Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/n-D1FvcOGDNhhwFMcyfRcyl3Lgc.roa
File: n-D1FvcOGDNhhwFMcyfRcyl3Lgc.roa (raw, json)
Hash identifier: pkR0zs+48oCXcevRhigUdH2mQfs0SypI6A+wnRNraOc=
Subject key identifier: 9F:E0:F5:16:F7:0E:18:33:61:87:01:4C:73:27:D1:73:29:77:2E:07
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867A831C5B4F6BC834B71CFF928828FA68
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/n-D1FvcOGDNhhwFMcyfRcyl3Lgc.roa
Signing time: Wed 22 Feb 2023 19:04:18 +0000
ROA not before: Wed 22 Feb 2023 19:04:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
2001:67c:64:ffff:0:186:7a83:1419/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7a:83:1c:5b:4f:6b:c8:34:b7:1c:ff:92:88:28:fa:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 19:04:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fe0f516f70e18336187014c7327d17329772e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d7:76:cc:f4:89:d7:fa:5c:3d:af:33:c6:0c:
32:98:43:a2:ed:42:2b:22:cd:e2:63:1b:3a:2f:ea:
85:08:c1:c3:1a:34:51:0a:dd:af:c4:b0:33:e1:5d:
f1:62:30:30:46:1d:97:b3:0e:e5:cb:2c:cf:69:27:
dd:b0:a5:ec:af:2a:9f:08:9e:96:92:74:50:d4:3f:
52:45:f4:8e:17:81:bf:b8:cf:34:16:e6:7f:fc:bf:
94:17:e6:e6:ba:44:87:de:44:61:bf:3f:a4:00:82:
ff:f2:38:b0:9f:e6:b8:c0:96:7f:8d:bb:c2:92:ee:
ba:44:50:24:5f:99:e6:e9:3c:56:82:62:0e:3a:30:
97:9a:79:d2:4a:21:01:1b:19:7c:11:76:e6:05:ed:
48:c6:6d:cf:a6:b0:a5:e5:10:98:4e:0c:2e:47:98:
ac:2d:0e:42:6a:85:7a:9a:85:e1:f5:f6:cd:aa:01:
db:83:f2:52:db:0d:93:28:73:8e:6d:0d:c1:95:99:
f6:23:db:6f:a8:a4:ec:a7:39:92:4a:97:ef:7c:fe:
0b:47:87:f1:29:bb:a2:46:9a:ee:12:13:63:b7:17:
9b:f8:31:2a:76:d4:e4:09:67:e0:db:8a:bb:26:2a:
ed:10:68:a7:7d:53:ac:49:c1:77:ed:b5:bc:70:d1:
3e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E0:F5:16:F7:0E:18:33:61:87:01:4C:73:27:D1:73:29:77:2E:07
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/n-D1FvcOGDNhhwFMcyfRcyl3Lgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:fc:44:0b:5e:10:fc:af:22:90:cd:1e:ff:1b:e0:cd:39:96:
47:3c:67:6a:af:87:cd:b0:5c:40:bd:09:c8:2d:ef:49:07:01:
f9:fd:0d:40:66:45:08:3f:2d:23:66:0e:04:2c:91:a4:32:13:
e8:e0:fc:a8:61:fb:23:83:40:61:10:06:4e:48:1d:2d:0c:34:
5a:df:af:15:5f:2a:4b:6a:48:fb:da:22:36:1d:65:f0:52:f9:
bd:b6:dd:ba:11:f3:9d:3c:38:f3:7e:57:25:86:48:cc:09:0e:
5b:ae:52:25:65:5f:8a:50:d4:ff:8c:93:1b:f5:fa:44:ba:48:
de:f6:d7:94:c1:1f:0a:d8:48:5e:ec:23:df:d4:31:93:a3:b7:
1c:86:cd:00:d4:05:13:5d:93:5d:08:28:69:5a:f0:87:86:07:
7d:1e:69:8b:2a:16:4e:e7:8b:05:ab:f5:a3:30:6c:c3:94:ab:
b3:9c:c7:6d:b0:d9:bd:35:0a:86:ea:3d:1a:22:08:c8:5e:7e:
bf:2e:9d:67:5d:cd:c1:81:a7:a0:35:9a:28:23:03:a5:c2:9c:
73:b8:d5:4c:28:12:dd:f1:d6:40:f6:ad:30:77:cd:ac:43:59:
4e:52:7c:fc:49:15:5d:bb:37:f8:75:2c:2c:90:15:68:6b:96:
c9:17:57:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ6gxxbT2vINLcc/5KIKPpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMTkwNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmUwZjUxNmY3MGUxODMzNjE4NzAxNGM3MzI3ZDE3MzI5NzcyZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNd2zPSJ1/pcPa8zxgwymEOi7UIr
Is3iYxs6L+qFCMHDGjRRCt2vxLAz4V3xYjAwRh2Xsw7lyyzPaSfdsKXsryqfCJ6W
knRQ1D9SRfSOF4G/uM80FuZ//L+UF+bmukSH3kRhvz+kAIL/8jiwn+a4wJZ/jbvC
ku66RFAkX5nm6TxWgmIOOjCXmnnSSiEBGxl8EXbmBe1Ixm3PprCl5RCYTgwuR5is
LQ5CaoV6moXh9fbNqgHbg/JS2w2TKHOObQ3BlZn2I9tvqKTspzmSSpfvfP4LR4fx
KbuiRpruEhNjtxeb+DEqdtTkCWfg24q7JirtEGinfVOsScF37bW8cNE+IwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ/g9Rb3DhgzYYcBTHMn0XMpdy4HMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbi1EMUZ2Y09HRE5oaHdGTWN5ZlJjeWwzTGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG/8RAteEPyvIpDNHv8b
4M05lkc8Z2qvh82wXEC9Ccgt70kHAfn9DUBmRQg/LSNmDgQskaQyE+jg/Khh+yOD
QGEQBk5IHS0MNFrfrxVfKktqSPvaIjYdZfBS+b223boR8508OPN+VyWGSMwJDluu
UiVlX4pQ1P+Mkxv1+kS6SN7215TBHwrYSF7sI9/UMZOjtxyGzQDUBRNdk10IKGla
8IeGB30eaYsqFk7niwWr9aMwbMOUq7Ocx22w2b01CobqPRoiCMhefr8unWddzcGB
p6A1migjA6XCnHO41UwoEt3x1kD2rTB3zaxDWU5SfPxJFV27N/h1LCyQFWhrlskX
V/E=
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:42:25 2025 by rpki-client