Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1Sg6XWdxQYMdmGy3zQHS2Wf25ZU.roa
File: 1Sg6XWdxQYMdmGy3zQHS2Wf25ZU.roa (raw, json)
Hash identifier: cooFmIbXZntSauzA+c99cxmI5XqZaij+E06HTcV/FEc=
Subject key identifier: D5:28:3A:5D:67:71:41:83:1D:98:6C:B7:CD:01:D2:D9:67:F6:E5:95
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01851E10CA2611D04F47BA8B8B4FCCDF22F7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1Sg6XWdxQYMdmGy3zQHS2Wf25ZU.roa
Signing time: Sat 17 Dec 2022 03:11:34 +0000
ROA not before: Sat 17 Dec 2022 03:11:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1e:10:ca:26:11:d0:4f:47:ba:8b:8b:4f:cc:df:22:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 17 03:11:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5283a5d677141831d986cb7cd01d2d967f6e595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e0:42:b7:b3:33:16:07:3e:6f:e3:46:78:32:
da:b2:58:94:e7:14:fd:e9:41:72:f1:55:00:d4:9b:
b7:ef:0c:93:f1:c6:97:b3:98:b6:18:57:0b:1b:95:
d7:0d:1c:62:08:00:9d:d3:aa:7b:3c:57:90:64:de:
92:c6:ae:80:c7:3a:25:95:84:6d:7b:8a:f4:ba:8c:
dd:21:cf:8a:3f:6d:38:8f:10:bf:99:79:ef:0c:18:
da:65:85:4b:a7:b5:4f:d4:ae:f4:8f:59:f2:e9:62:
e5:d7:3a:86:76:b4:9d:b0:ee:d4:12:bb:51:95:69:
32:59:3b:d2:9d:b8:64:b6:37:93:33:4b:20:22:84:
73:91:07:2c:26:4b:52:c0:79:56:d1:60:60:6f:2f:
ad:c7:a2:39:a3:48:5a:84:82:4a:c9:31:d8:88:7f:
37:40:6c:49:84:53:e8:52:68:a4:f9:b6:7e:35:13:
be:d7:e1:3e:3b:b8:28:fa:e2:68:24:a7:23:1c:f3:
79:eb:67:b3:c5:f7:d4:08:fa:da:e6:f9:6d:1b:36:
88:43:37:a3:f6:9f:4c:bb:0b:ae:54:88:3e:e2:cf:
28:7f:74:ab:3c:54:ba:58:ec:a0:10:70:8c:92:7a:
f1:05:93:cf:8f:c2:b9:8b:45:4b:d6:9c:c8:0b:48:
94:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:28:3A:5D:67:71:41:83:1D:98:6C:B7:CD:01:D2:D9:67:F6:E5:95
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1Sg6XWdxQYMdmGy3zQHS2Wf25ZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:42:61:01:4b:56:9f:06:69:b4:71:1e:75:7e:f2:dd:a1:a1:
83:26:86:b0:82:33:1a:e3:ad:0c:f3:73:05:92:88:da:29:cd:
57:a7:45:38:8d:45:de:dd:29:e9:8e:43:70:91:a2:ef:4c:8f:
76:34:64:1b:ec:86:ad:c4:9e:c4:8f:49:ef:41:0f:8e:7b:da:
ae:4b:83:08:eb:6e:43:86:9e:b4:88:9d:81:ba:a7:a2:0e:87:
ad:b9:5a:65:6b:56:fc:78:35:9d:9e:9d:28:75:32:d6:87:51:
6b:40:f7:9e:69:eb:c1:cf:51:73:6b:24:e1:d0:ff:56:69:f5:
5a:ce:1f:b3:19:e2:07:5e:99:a7:f0:bd:bc:f8:ed:b0:ba:be:
2f:2e:d0:0e:75:5c:4d:d5:40:e2:b6:ff:3a:22:ec:dc:e7:71:
81:6e:a2:00:ef:a7:24:db:63:f6:b3:d9:81:20:46:c6:0a:18:
3f:f1:e2:8a:d1:a0:15:9d:5d:7a:84:09:cf:7a:bd:44:35:bc:
95:a2:b2:50:a2:fa:8f:d8:44:27:5d:20:86:08:f4:6f:c2:89:
a8:c1:0b:72:67:60:ac:4d:3d:f7:76:44:83:c8:ee:0d:13:60:
52:c2:75:1f:05:68:da:ce:88:3d:0f:0d:26:82:36:f1:9f:7c:
01:73:8f:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUeEMomEdBPR7qLi0/M3yL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE3MDMxMTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTI4M2E1ZDY3NzE0MTgzMWQ5ODZjYjdjZDAxZDJkOTY3ZjZlNTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+BCt7MzFgc+b+NGeDLasliU5xT9
6UFy8VUA1Ju37wyT8caXs5i2GFcLG5XXDRxiCACd06p7PFeQZN6Sxq6AxzollYRt
e4r0uozdIc+KP204jxC/mXnvDBjaZYVLp7VP1K70j1ny6WLl1zqGdrSdsO7UErtR
lWkyWTvSnbhktjeTM0sgIoRzkQcsJktSwHlW0WBgby+tx6I5o0hahIJKyTHYiH83
QGxJhFPoUmik+bZ+NRO+1+E+O7go+uJoJKcjHPN562ezxffUCPra5vltGzaIQzej
9p9MuwuuVIg+4s8of3SrPFS6WOygEHCMknrxBZPPj8K5i0VL1pzIC0iUVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNUoOl1ncUGDHZhst80B0tln9uWVMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMVNnNlhXZHhRWU1kbUd5M3pRSFMyV2YyNVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKVCYQFLVp8GabRxHnV+
8t2hoYMmhrCCMxrjrQzzcwWSiNopzVenRTiNRd7dKemOQ3CRou9Mj3Y0ZBvshq3E
nsSPSe9BD4572q5LgwjrbkOGnrSInYG6p6IOh625WmVrVvx4NZ2enSh1MtaHUWtA
955p68HPUXNrJOHQ/1Zp9VrOH7MZ4gdemafwvbz47bC6vi8u0A51XE3VQOK2/zoi
7NzncYFuogDvpyTbY/az2YEgRsYKGD/x4orRoBWdXXqECc96vUQ1vJWislCi+o/Y
RCddIIYI9G/CiajBC3JnYKxNPfd2RIPI7g0TYFLCdR8FaNrOiD0PDSaCNvGffAFz
jzs=
-----END CERTIFICATE-----
Generated at Fri May 2 03:43:39 2025 by rpki-client