Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/72E-dZgTlnm0kyyWaaqvmRG2gc0.roa
File: 72E-dZgTlnm0kyyWaaqvmRG2gc0.roa (raw, json)
Hash identifier: ORmVZCjVo5P439Z/KzztWI0OLEZszZ5ugq74anKmp6Y=
Subject key identifier: EF:61:3E:75:98:13:96:79:B4:93:2C:96:69:AA:AF:99:11:B6:81:CD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B60B76E64D381C6FB4901D9A5FB736A65
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/72E-dZgTlnm0kyyWaaqvmRG2gc0.roa
Signing time: Tue 24 Oct 2023 08:05:15 +0000
ROA not before: Tue 24 Oct 2023 08:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18b:60b6:f291/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:60:b7:6e:64:d3:81:c6:fb:49:01:d9:a5:fb:73:6a:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 24 08:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef613e7598139679b4932c9669aaaf9911b681cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:36:8a:ec:84:3f:8e:00:b0:58:0e:2d:94:27:
06:55:b0:d3:1c:ca:dd:24:f0:9e:0a:61:51:5d:cf:
34:80:e3:fb:89:fe:41:c9:e6:2e:c7:45:ee:9a:60:
14:92:6d:b1:fd:ab:13:45:12:e4:96:52:7d:7f:ec:
9f:49:3c:a3:65:77:68:48:d1:3f:f7:1f:7d:08:6b:
50:05:04:0c:79:df:e5:ef:35:b1:3d:3c:da:f6:14:
5a:eb:40:2d:01:af:7d:e9:29:f5:8c:44:72:c3:9d:
8a:47:bb:7c:c8:e3:b5:a8:3d:91:b0:14:0a:26:eb:
37:64:93:94:1d:1d:ff:1d:36:bb:ee:e3:ad:83:b1:
43:72:8b:36:33:9f:9f:8e:fc:1e:2d:bb:fe:cf:06:
69:1f:bf:1f:cb:ea:dd:3e:34:3f:78:d4:09:73:85:
68:bf:d1:75:4a:32:af:3d:20:33:87:60:0c:1c:3c:
b8:64:88:e8:d4:d0:19:bd:ce:1f:38:9a:95:e3:f8:
76:e8:a5:03:f4:f1:53:4a:66:bd:ea:02:55:33:74:
32:83:c7:6a:a3:b9:ef:d7:d8:26:00:e5:2a:23:3e:
0b:6a:23:19:64:df:8c:35:df:e3:5a:ea:e6:7b:80:
04:e2:9f:04:31:d0:60:71:9f:a4:25:2e:5f:63:5e:
3f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:61:3E:75:98:13:96:79:B4:93:2C:96:69:AA:AF:99:11:B6:81:CD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/72E-dZgTlnm0kyyWaaqvmRG2gc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
81:a3:51:67:55:af:f4:2a:52:c1:ea:48:c2:81:e1:63:5d:64:
f4:c3:ce:8b:52:11:5a:5d:6b:e4:6b:d6:72:d7:bc:7d:19:9e:
0d:4c:6d:2d:d0:de:89:65:a8:79:c1:b7:2a:08:a2:65:c0:f9:
df:5e:6a:18:9a:84:80:39:bf:09:27:b3:48:05:bd:00:54:1e:
71:f6:f3:be:20:3b:a9:e0:a2:9d:9f:fe:f9:85:47:59:b4:f0:
12:0d:90:30:72:5d:26:0d:15:8d:bb:84:92:41:99:fd:40:49:
28:c3:22:4b:27:7e:52:cf:d9:8d:56:c5:de:9d:10:15:ef:40:
de:83:22:98:d8:84:78:04:d7:f2:06:a4:23:0a:b7:aa:63:02:
20:e0:99:97:27:19:84:c6:06:0d:7f:37:19:2f:c0:30:6f:19:
f5:0b:88:aa:b4:16:1a:62:04:b4:dd:4d:28:bf:bb:86:33:81:
1c:fc:c7:5c:c0:0f:74:0c:b7:ec:cd:da:59:f3:79:7c:7b:08:
d0:bf:7e:65:cf:83:c9:36:fe:71:a6:d3:da:9a:0f:c8:69:51:
4d:a2:b5:4f:00:26:d6:06:d6:67:65:35:5c:4b:a4:cc:72:77:
8e:8f:92:85:ab:44:ef:d9:d3:cd:27:74:d1:48:25:be:a3:3f:
0f:04:3b:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtgt25k04HG+0kB2aX7c2plMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI0MDgwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjYxM2U3NTk4MTM5Njc5YjQ5MzJjOTY2OWFhYWY5OTExYjY4MWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjaK7IQ/jgCwWA4tlCcGVbDTHMrd
JPCeCmFRXc80gOP7if5ByeYux0XummAUkm2x/asTRRLkllJ9f+yfSTyjZXdoSNE/
9x99CGtQBQQMed/l7zWxPTza9hRa60AtAa996Sn1jERyw52KR7t8yOO1qD2RsBQK
Jus3ZJOUHR3/HTa77uOtg7FDcos2M5+fjvweLbv+zwZpH78fy+rdPjQ/eNQJc4Vo
v9F1SjKvPSAzh2AMHDy4ZIjo1NAZvc4fOJqV4/h26KUD9PFTSma96gJVM3Qyg8dq
o7nv19gmAOUqIz4LaiMZZN+MNd/jWurme4AE4p8EMdBgcZ+kJS5fY14/FwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO9hPnWYE5Z5tJMslmmqr5kRtoHNMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNzJFLWRaZ1Rsbm0wa3l5V2FhcXZtUkcyZ2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIGjUWdVr/QqUsHqSMKB
4WNdZPTDzotSEVpda+Rr1nLXvH0Zng1MbS3Q3ollqHnBtyoIomXA+d9eahiahIA5
vwkns0gFvQBUHnH2874gO6ngop2f/vmFR1m08BINkDByXSYNFY27hJJBmf1ASSjD
IksnflLP2Y1Wxd6dEBXvQN6DIpjYhHgE1/IGpCMKt6pjAiDgmZcnGYTGBg1/Nxkv
wDBvGfULiKq0FhpiBLTdTSi/u4YzgRz8x1zAD3QMt+zN2lnzeXx7CNC/fmXPg8k2
/nGm09qaD8hpUU2itU8AJtYG1mdlNVxLpMxyd46PkoWrRO/Z080ndNFIJb6jPw8E
O3k=
-----END CERTIFICATE-----
Generated at Sun May 11 22:30:43 2025 by rpki-client