Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0v4bnDyWYvJJ4cbuc8K-NFXVdgo.roa
File: 0v4bnDyWYvJJ4cbuc8K-NFXVdgo.roa (raw, json)
Hash identifier: XnelS5iFNROnrBEcWiSlOJe/HlIh4U1L+1gLxXFwjlU=
Subject key identifier: D2:FE:1B:9C:3C:96:62:F2:49:E1:C6:EE:73:C2:BE:34:55:D5:76:0A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018308356D78CCD3DD00519AA0476B24037F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0v4bnDyWYvJJ4cbuc8K-NFXVdgo.roa
Signing time: Sun 04 Sep 2022 11:14:22 +0000
ROA not before: Sun 04 Sep 2022 11:14:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:08:35:6d:78:cc:d3:dd:00:51:9a:a0:47:6b:24:03:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 4 11:14:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2fe1b9c3c9662f249e1c6ee73c2be3455d5760a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5e:f0:ce:d0:9c:ef:e2:a3:c2:74:8f:e9:c8:
84:04:68:81:de:1d:a0:fb:2d:45:d4:73:c1:ef:f8:
8e:f6:4c:2f:1c:ed:1f:00:95:1f:bf:9e:3c:63:fe:
3c:61:a7:9f:79:8c:91:9d:29:26:c2:2a:8c:89:ee:
52:3c:70:36:df:8e:bd:e4:0e:34:ee:b6:27:3f:0e:
b1:43:fb:64:4e:24:51:2c:a4:d3:a5:49:28:58:68:
4c:a9:c4:d7:69:61:e7:4f:ba:ac:7f:40:5c:56:c6:
30:7e:86:29:95:cd:11:1f:d0:7a:ef:c2:c7:65:a8:
2b:84:fb:d7:2a:16:64:24:47:f2:b9:87:fe:30:f7:
08:f8:ba:58:5a:ee:6a:22:84:3e:d4:e2:9c:a2:cf:
31:1f:ad:5e:a5:7d:ef:c0:ef:c6:c6:a8:7a:e9:d3:
65:9c:e1:cb:b4:5a:aa:66:25:00:8d:6b:08:a6:31:
68:b1:ad:1c:a6:a3:7a:d6:ef:26:39:7e:ba:df:00:
6e:90:52:43:d5:e7:a9:2c:46:2b:3b:61:3d:f6:f5:
3f:84:fc:78:6a:ed:e8:e0:d8:61:65:65:35:29:a0:
25:09:94:51:69:0a:d6:f3:96:b1:f8:68:5c:3b:58:
39:cc:7a:a8:8f:10:79:a1:2a:99:42:66:ba:89:c8:
f6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:FE:1B:9C:3C:96:62:F2:49:E1:C6:EE:73:C2:BE:34:55:D5:76:0A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0v4bnDyWYvJJ4cbuc8K-NFXVdgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b4:a9:74:d1:e1:31:b3:3d:87:54:fe:cc:dc:c6:a9:f7:93:02:
78:9d:3c:69:8e:41:6d:bc:8f:a8:80:4d:2e:86:73:bb:3c:a4:
15:00:9e:38:3d:7f:7e:01:dc:da:2c:6c:4c:1f:9d:d1:ab:75:
62:ad:9b:30:0a:be:02:13:0e:e7:5d:1f:99:74:e6:e1:8d:39:
25:ad:f2:2f:bb:72:50:04:8e:f0:37:92:d7:93:a9:f6:ea:19:
55:97:36:0a:92:f0:4a:69:42:c9:3b:17:26:a2:50:e6:57:e4:
28:23:37:6c:98:26:b6:75:32:66:0f:e1:92:b5:af:be:97:2d:
57:60:d8:1e:ac:d9:48:3e:6d:d9:8b:52:c6:65:7a:02:04:48:
4a:2e:a5:d0:2d:31:95:81:2c:da:44:e5:b3:f5:39:7b:e2:30:
90:3a:d9:d4:65:86:ba:74:48:78:4d:d0:ac:1f:de:e2:53:c5:
94:89:ea:3a:18:3a:01:65:90:9a:e5:ee:14:1f:f0:d5:32:46:
e9:48:88:a3:a6:a5:f9:84:9e:4f:16:2f:11:7f:f5:eb:6a:18:
6b:2e:88:77:58:0d:36:2a:1c:55:31:7b:14:68:c9:84:ea:58:
ff:4f:06:e3:4e:c6:f4:4e:76:8c:12:6c:aa:9b:87:38:86:f2:
5e:3b:30:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMINW14zNPdAFGaoEdrJAN/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTA0MTExNDIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmZlMWI5YzNjOTY2MmYyNDllMWM2ZWU3M2MyYmUzNDU1ZDU3NjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhF7wztCc7+KjwnSP6ciEBGiB3h2g
+y1F1HPB7/iO9kwvHO0fAJUfv548Y/48YaefeYyRnSkmwiqMie5SPHA234695A40
7rYnPw6xQ/tkTiRRLKTTpUkoWGhMqcTXaWHnT7qsf0BcVsYwfoYplc0RH9B678LH
ZagrhPvXKhZkJEfyuYf+MPcI+LpYWu5qIoQ+1OKcos8xH61epX3vwO/Gxqh66dNl
nOHLtFqqZiUAjWsIpjFosa0cpqN61u8mOX663wBukFJD1eepLEYrO2E99vU/hPx4
au3o4NhhZWU1KaAlCZRRaQrW85ax+GhcO1g5zHqojxB5oSqZQma6icj2dwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNL+G5w8lmLySeHG7nPCvjRV1XYKMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMHY0Ym5EeVdZdkpKNGNidWM4Sy1ORlhWZGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALSpdNHhMbM9h1T+zNzG
qfeTAnidPGmOQW28j6iATS6Gc7s8pBUAnjg9f34B3NosbEwfndGrdWKtmzAKvgIT
DuddH5l05uGNOSWt8i+7clAEjvA3kteTqfbqGVWXNgqS8EppQsk7FyaiUOZX5Cgj
N2yYJrZ1MmYP4ZK1r76XLVdg2B6s2Ug+bdmLUsZlegIESEoupdAtMZWBLNpE5bP1
OXviMJA62dRlhrp0SHhN0Kwf3uJTxZSJ6joYOgFlkJrl7hQf8NUyRulIiKOmpfmE
nk8WLxF/9etqGGsuiHdYDTYqHFUxexRoyYTqWP9PBuNOxvROdowSbKqbhziG8l47
MOk=
-----END CERTIFICATE-----
Generated at Thu May 1 20:51:46 2025 by rpki-client