:06:cc:58:eb:
64:4d:5d:51:77:00:94:90:27:3a:52:d3:e1:08:1a:
a2:a0:dc:5a:9d:ff:f9:38:8b:59:8d:7d:60:34:1d:
16:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B2:E8:7C:D7:FD:84:86:AF:AA:6B:01:CC:A3:F8:E6:B6:EF:0F:87
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/i7LofNf9hIavqmsBzKP45rbvD4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:53:04:38:2c:cb:a5:b7:52:3b:40:e0:80:09:67:07:b1:62:
bd:59:ae:73:0e:86:a2:38:42:5b:49:51:6e:b9:36:6a:5d:03:
50:fd:f2:95:2c:15:e4:5c:75:14:65:b3:63:f7:9b:96:84:fc:
7e:ad:40:02:f0:5b:47:be:c7:b3:3f:b4:ba:2f:6f:e2:f1:c5:
8b:19:22:52:c1:90:5d:d1:a1:13:7d:60:5c:1d:10:bb:e3:2f:
f9:6a:e6:9d:7d:36:88:3d:49:e9:80:24:49:0c:1e:99:6e:aa:
45:10:8f:b0:07:f2:eb:3c:ca:70:ff:db:8b:c5:d9:14:f2:d3:
a3:1b:f5:22:35:b8:41:9c:59:37:4c:6c:a1:97:b6:4b:38:d0:
20:39:de:b6:73:99:f5:e1:72:f6:63:1f:70:86:f4:49:16:7c:
92:3d:e0:7f:8e:ef:b3:77:9e:7d:73:1f:f3:48:ef:6e:bd:e7:
ab:de:39:1d:a6:35:c8:27:1c:ad:32:c9:d5:58:c2:29:14:58:
dc:bd:6b:83:09:a4:1e:60:4e:22:34:8d:92:f2:44:ce:f5:0a:
a1:6c:ac:6e:02:83:d5:88:d8:98:49:30:6e:21:ca:ac:f0:01:
c3:fb:a0:e8:87:32:77:95:32:db:fe:a1:08:2b:9d:b5:10:d1:
2e:e9:6b:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ7zZmhNEN/Gh063PFvJ+7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIzMDEwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmIyZTg3Y2Q3ZmQ4NDg2YWZhYTZiMDFjY2EzZjhlNmI2ZWYwZjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEDyT5cYU2WwpAjnbKX/nF8v0Hpa
EU5J4EXULycFH/rXu8s411Wkf5xGTMQaQFz7zvNg7Pf7cDqFpVF/n8enx64+OnKf
pHGR2Ixg5y2o92LwoHRd9UqhhC1KSfbnlRCMgcDODosln0YfMS3PYuhMfHZGBKrE
i+hSfw+g1l7AFl6DYcwW0twyWIbugDnuf2zztD6RzjB0NtMhXt4e5JCq8oe7j4Zh
1yBQXDYLXG1u7TOWM7NS27kmlj6PHXrZgJdGtsKq40NG1WW2jRDjlV8pdfgK1KLs
dIRSh6ceawbMWOtkTV1RdwCUkCc6UtPhCBqioNxanf/5OItZjX1gNB0WcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIuy6HzX/YSGr6prAcyj+Oa27w+HMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaTdMb2ZOZjloSWF2cW1zQnpLUDQ1cmJ2RDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIRTBDgsy6W3UjtA4IAJ
ZwexYr1ZrnMOhqI4QltJUW65NmpdA1D98pUsFeRcdRRls2P3m5aE/H6tQALwW0e+
x7M/tLovb+LxxYsZIlLBkF3RoRN9YFwdELvjL/lq5p19Nog9SemAJEkMHpluqkUQ
j7AH8us8ynD/24vF2RTy06Mb9SI1uEGcWTdMbKGXtks40CA53rZzmfXhcvZjH3CG
9EkWfJI94H+O77N3nn1zH/NI726956veOR2mNcgnHK0yydVYwikUWNy9a4MJpB5g
TiI0jZLyRM71CqFsrG4Cg9WI2JhJMG4hyqzwAcP7oOiHMneVMtv+oQgrnbUQ0S7p
a6M=
-----END CERTIFICATE-----
Generated at Wed Jun 11 21:34:16 2025 by rpki-client