Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/72tyvebJ7NgjNURMGhbm8sDzWVY.roa
File: 72tyvebJ7NgjNURMGhbm8sDzWVY.roa (raw, json)
Hash identifier: KAL6frrBHMUKDuR0Y/AMdaDNSQXHOggOMyrkzX05EUM=
Subject key identifier: EF:6B:72:BD:E6:C9:EC:D8:23:35:44:4C:1A:16:E6:F2:C0:F3:59:56
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C721E6ECB98B60C1C8A8AEF7596439996
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/72tyvebJ7NgjNURMGhbm8sDzWVY.roa
Signing time: Sat 16 Dec 2023 10:14:06 +0000
ROA not before: Sat 16 Dec 2023 10:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:72:1e:6e:cb:98:b6:0c:1c:8a:8a:ef:75:96:43:99:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 16 10:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef6b72bde6c9ecd82335444c1a16e6f2c0f35956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5c:0c:64:49:d5:b7:bd:d5:05:0e:67:cc:ac:
78:33:e2:bc:73:1a:ae:34:67:d5:ea:08:94:1f:08:
6c:06:90:69:8d:df:d0:d2:2e:ef:c9:4f:ff:ee:75:
a9:47:a6:06:53:94:01:2e:6e:d0:fb:8e:e4:86:be:
1d:2f:1b:cd:b4:ec:6c:4d:a8:07:ed:9e:e5:50:29:
42:c3:cd:87:a7:7d:dc:59:8c:81:b1:a9:d8:30:b8:
19:1f:96:a9:3c:be:f0:39:15:db:d6:c9:bc:e3:49:
41:c3:a0:d7:61:ba:06:27:9a:ed:73:d8:13:75:c7:
88:b7:f9:df:7c:75:ed:51:0d:3e:02:e6:46:b4:0d:
f8:f6:30:dd:ed:8c:a1:a0:91:9b:7c:6d:2e:f0:0a:
b7:a5:31:ef:84:e8:71:26:bc:1b:9d:89:5a:38:e0:
50:c2:bc:df:37:37:b6:46:c7:10:ff:14:b1:ce:62:
61:53:86:09:36:bb:d4:ba:94:87:c4:7c:56:98:bd:
cc:f2:ee:3a:03:38:ab:bb:73:79:4f:f1:52:8e:50:
ff:28:fb:1a:06:1f:b7:c4:75:8f:e6:9c:34:ef:33:
31:36:c6:e9:eb:25:d5:76:8d:30:cb:8d:fc:6c:37:
04:f8:a3:29:7f:a8:e3:d1:fb:60:dd:59:0a:e0:2e:
64:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:6B:72:BD:E6:C9:EC:D8:23:35:44:4C:1A:16:E6:F2:C0:F3:59:56
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/72tyvebJ7NgjNURMGhbm8sDzWVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ba:4b:33:e7:34:c8:69:0b:f7:7c:0d:0d:a9:1d:92:f1:d1:0e:
0b:2f:f6:31:38:48:d7:ff:bc:85:fc:3a:b7:31:6b:b5:95:ff:
3e:8b:e1:63:92:34:56:d1:75:30:99:ba:dc:fc:14:81:22:d4:
74:6e:15:46:a9:f4:68:6b:5b:72:50:ea:5d:72:a4:8a:b4:83:
ba:68:61:b2:e5:b5:af:7b:e8:e1:29:6c:99:83:1d:a4:35:8e:
09:07:1c:25:cb:0f:b1:15:a3:65:bf:61:51:86:c4:92:93:a9:
dc:a3:1a:16:00:14:e1:44:5c:2d:3c:d8:6b:3b:a6:36:c8:84:
e7:9c:18:a7:44:08:14:17:d3:6c:d1:ca:58:b4:7b:6c:d1:55:
2b:c5:e2:5b:6e:23:7f:ca:11:a5:84:a7:25:d0:8b:31:c2:b2:
e0:6a:45:d8:c5:8f:81:40:4c:7d:a2:64:72:33:eb:0b:81:79:
52:3d:72:db:e2:b8:04:67:8d:78:1b:dc:46:19:28:13:f0:bf:
ae:21:63:8e:78:61:3b:84:f2:8e:d7:c3:51:54:b3:f4:be:71:
47:22:28:6b:9e:98:91:91:d2:3e:51:aa:a6:e2:f0:11:d0:d6:
ed:2d:ce:61:65:fb:36:ac:ef:0a:a8:24:5d:8c:1d:2c:da:17:
2c:c9:99:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxyHm7LmLYMHIqK73WWQ5mWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE2MTAxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjZiNzJiZGU2YzllY2Q4MjMzNTQ0NGMxYTE2ZTZmMmMwZjM1OTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlwMZEnVt73VBQ5nzKx4M+K8cxqu
NGfV6giUHwhsBpBpjd/Q0i7vyU//7nWpR6YGU5QBLm7Q+47khr4dLxvNtOxsTagH
7Z7lUClCw82Hp33cWYyBsanYMLgZH5apPL7wORXb1sm840lBw6DXYboGJ5rtc9gT
dceIt/nffHXtUQ0+AuZGtA349jDd7YyhoJGbfG0u8Aq3pTHvhOhxJrwbnYlaOOBQ
wrzfNze2RscQ/xSxzmJhU4YJNrvUupSHxHxWmL3M8u46Aziru3N5T/FSjlD/KPsa
Bh+3xHWP5pw07zMxNsbp6yXVdo0wy438bDcE+KMpf6jj0ftg3VkK4C5kewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO9rcr3myezYIzVETBoW5vLA81lWMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNzJ0eXZlYko3TmdqTlVSTUdoYm04c0R6V1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALpLM+c0yGkL93wNDakd
kvHRDgsv9jE4SNf/vIX8Orcxa7WV/z6L4WOSNFbRdTCZutz8FIEi1HRuFUap9Ghr
W3JQ6l1ypIq0g7poYbLlta976OEpbJmDHaQ1jgkHHCXLD7EVo2W/YVGGxJKTqdyj
GhYAFOFEXC082Gs7pjbIhOecGKdECBQX02zRyli0e2zRVSvF4ltuI3/KEaWEpyXQ
izHCsuBqRdjFj4FATH2iZHIz6wuBeVI9ctviuARnjXgb3EYZKBPwv64hY454YTuE
8o7Xw1FUs/S+cUciKGuemJGR0j5Rqqbi8BHQ1u0tzmFl+zas7wqoJF2MHSzaFyzJ
mQI=
-----END CERTIFICATE-----
Generated at Sun May 11 16:30:10 2025 by rpki-client