Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1Rr6LbDlB6TFkN7ydTZJjP5tceg.roa
File: 1Rr6LbDlB6TFkN7ydTZJjP5tceg.roa (raw, json)
Hash identifier: 1AlW4BQkWUFiWt22/lk3Lq/QOq2zSREIwXYxbfzJtRw=
Subject key identifier: D5:1A:FA:2D:B0:E5:07:A4:C5:90:DE:F2:75:36:49:8C:FE:6D:71:E8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018557FA081D2E909EF949EB815E9123570F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1Rr6LbDlB6TFkN7ydTZJjP5tceg.roa
Signing time: Wed 28 Dec 2022 09:04:41 +0000
ROA not before: Wed 28 Dec 2022 09:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:185:57f9:9872/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:57:fa:08:1d:2e:90:9e:f9:49:eb:81:5e:91:23:57:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 28 09:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d51afa2db0e507a4c590def27536498cfe6d71e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6a:b4:29:fc:66:43:cf:79:6d:fa:5a:a6:f0:
47:39:6b:ea:51:14:e7:09:9d:fd:b3:af:35:88:a0:
6c:1b:8f:1f:ad:5c:39:69:4e:d6:ed:fe:d0:7a:b1:
d7:9b:99:8c:c3:56:5f:c0:43:c0:17:a2:2f:36:72:
9f:b3:f9:0d:5b:f1:e6:bd:42:32:09:bc:0d:08:1a:
b3:e8:8d:73:40:70:04:7b:f4:1a:c9:0a:c3:dd:0a:
36:b9:60:c7:68:a9:60:47:e6:d3:70:f2:f1:3f:ca:
76:3c:0b:63:c0:49:fb:93:a5:86:20:d7:c5:2c:be:
ae:6d:29:9d:3f:21:60:bd:aa:40:f9:e9:48:dd:f7:
ea:dc:6b:2b:ad:cb:ae:7b:ed:bc:ef:8e:6e:19:7e:
74:7b:02:03:99:4b:f8:8f:5c:76:0f:53:19:1a:f7:
f6:1b:50:ee:04:d2:22:08:fe:cc:02:c8:16:14:34:
a3:75:1d:b6:3b:3b:37:85:2a:9c:a1:33:21:36:3f:
ae:3f:c3:04:fb:38:4c:92:d4:51:ae:0f:35:28:38:
87:d6:1f:de:19:74:93:9b:71:54:48:25:0c:9b:53:
b9:05:0c:1f:1e:ba:3e:36:e7:af:7a:c1:3a:77:8d:
20:33:1e:5d:a3:a4:bb:6e:32:92:98:42:ec:97:55:
34:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:1A:FA:2D:B0:E5:07:A4:C5:90:DE:F2:75:36:49:8C:FE:6D:71:E8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1Rr6LbDlB6TFkN7ydTZJjP5tceg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:9d:a5:1f:eb:81:f1:58:c5:ca:57:a9:ad:85:0a:ae:22:94:
4d:f6:4f:8e:cd:59:ac:b6:fd:50:68:3a:c5:53:70:0e:6a:81:
e1:ba:4d:9c:0d:28:12:c7:1d:d2:52:d3:1c:d5:44:c9:c9:80:
4f:3c:1f:4f:f8:7c:be:73:1a:3e:8a:27:6a:98:df:e7:a3:30:
88:ec:a3:e4:24:30:30:77:c8:81:a1:9f:40:66:31:9d:5f:94:
dd:c3:70:16:0a:9c:da:f0:42:3c:31:ae:f2:60:f7:95:49:45:
53:ca:da:16:22:49:75:6c:06:52:d6:78:f9:a0:9f:2e:ca:65:
8b:a0:3a:83:4e:d2:4c:92:8f:7a:b8:58:bf:f4:e3:b9:e5:de:
d0:eb:bd:dd:30:77:b5:2d:08:92:d8:cb:06:ce:d8:59:d9:e7:
c6:ec:ec:fa:24:be:4c:94:1c:34:93:8a:f6:ae:dd:9c:6e:68:
22:08:b3:1a:f4:13:ea:90:26:66:a7:49:fe:6a:19:06:ff:a8:
cb:21:60:b8:e0:db:77:ff:b8:1e:50:d2:83:fd:16:c3:ed:f5:
ff:4a:a8:56:47:18:d3:b6:a1:43:0d:d6:d8:f1:95:e2:78:07:
59:f0:85:ca:e5:ec:65:ea:e1:9b:94:0a:11:7d:7b:46:a5:e6:
a0:e8:f2:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVX+ggdLpCe+UnrgV6RI1cPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI4MDkwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTFhZmEyZGIwZTUwN2E0YzU5MGRlZjI3NTM2NDk4Y2ZlNmQ3MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Gq0KfxmQ895bfpapvBHOWvqURTn
CZ39s681iKBsG48frVw5aU7W7f7QerHXm5mMw1ZfwEPAF6IvNnKfs/kNW/HmvUIy
CbwNCBqz6I1zQHAEe/QayQrD3Qo2uWDHaKlgR+bTcPLxP8p2PAtjwEn7k6WGINfF
LL6ubSmdPyFgvapA+elI3ffq3Gsrrcuue+28745uGX50ewIDmUv4j1x2D1MZGvf2
G1DuBNIiCP7MAsgWFDSjdR22Ozs3hSqcoTMhNj+uP8ME+zhMktRRrg81KDiH1h/e
GXSTm3FUSCUMm1O5BQwfHro+NuevesE6d40gMx5do6S7bjKSmELsl1U0YQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNUa+i2w5QekxZDe8nU2SYz+bXHoMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMVJyNkxiRGxCNlRGa043eWRUWkpqUDV0Y2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIqdpR/rgfFYxcpXqa2F
Cq4ilE32T47NWay2/VBoOsVTcA5qgeG6TZwNKBLHHdJS0xzVRMnJgE88H0/4fL5z
Gj6KJ2qY3+ejMIjso+QkMDB3yIGhn0BmMZ1flN3DcBYKnNrwQjwxrvJg95VJRVPK
2hYiSXVsBlLWePmgny7KZYugOoNO0kySj3q4WL/047nl3tDrvd0wd7UtCJLYywbO
2FnZ58bs7PokvkyUHDSTivau3ZxuaCIIsxr0E+qQJmanSf5qGQb/qMshYLjg23f/
uB5Q0oP9FsPt9f9KqFZHGNO2oUMN1tjxleJ4B1nwhcrl7GXq4ZuUChF9e0al5qDo
8rQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:59:25 2025 by rpki-client