Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0WFKmzZ3oWCjDY33BwdED7B6_1c.roa
File: 0WFKmzZ3oWCjDY33BwdED7B6_1c.roa (raw, json)
Hash identifier: UeZGucNfWrq54aNA+hWtv1n5Lea+6pFgmhv68esVNVQ=
Subject key identifier: D1:61:4A:9B:36:77:A1:60:A3:0D:8D:F7:07:07:44:0F:B0:7A:FF:57
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3BA89A5F82766D6C42CF7ECBA86BEBC3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0WFKmzZ3oWCjDY33BwdED7B6_1c.roa
Signing time: Mon 28 Aug 2023 10:20:19 +0000
ROA not before: Mon 28 Aug 2023 10:20:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:a8:9a:5f:82:76:6d:6c:42:cf:7e:cb:a8:6b:eb:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 10:20:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1614a9b3677a160a30d8df70707440fb07aff57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3e:b4:df:7f:c9:8d:ba:32:28:cf:86:48:6e:
97:52:41:a4:5f:c8:27:67:49:bb:d1:2d:63:45:17:
59:5a:70:30:89:ca:b2:ff:38:ff:2d:13:55:25:77:
1c:53:87:49:42:8c:ac:c9:62:ed:ae:7c:ab:76:24:
59:ce:87:ac:e0:35:62:53:4a:6b:fa:1a:1d:e7:c9:
45:0b:13:bd:ba:71:6b:1e:16:8d:29:81:94:7e:16:
ff:40:4e:df:ab:1b:3b:33:43:90:64:ab:e2:22:89:
40:79:c5:bc:74:4e:c8:b3:cb:71:43:a9:07:02:26:
fc:4d:1a:8e:e0:2b:10:99:b1:48:79:38:58:4a:43:
c2:73:ae:36:72:73:8c:2a:0b:7d:c5:fb:68:e5:44:
de:b2:d4:c7:95:59:27:76:74:92:9d:a8:b6:4a:67:
2f:60:85:80:6d:d6:71:0c:c6:e4:af:f2:d2:7d:1c:
ae:06:42:8b:c8:8b:64:6c:a6:86:08:dc:94:7a:05:
79:8f:66:44:84:ff:8d:2f:c5:65:04:f8:a0:c0:a0:
ca:0c:48:55:11:48:14:ee:2c:49:c8:0f:ba:29:6a:
36:39:62:ee:b7:06:2f:7d:f3:f6:bd:5c:9e:a9:ca:
21:3f:09:fb:74:09:c9:32:3a:6a:43:63:63:e3:45:
b7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:61:4A:9B:36:77:A1:60:A3:0D:8D:F7:07:07:44:0F:B0:7A:FF:57
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0WFKmzZ3oWCjDY33BwdED7B6_1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:4a:2e:e6:a5:ba:6e:70:0a:f9:10:f4:79:2c:a9:32:8a:37:
24:5e:ee:c5:53:ed:ea:3a:08:fb:54:71:24:dc:a7:15:eb:08:
b3:5d:23:54:ba:e8:3a:52:e3:2e:cd:7a:7b:3c:58:d7:cd:88:
c9:d8:1f:95:76:ac:28:31:50:4b:d8:89:8b:31:2d:59:49:31:
6d:95:08:d1:47:a9:0d:1a:1a:0d:f0:ab:3e:fb:53:a7:0f:d2:
88:3d:2e:8d:73:f9:92:1d:ee:e3:ef:a4:f2:a9:a8:f8:6e:fb:
1d:e5:b7:c9:b3:52:e0:11:27:1f:db:64:3b:e4:fa:f2:e0:dd:
97:0d:28:d6:fb:3a:90:0f:ae:d0:2c:3a:81:29:7d:de:bd:ae:
39:b5:fb:32:d2:02:bd:31:8a:4d:ca:eb:2b:1d:0a:99:50:7e:
7d:47:00:23:8d:2a:de:fe:94:19:f6:fe:50:33:36:74:ad:6b:
e0:30:78:4f:7c:7c:42:9d:bc:03:24:4b:6d:50:86:12:26:91:
39:aa:46:10:50:a6:53:99:24:b9:f2:0e:05:a6:47:45:af:59:
60:cc:5f:3a:47:a5:fd:35:84:cb:a8:a7:db:87:ef:4c:a8:59:
1f:bd:39:5a:62:b4:26:db:20:a9:40:88:0b:d2:25:c5:be:ac:
09:7d:de:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo7qJpfgnZtbELPfsuoa+vDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI4MTAyMDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTYxNGE5YjM2NzdhMTYwYTMwZDhkZjcwNzA3NDQwZmIwN2FmZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAij6033/JjboyKM+GSG6XUkGkX8gn
Z0m70S1jRRdZWnAwicqy/zj/LRNVJXccU4dJQoysyWLtrnyrdiRZzoes4DViU0pr
+hod58lFCxO9unFrHhaNKYGUfhb/QE7fqxs7M0OQZKviIolAecW8dE7Is8txQ6kH
Aib8TRqO4CsQmbFIeThYSkPCc642cnOMKgt9xfto5UTestTHlVkndnSSnai2Smcv
YIWAbdZxDMbkr/LSfRyuBkKLyItkbKaGCNyUegV5j2ZEhP+NL8VlBPigwKDKDEhV
EUgU7ixJyA+6KWo2OWLutwYvffP2vVyeqcohPwn7dAnJMjpqQ2Nj40W3AwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNFhSps2d6Fgow2N9wcHRA+wev9XMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMFdGS216WjNvV0NqRFkzM0J3ZEVEN0I2XzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHhKLualum5wCvkQ9Hks
qTKKNyRe7sVT7eo6CPtUcSTcpxXrCLNdI1S66DpS4y7Nens8WNfNiMnYH5V2rCgx
UEvYiYsxLVlJMW2VCNFHqQ0aGg3wqz77U6cP0og9Lo1z+ZId7uPvpPKpqPhu+x3l
t8mzUuARJx/bZDvk+vLg3ZcNKNb7OpAPrtAsOoEpfd69rjm1+zLSAr0xik3K6ysd
CplQfn1HACONKt7+lBn2/lAzNnSta+AweE98fEKdvAMkS21QhhImkTmqRhBQplOZ
JLnyDgWmR0WvWWDMXzpHpf01hMuop9uH70yoWR+9OVpitCbbIKlAiAvSJcW+rAl9
3uY=
-----END CERTIFICATE-----
Generated at Thu May 1 02:52:05 2025 by rpki-client