Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0-wSUN0Ho9jppEPs23gsWs16i-w.roa
File: 0-wSUN0Ho9jppEPs23gsWs16i-w.roa (raw, json)
Hash identifier: WL9c9tRXdsG+NGvur/KeYfjX3Hrwz5kykd8/Nxn2OhU=
Subject key identifier: D3:EC:12:50:DD:07:A3:D8:E9:A4:43:EC:DB:78:2C:5A:CD:7A:8B:EC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3ED2D6D465CDCAC6AEF5A077EFA0B2A5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0-wSUN0Ho9jppEPs23gsWs16i-w.roa
Signing time: Tue 29 Aug 2023 01:05:19 +0000
ROA not before: Tue 29 Aug 2023 01:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:3ed2:5462/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3e:d2:d6:d4:65:cd:ca:c6:ae:f5:a0:77:ef:a0:b2:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 29 01:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3ec1250dd07a3d8e9a443ecdb782c5acd7a8bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:42:48:91:6b:be:a7:2c:8a:79:16:6a:03:a3:
f0:9f:ea:44:06:be:65:71:d0:18:ed:16:99:13:20:
2f:e5:0d:64:af:3c:3f:cf:9b:6f:c8:be:05:87:d5:
a3:e8:5a:f2:5b:43:1f:07:56:d2:ae:90:6e:9c:4f:
58:67:6a:ad:22:33:d3:35:bc:81:44:fc:00:5f:7d:
c7:78:d6:d8:ad:db:21:97:9e:bb:01:31:85:3c:bd:
bf:29:e6:89:1a:8f:52:c7:c1:de:7d:73:12:2f:92:
ad:ca:63:78:09:f2:7e:a1:29:ca:7a:9e:2c:73:29:
ae:ac:07:99:dd:5d:a3:a7:ad:04:85:f7:45:e2:ba:
2d:2c:7f:05:0f:14:c5:92:72:33:2c:11:8a:c1:20:
70:bf:58:98:f3:75:0f:c2:69:85:0c:30:4f:8c:ae:
ec:2c:22:0a:db:69:61:6b:75:a6:de:3e:24:3f:94:
20:27:99:a6:9b:79:a2:38:d4:c2:07:22:e3:31:c4:
a4:5f:d3:dd:98:df:18:0f:69:20:72:4a:b7:c3:d2:
93:e7:f5:74:75:23:5e:b6:08:1f:86:45:f1:04:4a:
43:af:94:dd:a9:f2:03:b4:9f:5a:7b:ab:e1:5a:2f:
db:15:64:44:48:42:ff:96:fe:55:32:d2:07:61:20:
e7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:EC:12:50:DD:07:A3:D8:E9:A4:43:EC:DB:78:2C:5A:CD:7A:8B:EC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0-wSUN0Ho9jppEPs23gsWs16i-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:72:a1:2f:a9:e8:ac:08:a9:81:45:87:66:b3:f8:20:4e:89:
78:13:7d:56:eb:b0:b4:bc:e8:bd:ab:08:2d:ea:c4:69:bb:8e:
68:93:6b:05:e8:c3:59:71:7d:81:92:96:47:2f:77:1d:d3:5b:
14:67:29:20:f6:75:ce:77:45:f0:97:11:2b:21:1a:85:71:cf:
d0:a3:4a:24:75:2b:c8:b0:92:a2:57:22:bf:c6:df:db:61:40:
1d:00:d0:33:3c:4b:84:c7:02:15:e1:29:c0:2a:32:7e:8b:33:
fa:d9:ce:1c:16:d8:10:7e:e6:f9:35:38:bb:b0:b0:e5:6c:ce:
b3:1c:aa:42:23:9f:74:3a:08:53:e6:b1:d4:6e:53:55:5b:f6:
1b:2c:42:bb:9a:8d:17:bd:9e:39:07:8c:5f:7f:59:dd:89:40:
64:4b:c7:a6:bc:4b:ed:a2:ce:83:93:07:36:19:40:68:a2:cc:
98:ed:59:28:30:c7:23:92:6c:f0:4b:e4:47:dd:78:0c:98:3a:
83:e5:8e:d9:87:1f:c6:30:41:42:d6:a7:18:23:7b:21:d4:dc:
95:17:80:72:7e:c2:4f:3f:64:57:03:ff:93:a5:5f:b9:ff:53:
24:f7:91:db:0b:7a:5a:33:35:cb:1d:b0:38:34:73:cd:e9:bf:
9a:2f:2a:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo+0tbUZc3Kxq71oHfvoLKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI5MDEwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2VjMTI1MGRkMDdhM2Q4ZTlhNDQzZWNkYjc4MmM1YWNkN2E4YmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUJIkWu+pyyKeRZqA6Pwn+pEBr5l
cdAY7RaZEyAv5Q1krzw/z5tvyL4Fh9Wj6FryW0MfB1bSrpBunE9YZ2qtIjPTNbyB
RPwAX33HeNbYrdshl567ATGFPL2/KeaJGo9Sx8HefXMSL5KtymN4CfJ+oSnKep4s
cymurAeZ3V2jp60EhfdF4rotLH8FDxTFknIzLBGKwSBwv1iY83UPwmmFDDBPjK7s
LCIK22lha3Wm3j4kP5QgJ5mmm3miONTCByLjMcSkX9PdmN8YD2kgckq3w9KT5/V0
dSNetggfhkXxBEpDr5TdqfIDtJ9ae6vhWi/bFWRESEL/lv5VMtIHYSDnAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNPsElDdB6PY6aRD7Nt4LFrNeovsMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMC13U1VOMEhvOWpwcEVQczIzZ3NXczE2aS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHZyoS+p6KwIqYFFh2az
+CBOiXgTfVbrsLS86L2rCC3qxGm7jmiTawXow1lxfYGSlkcvdx3TWxRnKSD2dc53
RfCXESshGoVxz9CjSiR1K8iwkqJXIr/G39thQB0A0DM8S4THAhXhKcAqMn6LM/rZ
zhwW2BB+5vk1OLuwsOVszrMcqkIjn3Q6CFPmsdRuU1Vb9hssQruajRe9njkHjF9/
Wd2JQGRLx6a8S+2izoOTBzYZQGiizJjtWSgwxyOSbPBL5EfdeAyYOoPljtmHH8Yw
QULWpxgjeyHU3JUXgHJ+wk8/ZFcD/5OlX7n/UyT3kdsLelozNcsdsDg0c83pv5ov
KpM=
-----END CERTIFICATE-----
Generated at Thu May 1 09:41:51 2025 by rpki-client