Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/72JRayZ5EKNjdbaTM2My8y-yqt4.roa
File: 72JRayZ5EKNjdbaTM2My8y-yqt4.roa (raw, json)
Hash identifier: B/xCunaZEl2VjQvWSqkH/K8Zsj+lOMfaGVjrLoSUOUM=
Subject key identifier: EF:62:51:6B:26:79:10:A3:63:75:B6:93:33:63:32:F3:2F:B2:AA:DE
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6AD2C1740EC7F6A41BA27B8829A5368E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/72JRayZ5EKNjdbaTM2My8y-yqt4.roa
Signing time: Fri 15 Dec 2023 00:14:06 +0000
ROA not before: Fri 15 Dec 2023 00:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6a:d2:c1:74:0e:c7:f6:a4:1b:a2:7b:88:29:a5:36:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 15 00:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef62516b267910a36375b693336332f32fb2aade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ad:66:f6:ea:96:0f:32:3c:fe:85:6e:b7:8f:
eb:c1:1f:b0:a3:cf:74:b7:e9:af:fe:23:bc:45:e0:
6e:fb:90:8d:e3:fd:69:8c:f4:95:aa:ff:65:e5:c8:
6a:b1:08:c1:84:93:13:cf:e3:23:e2:92:d4:94:8c:
c1:98:65:e7:1e:68:30:3b:04:09:b6:74:09:4c:2f:
06:0a:ae:58:37:ea:a5:39:95:fb:85:05:13:1d:8a:
f8:91:91:e2:fc:53:43:91:81:75:b0:5e:d7:41:95:
44:e5:3d:e7:dc:ab:d5:23:d3:aa:7d:e3:b5:34:2c:
42:8f:27:7d:97:5e:7a:5f:1b:2e:7c:6e:13:44:d4:
8a:f0:65:1d:da:49:b9:9a:2f:42:10:fa:fb:17:df:
61:8e:5d:2c:9c:d2:2b:c4:0b:89:10:9c:d7:f5:a5:
b7:1d:2c:f1:59:14:f8:0a:5d:22:b8:2f:61:3a:63:
57:3a:13:3c:a2:26:4b:c0:2d:bc:d7:b1:78:ba:85:
dc:80:c8:86:49:66:05:3b:fc:4b:92:7a:d9:d5:2c:
70:58:90:a8:c7:a5:0e:d2:c6:24:3f:b0:94:a2:c8:
aa:26:7a:c3:47:5a:bc:e3:31:52:c8:45:9f:b9:0e:
0c:19:60:e5:fb:d2:0a:5f:8a:26:cb:11:aa:ba:6a:
17:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:62:51:6B:26:79:10:A3:63:75:B6:93:33:63:32:F3:2F:B2:AA:DE
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/72JRayZ5EKNjdbaTM2My8y-yqt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7a:8a:28:be:97:3a:d6:c9:f2:76:31:2f:a4:4a:20:4a:ef:ba:
59:89:22:5a:bf:f2:4a:bf:ba:aa:9e:a1:62:a8:76:2b:cd:94:
97:9e:16:35:96:1b:d4:81:6f:35:7d:96:57:6a:86:90:3f:c9:
34:53:62:9d:6c:97:2d:1b:73:28:86:02:08:74:5e:ba:7a:0d:
ce:40:c8:40:ce:4e:12:25:93:1e:50:2b:67:0f:0f:30:0a:52:
77:55:a8:3b:3c:69:38:6f:fa:47:60:f1:58:b5:d1:fe:51:c7:
37:02:e9:e4:f4:2f:ea:d6:a2:3a:58:e4:4f:16:7e:96:3b:b9:
4a:73:2d:24:d4:60:65:c0:01:61:ff:92:e1:59:ec:79:c4:58:
a3:78:e8:39:1f:74:5a:27:d6:7d:57:a9:9d:1e:09:98:d0:b9:
49:75:d7:c1:44:3e:5c:37:e8:2e:50:e3:7a:2d:73:b3:11:97:
07:a4:c0:77:bd:55:f4:1c:54:83:84:ab:15:a6:3a:4f:b2:5d:
dc:82:35:7e:21:90:d1:1b:63:3d:1a:b0:ba:a3:9e:cd:c5:88:
78:37:d6:31:f0:6c:99:8f:f8:1f:25:75:03:d9:78:82:88:7b:
4c:74:be:e7:a8:5e:9a:9e:22:24:5d:1a:64:5d:00:95:27:95:
47:2d:11:1e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxq0sF0Dsf2pBuie4gppTaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE1MDAxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjYyNTE2YjI2NzkxMGEzNjM3NWI2OTMzMzYzMzJmMzJmYjJhYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq1m9uqWDzI8/oVut4/rwR+wo890
t+mv/iO8ReBu+5CN4/1pjPSVqv9l5chqsQjBhJMTz+Mj4pLUlIzBmGXnHmgwOwQJ
tnQJTC8GCq5YN+qlOZX7hQUTHYr4kZHi/FNDkYF1sF7XQZVE5T3n3KvVI9OqfeO1
NCxCjyd9l156XxsufG4TRNSK8GUd2km5mi9CEPr7F99hjl0snNIrxAuJEJzX9aW3
HSzxWRT4Cl0iuC9hOmNXOhM8oiZLwC2817F4uoXcgMiGSWYFO/xLknrZ1SxwWJCo
x6UO0sYkP7CUosiqJnrDR1q84zFSyEWfuQ4MGWDl+9IKX4omyxGqumoXMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO9iUWsmeRCjY3W2kzNjMvMvsqreMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNzJKUmF5WjVFS05qZGJhVE0yTXk4eS15cXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHqKKL6XOtbJ8nYxL6RK
IErvulmJIlq/8kq/uqqeoWKodivNlJeeFjWWG9SBbzV9lldqhpA/yTRTYp1sly0b
cyiGAgh0Xrp6Dc5AyEDOThIlkx5QK2cPDzAKUndVqDs8aThv+kdg8Vi10f5RxzcC
6eT0L+rWojpY5E8WfpY7uUpzLSTUYGXAAWH/kuFZ7HnEWKN46DkfdFon1n1XqZ0e
CZjQuUl118FEPlw36C5Q43otc7MRlwekwHe9VfQcVIOEqxWmOk+yXdyCNX4hkNEb
Yz0asLqjns3FiHg31jHwbJmP+B8ldQPZeIKIe0x0vueoXpqeIiRdGmRdAJUnlUct
ER4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:54:54 2025 by rpki-client