Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0sWN3W4rkZiEK54BslkQ4oUXA2I.roa
File: 0sWN3W4rkZiEK54BslkQ4oUXA2I.roa (raw, json)
Hash identifier: xosBX1ant5himRo1im2tQ4HKSSljtZIQNLVuxSZH00g=
Subject key identifier: D2:C5:8D:DD:6E:2B:91:98:84:2B:9E:01:B2:59:10:E2:85:17:03:62
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01857DF7ADC8A9E0FC4459058A37A295F6DD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0sWN3W4rkZiEK54BslkQ4oUXA2I.roa
Signing time: Wed 04 Jan 2023 18:07:41 +0000
ROA not before: Wed 04 Jan 2023 18:07:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7d:f7:ad:c8:a9:e0:fc:44:59:05:8a:37:a2:95:f6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 4 18:07:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2c58ddd6e2b9198842b9e01b25910e285170362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d4:18:d0:3a:18:ad:ce:86:84:5e:40:2f:d7:
28:a6:d5:59:85:f6:cc:71:3f:f1:ec:bf:17:05:1e:
ce:61:29:19:b7:12:8f:e7:ba:25:f8:6b:20:5c:4e:
e0:43:71:16:f9:c9:b6:c9:4b:e9:c5:d2:f5:db:68:
77:c5:68:ea:49:8a:2b:e1:c3:87:c3:76:3f:50:6f:
41:d4:72:e3:bb:02:b5:2a:af:64:c9:7d:63:37:d5:
2c:ae:ef:30:ea:96:e9:8b:c5:7a:48:29:c5:b2:9d:
f2:1c:0d:f3:39:a7:8b:3a:ad:b9:06:8f:8c:eb:22:
44:69:ab:4c:85:b2:2a:4e:57:f9:a6:e1:6f:97:7e:
a4:37:40:e8:91:29:f8:8d:4a:c6:ba:58:e3:c1:d7:
d0:4c:8d:62:77:c1:db:e1:94:82:39:d2:32:00:71:
f0:9b:85:a3:47:0a:1b:fb:61:d7:22:4a:9f:b0:75:
a1:9e:d7:38:9d:cf:71:db:e9:52:81:be:c5:43:e2:
f8:5c:78:a4:47:a7:09:1d:ef:ad:9f:e1:92:ae:7f:
c4:07:e4:b9:70:d4:9d:7c:ce:db:7b:24:56:41:27:
e4:e4:e7:30:e1:c4:12:cc:30:d7:a1:76:1c:0e:18:
cb:72:bf:1e:ba:c1:f5:0e:b3:2f:b9:c9:00:c9:67:
bd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C5:8D:DD:6E:2B:91:98:84:2B:9E:01:B2:59:10:E2:85:17:03:62
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0sWN3W4rkZiEK54BslkQ4oUXA2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:9c:bb:52:4d:0d:4a:b0:38:6b:ac:1e:66:6e:da:60:75:6c:
cf:b1:fa:50:1e:0c:32:b0:24:a0:d9:5d:a3:5e:a3:26:1a:ab:
ec:bc:82:d5:67:cf:48:72:86:47:e3:b1:b8:78:3c:0e:1d:7c:
6d:9e:29:02:d0:ce:34:73:42:e1:48:49:f6:ef:b8:ca:d4:d2:
30:f5:23:c8:0b:5f:88:f0:45:ef:9f:03:49:3e:94:32:0c:38:
1e:02:df:c8:cd:ad:9d:42:f8:f7:05:ec:96:50:68:9e:b6:78:
10:a5:ff:c7:e6:ab:e0:39:d0:1e:fd:68:89:c7:3d:df:9e:b2:
ba:18:f6:6b:a2:13:e3:4d:6d:83:f6:71:b6:b9:b9:da:1d:e4:
de:f3:01:8a:ef:09:aa:91:fc:9c:64:c0:a7:c7:49:26:61:b6:
ab:c7:f2:e5:f3:f9:82:09:e0:05:9f:23:d2:c9:db:38:c8:f6:
46:28:c0:90:df:b2:20:7b:6d:a6:6c:29:e1:96:9c:95:70:a1:
df:d9:5b:0b:2a:67:74:3a:5c:55:b6:87:3e:a0:13:57:50:7e:
69:c4:9a:dd:de:0b:1e:66:dd:eb:56:c2:da:0b:21:9a:bc:b4:
ca:e4:34:1d:cd:33:aa:ce:61:32:43:1d:98:83:a8:7e:eb:3e:
12:aa:b3:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV9963IqeD8RFkFijeilfbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA0MTgwNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmM1OGRkZDZlMmI5MTk4ODQyYjllMDFiMjU5MTBlMjg1MTcwMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdQY0DoYrc6GhF5AL9coptVZhfbM
cT/x7L8XBR7OYSkZtxKP57ol+GsgXE7gQ3EW+cm2yUvpxdL122h3xWjqSYor4cOH
w3Y/UG9B1HLjuwK1Kq9kyX1jN9Usru8w6pbpi8V6SCnFsp3yHA3zOaeLOq25Bo+M
6yJEaatMhbIqTlf5puFvl36kN0DokSn4jUrGuljjwdfQTI1id8Hb4ZSCOdIyAHHw
m4WjRwob+2HXIkqfsHWhntc4nc9x2+lSgb7FQ+L4XHikR6cJHe+tn+GSrn/EB+S5
cNSdfM7beyRWQSfk5Ocw4cQSzDDXoXYcDhjLcr8eusH1DrMvuckAyWe9RwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNLFjd1uK5GYhCueAbJZEOKFFwNiMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMHNXTjNXNHJrWmlFSzU0QnNsa1E0b1VYQTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI+cu1JNDUqwOGusHmZu
2mB1bM+x+lAeDDKwJKDZXaNeoyYaq+y8gtVnz0hyhkfjsbh4PA4dfG2eKQLQzjRz
QuFISfbvuMrU0jD1I8gLX4jwRe+fA0k+lDIMOB4C38jNrZ1C+PcF7JZQaJ62eBCl
/8fmq+A50B79aInHPd+esroY9muiE+NNbYP2cba5udod5N7zAYrvCaqR/JxkwKfH
SSZhtqvH8uXz+YIJ4AWfI9LJ2zjI9kYowJDfsiB7baZsKeGWnJVwod/ZWwsqZ3Q6
XFW2hz6gE1dQfmnEmt3eCx5m3etWwtoLIZq8tMrkNB3NM6rOYTJDHZiDqH7rPhKq
s0k=
-----END CERTIFICATE-----
Generated at Thu May 1 00:09:19 2025 by rpki-client