Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1a74M609L6bDIwH8RN1_shdXwHE.roa
File: 1a74M609L6bDIwH8RN1_shdXwHE.roa (raw, json)
Hash identifier: WDUqmOfZ6YwJmsDmW2P3sICHARAVwmHVyau/5iXEgog=
Subject key identifier: D5:AE:F8:33:AD:3D:2F:A6:C3:23:01:FC:44:DD:7F:B2:17:57:C0:71
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2FA46D477458D1F410931408DF114203
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1a74M609L6bDIwH8RN1_shdXwHE.roa
Signing time: Sat 26 Aug 2023 02:20:19 +0000
ROA not before: Sat 26 Aug 2023 02:20:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2f:a4:6d:47:74:58:d1:f4:10:93:14:08:df:11:42:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 26 02:20:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5aef833ad3d2fa6c32301fc44dd7fb21757c071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8e:15:5f:5e:f5:8a:a7:62:2b:83:21:6f:97:
5d:cb:5a:04:b4:f5:a8:98:5b:c6:45:05:38:e8:3a:
98:51:94:32:11:84:07:f6:62:ed:72:f9:fc:d6:2a:
72:20:1f:e9:30:9f:d5:25:f4:98:da:eb:84:c8:a1:
04:73:53:60:11:46:9b:82:b3:9d:b4:c8:ee:50:89:
66:63:c5:98:d8:90:ed:f2:5e:db:18:5c:8e:72:97:
39:9e:9f:7e:04:d5:ce:ac:7a:4b:9e:78:0c:4a:2a:
98:9a:7e:44:8c:d0:b7:ff:bf:48:6a:99:c1:fd:e3:
50:1b:4c:d9:34:34:ef:ad:ed:fd:f7:63:04:81:22:
6a:87:a5:c0:52:a2:8e:e2:c9:72:6b:36:c4:f2:a2:
cb:cf:68:ec:f7:58:b4:b4:fc:fe:8a:ea:28:52:9e:
a3:61:b6:f1:38:60:32:83:6b:a2:c7:79:02:90:5b:
60:77:72:19:1e:97:02:10:bd:ad:9a:48:33:1d:f6:
7e:ca:0e:84:6e:cf:a2:ec:04:0e:ca:59:4a:25:cd:
8e:7a:2c:67:20:04:51:42:ff:64:d9:cb:6c:ed:41:
90:9f:de:cf:d7:14:d8:8a:0f:bc:ef:3b:75:e8:ea:
3c:86:4f:fb:82:e7:38:1c:53:88:98:f4:d0:0c:92:
be:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:AE:F8:33:AD:3D:2F:A6:C3:23:01:FC:44:DD:7F:B2:17:57:C0:71
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1a74M609L6bDIwH8RN1_shdXwHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:4f:dd:20:8b:ae:b1:e6:6f:e3:24:3e:6a:1c:9b:b9:7e:87:
6c:3f:1a:ca:1a:3a:0e:e2:16:c0:a8:fc:51:ea:9f:62:cd:a6:
47:5c:68:3f:35:b8:aa:5b:52:be:05:c3:e2:6d:5f:f8:d8:36:
a1:f5:31:27:c4:4d:92:69:04:61:4c:20:65:97:d0:46:86:b9:
b5:67:c2:01:80:3b:55:33:df:0b:81:67:09:b5:a6:97:32:5f:
6e:23:aa:2b:a9:7c:d6:eb:d7:34:e0:bb:59:d9:86:be:8e:c3:
3c:04:cd:1a:1b:19:5c:34:d0:36:dc:c7:e8:cc:f5:f9:3a:a4:
c0:0b:dd:e1:36:ff:1f:eb:69:b2:b2:ad:2c:cf:e3:f4:8c:73:
33:66:15:e7:c0:ac:83:1c:5a:45:54:69:23:be:12:81:9b:ef:
f4:ac:31:f6:61:a0:b5:72:22:7e:3c:1c:df:e5:9e:8d:86:cf:
b6:a1:a0:99:b7:71:13:92:e6:ba:ff:f9:60:7f:57:5f:2c:2e:
da:83:b0:72:eb:5e:b9:cb:ac:00:1e:3c:8d:9d:f0:ea:dc:be:
ea:b1:ae:06:e6:6b:10:8a:8a:bd:4d:98:0d:d0:45:33:0d:e7:
4e:0d:c0:9d:80:b5:ab:7e:28:89:12:3a:bd:48:fb:03:62:7a:
f1:8c:4b:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYovpG1HdFjR9BCTFAjfEUIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI2MDIyMDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWFlZjgzM2FkM2QyZmE2YzMyMzAxZmM0NGRkN2ZiMjE3NTdjMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI4VX171iqdiK4Mhb5ddy1oEtPWo
mFvGRQU46DqYUZQyEYQH9mLtcvn81ipyIB/pMJ/VJfSY2uuEyKEEc1NgEUabgrOd
tMjuUIlmY8WY2JDt8l7bGFyOcpc5np9+BNXOrHpLnngMSiqYmn5EjNC3/79IapnB
/eNQG0zZNDTvre3992MEgSJqh6XAUqKO4slyazbE8qLLz2js91i0tPz+iuooUp6j
YbbxOGAyg2uix3kCkFtgd3IZHpcCEL2tmkgzHfZ+yg6Ebs+i7AQOyllKJc2Oeixn
IARRQv9k2cts7UGQn97P1xTYig+87zt16Oo8hk/7guc4HFOImPTQDJK+8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNWu+DOtPS+mwyMB/ETdf7IXV8BxMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMWE3NE02MDlMNmJESXdIOFJOMV9zaGRYd0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHtP3SCLrrHmb+MkPmoc
m7l+h2w/GsoaOg7iFsCo/FHqn2LNpkdcaD81uKpbUr4Fw+JtX/jYNqH1MSfETZJp
BGFMIGWX0EaGubVnwgGAO1Uz3wuBZwm1ppcyX24jqiupfNbr1zTgu1nZhr6OwzwE
zRobGVw00Dbcx+jM9fk6pMAL3eE2/x/rabKyrSzP4/SMczNmFefArIMcWkVUaSO+
EoGb7/SsMfZhoLVyIn48HN/lno2Gz7ahoJm3cROS5rr/+WB/V18sLtqDsHLrXrnL
rAAePI2d8OrcvuqxrgbmaxCKir1NmA3QRTMN504NwJ2Atat+KIkSOr1I+wNievGM
S0k=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:54:49 2025 by rpki-client