Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-VeaaN2RgVkKZBKJrlyz-r9vMPs.roa
File: 1-VeaaN2RgVkKZBKJrlyz-r9vMPs.roa (raw, json)
Hash identifier: kzu0h5zxuat/u5ruMUKvGO30PKnbNgXhv1/5z2mTeKc=
Subject key identifier: F9:57:9A:68:DD:91:81:59:0A:64:12:89:AE:5C:B3:FA:BF:6F:30:FB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018685B4E3714B8C8FBD23F4857D7C953B2B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-VeaaN2RgVkKZBKJrlyz-r9vMPs.roa
Signing time: Fri 24 Feb 2023 23:14:29 +0000
ROA not before: Fri 24 Feb 2023 23:14:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:85:b4:e3:71:4b:8c:8f:bd:23:f4:85:7d:7c:95:3b:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 24 23:14:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9579a68dd9181590a641289ae5cb3fabf6f30fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:79:d0:27:25:c9:7b:4e:22:9c:9f:2d:6d:a5:
22:55:f1:71:fb:fa:fa:20:f4:af:e9:98:b8:bb:a1:
49:59:ff:c7:69:0d:b4:0d:40:f3:85:cc:7c:66:68:
ad:a7:61:55:e8:34:b9:2f:49:6c:c1:24:12:f4:e1:
c8:84:6b:cc:16:f7:70:a4:9b:29:6b:f3:a5:18:bc:
45:76:82:23:b7:2f:12:fa:b4:d4:d7:71:2d:46:1e:
d5:4b:ad:89:66:aa:0a:60:1c:a9:82:b6:bb:ec:0e:
fe:40:84:19:e9:1a:cb:e4:eb:e8:0c:8d:45:bd:f6:
b4:fa:2a:3b:99:d8:88:69:b0:61:aa:3b:33:db:c7:
7c:91:dd:c2:2c:9d:2d:94:d7:66:67:7f:d5:59:43:
2b:05:be:82:52:e2:82:be:ac:84:8d:ba:c2:eb:ee:
a1:d9:42:12:6b:e6:24:5b:7f:99:90:65:98:68:d8:
c8:29:75:cd:33:7b:31:18:bf:cc:f2:c2:b0:d3:35:
4f:0a:c6:e5:08:45:53:d3:3a:6d:0a:9c:67:9f:6b:
f4:20:34:6e:16:a0:6e:a4:4a:02:f4:1f:4f:09:30:
cc:84:12:17:e5:68:fe:93:aa:77:da:7e:68:cc:8b:
35:43:92:22:a3:64:c1:e2:30:ea:f1:26:68:42:5c:
34:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:57:9A:68:DD:91:81:59:0A:64:12:89:AE:5C:B3:FA:BF:6F:30:FB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-VeaaN2RgVkKZBKJrlyz-r9vMPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:1c:d9:93:08:65:f5:e0:d0:a1:4b:37:d7:dc:44:7d:a5:60:
b8:66:10:0a:87:38:33:d4:47:65:58:dc:ab:ab:cb:0a:e2:6b:
ab:d4:31:f2:33:ef:02:8b:6c:d5:e5:77:1d:1c:f1:b8:f5:83:
21:af:f5:31:49:8b:64:e4:83:12:21:db:99:fa:70:ad:19:eb:
17:be:3f:cc:f7:cc:5e:90:21:04:22:d6:95:70:22:20:2d:10:
ba:26:7a:fe:47:4c:3b:5b:69:43:36:f3:65:a5:f3:44:73:3b:
e5:6b:17:1c:5b:8c:a8:3a:13:ad:d8:68:e9:a1:85:7f:16:a7:
c3:29:9e:f6:ea:ea:8e:66:eb:91:80:61:06:fa:07:c6:76:d5:
82:63:30:f2:8e:45:c2:4e:af:4b:e8:28:b6:4d:cd:69:f5:66:
6e:2c:91:04:6a:70:a5:9f:f3:6a:f0:2c:c2:f3:2b:eb:05:5c:
ff:f0:26:49:cf:ef:d7:a2:a9:97:f1:02:f4:72:cd:a6:3d:f5:
12:e5:ea:91:f2:82:46:85:84:f9:6c:9c:b2:3e:57:70:20:b3:
6b:6e:9d:27:f2:6e:fd:85:fc:5a:c5:09:4f:01:3c:85:e2:fc:
5c:7a:84:20:c4:6d:11:55:47:62:88:f5:e6:46:6e:c5:ca:0b:
2b:60:eb:79
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYaFtONxS4yPvSP0hX18lTsrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI0MjMxNDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTU3OWE2OGRkOTE4MTU5MGE2NDEyODlhZTVjYjNmYWJmNmYzMGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3nQJyXJe04inJ8tbaUiVfFx+/r6
IPSv6Zi4u6FJWf/HaQ20DUDzhcx8Zmitp2FV6DS5L0lswSQS9OHIhGvMFvdwpJsp
a/OlGLxFdoIjty8S+rTU13EtRh7VS62JZqoKYBypgra77A7+QIQZ6RrL5OvoDI1F
vfa0+io7mdiIabBhqjsz28d8kd3CLJ0tlNdmZ3/VWUMrBb6CUuKCvqyEjbrC6+6h
2UISa+YkW3+ZkGWYaNjIKXXNM3sxGL/M8sKw0zVPCsblCEVT0zptCpxnn2v0IDRu
FqBupEoC9B9PCTDMhBIX5Wj+k6p32n5ozIs1Q5Iio2TB4jDq8SZoQlw0ZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPlXmmjdkYFZCmQSia5cs/q/bzD7MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMS1WZWFhTjJSZ1ZrS1pCS0pybHl6LXI5dk1Qcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFh
Ni8xL2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCnHNmTCGX14NChSzfX
3ER9pWC4ZhAKhzgz1EdlWNyrq8sK4mur1DHyM+8Ci2zV5XcdHPG49YMhr/UxSYtk
5IMSIduZ+nCtGesXvj/M98xekCEEItaVcCIgLRC6Jnr+R0w7W2lDNvNlpfNEczvl
axccW4yoOhOt2GjpoYV/FqfDKZ726uqOZuuRgGEG+gfGdtWCYzDyjkXCTq9L6Ci2
Tc1p9WZuLJEEanCln/Nq8CzC8yvrBVz/8CZJz+/XoqmX8QL0cs2mPfUS5eqR8oJG
hYT5bJyyPldwILNrbp0n8m79hfxaxQlPATyF4vxceoQgxG0RVUdiiPXmRm7Fygsr
YOt5
-----END CERTIFICATE-----
Generated at Thu May 1 06:46:38 2025 by rpki-client