Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rzbi6A6kj5aNUJdMgnUTUUQuaAY.roa
File: rzbi6A6kj5aNUJdMgnUTUUQuaAY.roa (raw, json)
Hash identifier: 3xlb9zBx4c/CR8AxtOfT52gvhZzJMlNz/k3nhuosYx4=
Subject key identifier: AF:36:E2:E8:0E:A4:8F:96:8D:50:97:4C:82:75:13:51:44:2E:68:06
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186F91CECD35D0C8BCDEE75112C6EA44668
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rzbi6A6kj5aNUJdMgnUTUUQuaAY.roa
Signing time: Sun 19 Mar 2023 09:04:27 +0000
ROA not before: Sun 19 Mar 2023 09:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:f91c:e564/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f9:1c:ec:d3:5d:0c:8b:cd:ee:75:11:2c:6e:a4:46:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 19 09:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af36e2e80ea48f968d50974c82751351442e6806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b7:7d:78:dd:01:39:06:81:3e:a0:47:df:cb:
36:60:66:84:28:c7:9c:c2:9c:bb:ff:c1:fe:2f:41:
6e:4c:78:c1:be:ce:1b:df:ac:13:97:99:3a:22:d3:
c1:ea:20:01:05:ae:04:c9:92:f7:63:22:9f:d9:52:
17:66:92:53:16:cc:8b:da:dd:a3:55:41:31:81:5e:
4a:c0:3f:ed:af:d8:cd:bf:8c:e8:9e:b7:80:23:8a:
21:67:45:5d:d8:4e:38:c0:ea:e8:8a:b6:2f:13:bf:
bd:3e:e6:fc:46:e6:23:e2:86:67:e5:32:1a:f7:dc:
5f:7f:be:ad:bf:5e:19:b9:aa:20:c5:5e:60:f1:ca:
34:49:97:96:19:b6:16:a3:52:18:c6:e1:3f:28:57:
fa:7e:3e:24:3b:0e:df:ee:27:cc:00:b7:eb:d0:8d:
62:11:87:6c:7f:c6:ff:15:df:30:2f:27:72:91:99:
a6:fd:56:ec:40:89:cf:79:53:49:66:5b:9f:44:09:
c0:5d:54:d8:7c:ff:17:14:f0:15:ba:35:66:b9:9b:
ef:7a:de:17:f2:ae:8e:c5:87:c9:06:d6:83:3d:46:
9e:c0:28:b5:61:a2:4f:19:a8:fe:39:90:e2:fc:40:
46:76:19:7a:6e:a8:41:2a:e1:bb:11:ef:80:17:92:
50:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:36:E2:E8:0E:A4:8F:96:8D:50:97:4C:82:75:13:51:44:2E:68:06
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rzbi6A6kj5aNUJdMgnUTUUQuaAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:6e:af:3e:6e:f4:20:8b:59:65:94:57:99:f7:be:83:5a:ed:
fc:b7:2f:ce:67:86:23:d7:1b:f7:f4:85:ad:b4:ed:fc:77:b2:
5d:cb:82:c0:ba:58:38:18:ce:e7:bf:46:21:52:a6:a2:b3:e6:
5a:51:60:67:3c:ba:7d:ab:13:39:26:f5:d1:d5:1f:26:52:bc:
31:72:a5:dc:ba:ef:dc:cd:88:07:ef:1f:bf:a7:20:b9:d6:33:
c7:b7:ef:3b:eb:01:f6:5b:c0:60:46:fc:79:30:45:07:e3:8e:
11:14:c0:28:65:2c:6e:8a:ef:49:1a:d2:86:77:31:bc:53:de:
51:69:af:61:c7:14:56:4e:ff:fb:4a:b0:f4:c6:07:74:e7:5e:
4d:11:5c:ce:b1:d8:ba:d7:8c:9d:c2:18:53:f7:45:1d:ef:9a:
15:2d:eb:d2:13:4a:d8:89:d6:28:28:55:74:40:e9:a1:89:f9:
bd:d7:2a:9a:d4:5e:d4:d5:81:62:7b:d9:ef:3a:2f:9f:61:96:
ad:96:ae:b2:4b:86:05:74:90:d7:41:e1:dd:13:64:0a:a8:65:
fb:82:7a:a0:c9:72:30:a3:99:a2:c8:01:f8:94:64:05:ea:07:
73:6e:4b:36:e0:7b:7a:f4:23:f1:84:31:31:e3:12:22:c8:62:
79:05:0c:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYb5HOzTXQyLze51ESxupEZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE5MDkwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjM2ZTJlODBlYTQ4Zjk2OGQ1MDk3NGM4Mjc1MTM1MTQ0MmU2ODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurd9eN0BOQaBPqBH38s2YGaEKMec
wpy7/8H+L0FuTHjBvs4b36wTl5k6ItPB6iABBa4EyZL3YyKf2VIXZpJTFsyL2t2j
VUExgV5KwD/tr9jNv4zonreAI4ohZ0Vd2E44wOroirYvE7+9Pub8RuYj4oZn5TIa
99xff76tv14ZuaogxV5g8co0SZeWGbYWo1IYxuE/KFf6fj4kOw7f7ifMALfr0I1i
EYdsf8b/Fd8wLydykZmm/VbsQInPeVNJZlufRAnAXVTYfP8XFPAVujVmuZvvet4X
8q6OxYfJBtaDPUaewCi1YaJPGaj+OZDi/EBGdhl6bqhBKuG7Ee+AF5JQ1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK824ugOpI+WjVCXTIJ1E1FELmgGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcnpiaTZBNmtqNWFOVUpkTWduVVRVVVF1YUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF5urz5u9CCLWWWUV5n3
voNa7fy3L85nhiPXG/f0ha207fx3sl3LgsC6WDgYzue/RiFSpqKz5lpRYGc8un2r
Ezkm9dHVHyZSvDFypdy679zNiAfvH7+nILnWM8e37zvrAfZbwGBG/HkwRQfjjhEU
wChlLG6K70ka0oZ3MbxT3lFpr2HHFFZO//tKsPTGB3TnXk0RXM6x2LrXjJ3CGFP3
RR3vmhUt69ITStiJ1igoVXRA6aGJ+b3XKprUXtTVgWJ72e86L59hlq2WrrJLhgV0
kNdB4d0TZAqoZfuCeqDJcjCjmaLIAfiUZAXqB3NuSzbge3r0I/GEMTHjEiLIYnkF
DOA=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:43:33 2025 by rpki-client