Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0yA1uNUB2zrJ-xYG5OZ454v5gQY.roa
File: 0yA1uNUB2zrJ-xYG5OZ454v5gQY.roa (raw, json)
Hash identifier: ICb7q8f3RESVsVDVGvNG7FcjUL/Uhs/LZ0ePOM53Ths=
Subject key identifier: D3:20:35:B8:D5:01:DB:3A:C9:FB:16:06:E4:E6:78:E7:8B:F9:81:06
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184FBF30E84EA6977BEF24F6782FAFBB05A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0yA1uNUB2zrJ-xYG5OZ454v5gQY.roa
Signing time: Sat 10 Dec 2022 12:12:00 +0000
ROA not before: Sat 10 Dec 2022 12:12:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:fb:f3:0e:84:ea:69:77:be:f2:4f:67:82:fa:fb:b0:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 10 12:12:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d32035b8d501db3ac9fb1606e4e678e78bf98106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4d:c1:44:36:6d:de:ec:af:86:80:ed:b3:2c:
b5:02:17:3e:42:a7:f4:ea:ff:64:b0:71:49:00:a0:
88:3d:2d:c2:df:d8:a7:fd:65:6f:6e:c0:cb:4d:f0:
5d:59:d6:1b:44:3f:83:f1:1c:2b:8e:0e:eb:83:14:
60:55:fa:f0:d4:e2:e0:eb:4e:85:2c:e8:25:9d:b5:
58:a3:60:34:f9:fa:c6:a8:ac:e8:81:56:83:88:3e:
5d:12:a9:75:0c:15:ab:62:b3:ac:34:89:8b:68:b4:
92:0d:f7:57:ec:c4:64:8c:92:ac:13:fe:fa:e3:88:
5f:f0:64:b7:1e:d1:de:98:3a:fc:68:79:2e:59:55:
2b:f7:75:f5:3a:20:21:1b:b5:23:5e:a4:8e:65:19:
36:78:cb:d4:c6:af:e2:23:4a:da:02:7c:3f:5f:31:
d1:e2:d2:29:a5:75:41:5c:57:68:6d:de:6c:48:9e:
7a:26:26:32:0f:15:85:39:b5:d5:f7:e3:ea:80:7d:
33:28:36:f4:7e:b4:c9:f0:9f:e4:65:54:a9:6b:c9:
90:54:2e:fb:0d:88:e3:97:aa:f4:fb:d4:46:6e:e7:
f9:32:32:95:bf:67:18:b5:44:6d:22:33:41:82:b1:
79:19:41:67:28:60:86:9d:45:a5:75:4f:51:a5:b6:
78:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:20:35:B8:D5:01:DB:3A:C9:FB:16:06:E4:E6:78:E7:8B:F9:81:06
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0yA1uNUB2zrJ-xYG5OZ454v5gQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b4:70:bf:ee:48:f5:91:0b:9d:48:fa:97:fa:32:4c:63:0e:c0:
47:8d:6b:7d:52:ba:af:47:25:51:92:42:a1:1d:7b:5e:37:01:
00:67:15:fc:d9:7a:16:81:09:f2:70:fe:27:18:85:cb:d6:cd:
b2:0a:24:24:c8:98:3a:8a:b7:9d:be:a2:2b:85:e0:32:05:b2:
74:45:a8:dc:e9:fd:b7:42:cd:ee:d3:4c:ab:9f:fa:b4:93:4d:
0b:37:ee:35:8e:63:c0:d9:c9:a1:94:37:5d:fc:d9:80:a2:ef:
ea:74:e7:75:ee:c0:dd:d9:70:47:87:15:cf:3e:1b:07:6c:03:
dd:33:88:73:d8:58:a6:4c:fb:10:83:b9:62:2f:7e:7c:63:31:
2f:ac:6f:ca:29:55:38:e4:e5:bc:cd:e1:f4:7e:f3:9e:dd:6f:
6a:cc:48:4a:2a:17:ce:02:4f:67:f2:41:cb:16:53:20:93:3f:
8f:d5:31:1f:7a:c4:8a:fe:9d:cf:92:f7:c8:4b:af:c4:6a:38:
e8:38:e9:c0:73:13:ce:d6:59:f6:3f:73:d4:85:0d:cb:61:34:
a8:dc:28:9e:15:86:61:c8:88:ec:1c:06:87:4d:aa:e0:a7:33:
19:94:01:48:8c:fb:6a:a5:4c:5e:45:32:84:df:a5:0b:27:c4:
51:c0:3f:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYT78w6E6ml3vvJPZ4L6+7BaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjEwMTIxMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzIwMzViOGQ1MDFkYjNhYzlmYjE2MDZlNGU2NzhlNzhiZjk4MTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq03BRDZt3uyvhoDtsyy1Ahc+Qqf0
6v9ksHFJAKCIPS3C39in/WVvbsDLTfBdWdYbRD+D8Rwrjg7rgxRgVfrw1OLg606F
LOglnbVYo2A0+frGqKzogVaDiD5dEql1DBWrYrOsNImLaLSSDfdX7MRkjJKsE/76
44hf8GS3HtHemDr8aHkuWVUr93X1OiAhG7UjXqSOZRk2eMvUxq/iI0raAnw/XzHR
4tIppXVBXFdobd5sSJ56JiYyDxWFObXV9+PqgH0zKDb0frTJ8J/kZVSpa8mQVC77
DYjjl6r0+9RGbuf5MjKVv2cYtURtIjNBgrF5GUFnKGCGnUWldU9RpbZ4UQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNMgNbjVAds6yfsWBuTmeOeL+YEGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMHlBMXVOVUIyenJKLXhZRzVPWjQ1NHY1Z1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALRwv+5I9ZELnUj6l/oy
TGMOwEeNa31Suq9HJVGSQqEde143AQBnFfzZehaBCfJw/icYhcvWzbIKJCTImDqK
t52+oiuF4DIFsnRFqNzp/bdCze7TTKuf+rSTTQs37jWOY8DZyaGUN1382YCi7+p0
53XuwN3ZcEeHFc8+GwdsA90ziHPYWKZM+xCDuWIvfnxjMS+sb8opVTjk5bzN4fR+
857db2rMSEoqF84CT2fyQcsWUyCTP4/VMR96xIr+nc+S98hLr8RqOOg46cBzE87W
WfY/c9SFDcthNKjcKJ4VhmHIiOwcBodNquCnMxmUAUiM+2qlTF5FMoTfpQsnxFHA
P4c=
-----END CERTIFICATE-----
Generated at Thu May 1 15:49:14 2025 by rpki-client