Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1vozFMUhcOMtlSrG2NF2-7BZj0Q.roa
File: 1vozFMUhcOMtlSrG2NF2-7BZj0Q.roa (raw, json)
Hash identifier: vfNiNzYAhWA6RhFlCxjCwiDFpQbvg7RSAJga9vH72fg=
Subject key identifier: D6:FA:33:14:C5:21:70:E3:2D:95:2A:C6:D8:D1:76:FB:B0:59:8F:44
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018507828AD51910D8E8F77B0C486A3A5CE5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1vozFMUhcOMtlSrG2NF2-7BZj0Q.roa
Signing time: Mon 12 Dec 2022 18:04:33 +0000
ROA not before: Mon 12 Dec 2022 18:04:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:782:65d1/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:07:82:8a:d5:19:10:d8:e8:f7:7b:0c:48:6a:3a:5c:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 12 18:04:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6fa3314c52170e32d952ac6d8d176fbb0598f44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c3:9f:92:b5:d8:ca:d1:c7:45:64:b3:2e:08:
d5:10:30:e7:82:81:47:a3:84:59:68:b7:cd:11:78:
19:57:23:31:6d:e5:1e:83:cf:45:3d:7e:22:f6:c6:
37:6c:1e:7a:71:a4:df:3c:75:a8:74:fa:7d:73:f2:
a3:ec:15:af:f2:37:c0:c4:ee:6b:fc:dc:01:7b:b9:
b5:76:69:02:d0:d1:10:f5:d7:1c:c8:4c:cc:79:ff:
f2:c7:33:fb:7f:c2:7e:b2:fc:b1:4a:7a:66:66:fc:
7d:89:1b:b8:ce:9f:5f:1e:0a:26:5e:c7:08:78:2f:
7e:99:79:48:7e:25:a6:ce:11:c5:86:82:d2:cd:35:
ba:2d:dd:e3:5f:41:4f:6e:4b:81:e7:7b:c3:90:ca:
75:56:9c:19:b6:5e:a7:77:88:47:dd:58:88:5e:41:
a0:39:2a:89:0d:84:27:20:49:f6:8c:6b:77:b8:07:
8c:f3:25:be:5c:e2:6c:1f:ed:bb:9d:d6:56:1a:72:
a5:55:6b:a2:ee:aa:e2:54:e6:cb:93:e0:af:3d:26:
e2:4c:56:62:0e:28:9c:88:01:82:4d:70:c3:40:c9:
a4:11:24:45:a1:ad:68:7b:7e:4d:4e:96:1e:b1:30:
33:27:16:c5:fa:ae:3f:e9:5f:fa:c0:11:d0:e9:b0:
15:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:FA:33:14:C5:21:70:E3:2D:95:2A:C6:D8:D1:76:FB:B0:59:8F:44
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1vozFMUhcOMtlSrG2NF2-7BZj0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:f6:69:ad:10:2e:5b:a2:5e:35:47:3b:f1:0f:ce:c8:9f:9b:
d2:28:c7:53:54:2d:5d:9b:75:d8:dd:f5:ca:e9:92:ec:5b:7e:
83:17:21:23:39:f7:7a:92:24:3d:24:fb:2d:bf:5c:76:73:62:
f0:c4:46:29:98:fc:95:63:72:d5:9b:c8:24:30:b3:6f:00:f8:
99:38:6e:44:eb:61:7e:b0:cb:f4:9f:fe:84:3b:48:d5:5a:85:
a0:9f:fd:d3:ff:b3:70:e1:1e:2b:c5:a5:17:bb:55:7b:68:d6:
1b:49:f5:19:bd:bb:17:4b:10:48:13:eb:bf:7f:53:a9:4d:06:
55:53:15:e8:39:17:ad:a4:a9:7b:6b:a9:89:87:f0:16:b2:06:
35:8b:1e:33:7f:3a:52:ff:46:3b:c6:c4:aa:f8:55:28:15:5c:
7b:29:a1:2f:c5:29:63:37:eb:a4:26:38:2a:a8:c4:ce:2b:f5:
99:a3:52:8d:66:bc:89:5c:4e:2d:3c:48:86:95:1c:4f:40:fa:
d4:c6:ea:09:42:91:5b:be:e7:22:99:60:bd:84:f3:18:c2:59:
09:18:47:a6:9f:86:48:ed:c2:8c:4c:ec:83:b6:77:73:b1:98:
56:1b:e5:4c:33:f8:2f:f8:ba:0b:0d:e2:5f:96:c9:8a:cc:d4:
58:ef:5f:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUHgorVGRDY6Pd7DEhqOlzlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjEyMTgwNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmZhMzMxNGM1MjE3MGUzMmQ5NTJhYzZkOGQxNzZmYmIwNTk4ZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cOfkrXYytHHRWSzLgjVEDDngoFH
o4RZaLfNEXgZVyMxbeUeg89FPX4i9sY3bB56caTfPHWodPp9c/Kj7BWv8jfAxO5r
/NwBe7m1dmkC0NEQ9dccyEzMef/yxzP7f8J+svyxSnpmZvx9iRu4zp9fHgomXscI
eC9+mXlIfiWmzhHFhoLSzTW6Ld3jX0FPbkuB53vDkMp1VpwZtl6nd4hH3ViIXkGg
OSqJDYQnIEn2jGt3uAeM8yW+XOJsH+27ndZWGnKlVWui7qriVObLk+CvPSbiTFZi
DiiciAGCTXDDQMmkESRFoa1oe35NTpYesTAzJxbF+q4/6V/6wBHQ6bAV1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNb6MxTFIXDjLZUqxtjRdvuwWY9EMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMXZvekZNVWhjT010bFNyRzJORjItN0JaajBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA72aa0QLluiXjVHO/EP
zsifm9Iox1NULV2bddjd9crpkuxbfoMXISM593qSJD0k+y2/XHZzYvDERimY/JVj
ctWbyCQws28A+Jk4bkTrYX6wy/Sf/oQ7SNVahaCf/dP/s3DhHivFpRe7VXto1htJ
9Rm9uxdLEEgT679/U6lNBlVTFeg5F62kqXtrqYmH8BayBjWLHjN/OlL/RjvGxKr4
VSgVXHspoS/FKWM366QmOCqoxM4r9ZmjUo1mvIlcTi08SIaVHE9A+tTG6glCkVu+
5yKZYL2E8xjCWQkYR6afhkjtwoxM7IO2d3OxmFYb5Uwz+C/4ugsN4l+WyYrM1Fjv
X9c=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:33 2025 by rpki-client