Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0x0KIeg9b4oNtoJdxVtwev44-cA.roa
File: 0x0KIeg9b4oNtoJdxVtwev44-cA.roa (raw, json)
Hash identifier: VwPGqFi5tAFMYlWa3Wh6LAyVILJkGwDyC/2f9jFJWgA=
Subject key identifier: D3:1D:0A:21:E8:3D:6F:8A:0D:B6:82:5D:C5:5B:70:7A:FE:38:F9:C0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018543CE7475EB6EA3E5C85372D6E7918AFC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0x0KIeg9b4oNtoJdxVtwev44-cA.roa
Signing time: Sat 24 Dec 2022 11:04:41 +0000
ROA not before: Sat 24 Dec 2022 11:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:43ce:16b1/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:43:ce:74:75:eb:6e:a3:e5:c8:53:72:d6:e7:91:8a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 24 11:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d31d0a21e83d6f8a0db6825dc55b707afe38f9c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b6:c8:17:ca:92:ee:73:a8:d4:87:6c:36:52:
e0:1b:bc:e1:c5:fe:32:59:7c:4b:c7:6e:66:13:52:
ad:e4:36:bc:2f:81:31:3b:db:e6:37:64:da:cf:83:
51:ed:01:f6:37:43:e0:d0:41:44:ad:81:dd:4c:9f:
c9:45:c7:29:e0:89:59:01:c5:70:b7:27:42:90:a6:
06:ad:10:8f:8c:53:1e:ca:bb:f0:7c:48:74:51:18:
7c:e6:77:e4:e3:47:af:1c:92:29:c2:58:40:24:cd:
e2:7d:3f:91:9f:72:3e:70:9a:88:85:03:c8:bf:d2:
36:1d:91:ad:61:fa:4d:80:ee:d6:6f:b6:69:98:93:
9c:0d:af:b4:b9:6d:72:93:9d:f5:25:71:6a:14:2c:
41:d1:cb:63:ee:d9:4b:21:66:8f:14:d3:58:7d:48:
3a:bb:c4:60:8a:e8:80:cd:7d:e3:cd:c5:fa:32:3b:
e2:e1:47:81:30:20:ee:c4:4a:25:76:32:6e:2e:ea:
0f:a9:6a:0e:f8:0d:93:70:21:d4:43:77:96:0b:74:
5f:48:fa:d1:eb:e9:3b:51:12:9d:4d:94:3f:a1:ef:
ec:f1:8b:10:1d:15:4f:ff:70:a3:b2:4f:8a:81:b8:
7d:a5:d8:62:37:ab:47:d8:b9:fb:0a:e0:03:2c:57:
2e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:1D:0A:21:E8:3D:6F:8A:0D:B6:82:5D:C5:5B:70:7A:FE:38:F9:C0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0x0KIeg9b4oNtoJdxVtwev44-cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:fc:db:10:d6:78:2a:f4:11:fd:ea:22:5f:f4:6b:1d:16:34:
ff:8a:79:67:80:ac:b2:0a:ae:67:e5:40:07:94:4c:de:e4:c6:
a5:bf:e2:89:01:db:c0:e8:a2:d4:5d:b5:60:d0:20:8d:2c:f4:
05:9a:82:f6:fd:f8:94:f5:bc:77:07:fe:c2:1a:87:48:c4:d9:
40:84:c2:d3:3a:79:d0:52:a1:9a:4e:5b:02:d2:a6:20:e2:1b:
e5:86:01:a5:a8:26:36:66:13:ce:1d:fd:95:03:c2:7c:66:b6:
78:33:56:92:5d:32:79:56:4e:46:a9:4d:6c:45:40:7c:76:1c:
a9:57:61:a5:6e:95:6e:aa:83:a7:d1:7f:81:2b:be:f9:5c:5f:
40:ee:fd:72:51:2f:da:fd:21:f9:b7:c1:a1:a0:d8:20:50:35:
bd:40:9c:3c:9f:d1:a3:4d:f2:41:17:ce:ae:39:6e:5b:b4:30:
c3:14:57:43:51:85:06:bb:b2:01:5a:95:53:10:70:a3:85:1d:
3e:69:2b:eb:a9:3e:46:02:3a:81:d6:fb:69:cd:a1:72:dc:c6:
cb:50:d0:f8:9e:90:20:08:99:d7:5a:1a:66:7f:b6:0d:c7:cd:
e3:97:8e:58:48:c2:d2:c2:7a:73:3c:28:9a:b7:72:ba:d2:ec:
70:e5:c3:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVDznR1626j5chTctbnkYr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI0MTEwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzFkMGEyMWU4M2Q2ZjhhMGRiNjgyNWRjNTViNzA3YWZlMzhmOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7bIF8qS7nOo1IdsNlLgG7zhxf4y
WXxLx25mE1Kt5Da8L4ExO9vmN2Taz4NR7QH2N0Pg0EFErYHdTJ/JRccp4IlZAcVw
tydCkKYGrRCPjFMeyrvwfEh0URh85nfk40evHJIpwlhAJM3ifT+Rn3I+cJqIhQPI
v9I2HZGtYfpNgO7Wb7ZpmJOcDa+0uW1yk531JXFqFCxB0ctj7tlLIWaPFNNYfUg6
u8RgiuiAzX3jzcX6Mjvi4UeBMCDuxEoldjJuLuoPqWoO+A2TcCHUQ3eWC3RfSPrR
6+k7URKdTZQ/oe/s8YsQHRVP/3Cjsk+Kgbh9pdhiN6tH2Ln7CuADLFcuLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNMdCiHoPW+KDbaCXcVbcHr+OPnAMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMHgwS0llZzliNG9OdG9KZHhWdHdldjQ0LWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJb82xDWeCr0Ef3qIl/0
ax0WNP+KeWeArLIKrmflQAeUTN7kxqW/4okB28DootRdtWDQII0s9AWagvb9+JT1
vHcH/sIah0jE2UCEwtM6edBSoZpOWwLSpiDiG+WGAaWoJjZmE84d/ZUDwnxmtngz
VpJdMnlWTkapTWxFQHx2HKlXYaVulW6qg6fRf4ErvvlcX0Du/XJRL9r9Ifm3waGg
2CBQNb1AnDyf0aNN8kEXzq45blu0MMMUV0NRhQa7sgFalVMQcKOFHT5pK+upPkYC
OoHW+2nNoXLcxstQ0PiekCAImddaGmZ/tg3HzeOXjlhIwtLCenM8KJq3crrS7HDl
w8c=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:50:26 2025 by rpki-client