Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0VonOqFmw2jE_J9ImpdBXqe9rS4.roa
File: 0VonOqFmw2jE_J9ImpdBXqe9rS4.roa (raw, json)
Hash identifier: VTooYLLB5uej05ZJoQJXtsG5Mle/MA2XeGeNFzSKWTA=
Subject key identifier: D1:5A:27:3A:A1:66:C3:68:C4:FC:9F:48:9A:97:41:5E:A7:BD:AD:2E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01852B5CE3DFF8BBA8BA2D9294332DBE4F9A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0VonOqFmw2jE_J9ImpdBXqe9rS4.roa
Signing time: Mon 19 Dec 2022 17:09:46 +0000
ROA not before: Mon 19 Dec 2022 17:09:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2b:5c:e3:df:f8:bb:a8:ba:2d:92:94:33:2d:be:4f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 19 17:09:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d15a273aa166c368c4fc9f489a97415ea7bdad2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fa:d5:4e:ba:10:e6:fb:b3:ab:d9:ec:0b:a8:
76:2b:d4:76:74:f3:e2:bd:e8:4e:b1:2d:2d:f9:eb:
2d:eb:56:57:e3:19:60:85:85:72:6c:fa:e7:0c:55:
99:97:2e:54:59:77:12:04:63:2f:2b:13:d5:f2:9d:
f8:59:25:bf:b7:04:b0:3f:88:47:4a:2d:60:fe:9a:
3b:ea:53:12:3b:7f:3d:f8:70:fe:3a:48:15:2a:1f:
0e:05:43:88:d0:46:c6:65:af:7f:a7:93:ce:33:86:
76:bf:db:ea:10:5d:5f:51:f1:43:32:43:81:ef:76:
a2:34:d4:9f:a5:02:f3:fd:91:73:eb:02:8f:50:45:
da:85:e5:73:8d:10:94:e6:1a:dc:45:ea:e2:00:68:
27:d5:c8:d1:fa:85:2c:64:b9:49:78:1e:fa:6a:8d:
46:a6:1b:da:b5:0c:4a:bc:17:1e:94:dd:f2:bf:c0:
15:84:49:35:54:6a:7c:63:75:fd:6e:f6:fe:38:40:
79:b6:2c:62:7f:33:a0:8b:b7:0c:08:a2:16:89:d6:
9d:c0:80:ec:1b:58:d7:f7:a4:1b:b6:1c:9e:48:87:
03:76:c9:3b:28:16:bb:e4:d2:23:d1:7b:6e:87:e1:
e7:13:6d:be:07:9b:e2:10:e6:87:0b:1d:bd:70:65:
8a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:5A:27:3A:A1:66:C3:68:C4:FC:9F:48:9A:97:41:5E:A7:BD:AD:2E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0VonOqFmw2jE_J9ImpdBXqe9rS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:61:fc:c4:d6:ff:8a:25:fe:68:8e:b5:bd:de:a1:42:bd:8e:
33:44:19:7d:85:58:54:63:d3:58:58:d8:66:e4:36:34:25:d8:
26:4b:f0:41:a2:4b:55:86:43:aa:0d:f6:7b:66:c0:05:9a:e5:
0f:e9:6d:10:8d:a9:a6:86:19:1e:3c:80:9e:1e:b6:ce:00:5d:
4f:61:38:b2:e7:00:32:53:aa:7b:e9:a6:42:c1:20:b1:f7:fd:
c1:ca:0f:c4:5d:b9:4d:8c:e0:79:30:4b:ba:13:55:d4:71:d4:
72:70:0d:f1:3d:f8:bf:7b:b2:d7:eb:19:b7:a7:84:95:3c:de:
ed:91:11:68:61:55:0c:27:2b:ed:0f:6b:8b:d6:24:ec:41:6b:
03:7b:ea:36:62:28:3b:ac:b1:bd:71:b6:16:ce:b3:a5:c2:44:
cc:37:53:e6:c3:73:10:07:8d:76:8b:39:38:9e:9c:f8:b1:7e:
fb:cf:b1:ba:4f:a7:be:10:71:25:42:52:8d:21:cd:8d:a0:06:
08:00:46:b5:f6:e5:5f:8e:08:73:af:8d:64:0e:67:c1:1d:71:
71:f8:ec:42:82:1c:b1:60:04:a4:03:96:98:12:68:90:28:f8:
39:aa:71:3f:06:8d:8f:a7:44:cd:1c:80:2b:64:f7:5d:69:d8:
32:10:70:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUrXOPf+Luoui2SlDMtvk+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE5MTcwOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTVhMjczYWExNjZjMzY4YzRmYzlmNDg5YTk3NDE1ZWE3YmRhZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/rVTroQ5vuzq9nsC6h2K9R2dPPi
vehOsS0t+est61ZX4xlghYVybPrnDFWZly5UWXcSBGMvKxPV8p34WSW/twSwP4hH
Si1g/po76lMSO389+HD+OkgVKh8OBUOI0EbGZa9/p5POM4Z2v9vqEF1fUfFDMkOB
73aiNNSfpQLz/ZFz6wKPUEXaheVzjRCU5hrcReriAGgn1cjR+oUsZLlJeB76ao1G
phvatQxKvBcelN3yv8AVhEk1VGp8Y3X9bvb+OEB5tixifzOgi7cMCKIWidadwIDs
G1jX96QbthyeSIcDdsk7KBa75NIj0Xtuh+HnE22+B5viEOaHCx29cGWK0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNFaJzqhZsNoxPyfSJqXQV6nva0uMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMFZvbk9xRm13MmpFX0o5SW1wZEJYcWU5clM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIxh/MTW/4ol/miOtb3e
oUK9jjNEGX2FWFRj01hY2GbkNjQl2CZL8EGiS1WGQ6oN9ntmwAWa5Q/pbRCNqaaG
GR48gJ4ets4AXU9hOLLnADJTqnvppkLBILH3/cHKD8RduU2M4HkwS7oTVdRx1HJw
DfE9+L97stfrGbenhJU83u2REWhhVQwnK+0Pa4vWJOxBawN76jZiKDussb1xthbO
s6XCRMw3U+bDcxAHjXaLOTienPixfvvPsbpPp74QcSVCUo0hzY2gBggARrX25V+O
CHOvjWQOZ8EdcXH47EKCHLFgBKQDlpgSaJAo+DmqcT8GjY+nRM0cgCtk911p2DIQ
cAQ=
-----END CERTIFICATE-----
Generated at Thu May 1 08:26:39 2025 by rpki-client