Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/20FmJRceRr2znGwlxpv2uxPDIdI.roa
File: 20FmJRceRr2znGwlxpv2uxPDIdI.roa (raw, json)
Hash identifier: jm7ykDZ717a4dRLI+7Va/zIdF2NWw4NYG5HIsqZhZIY=
Subject key identifier: DB:41:66:25:17:1E:46:BD:B3:9C:6C:25:C6:9B:F6:BB:13:C3:21:D2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01863E3D93B56B8D03A5F697BA98C8433E2B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/20FmJRceRr2znGwlxpv2uxPDIdI.roa
Signing time: Sat 11 Feb 2023 02:11:08 +0000
ROA not before: Sat 11 Feb 2023 02:11:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3e:3d:93:b5:6b:8d:03:a5:f6:97:ba:98:c8:43:3e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 11 02:11:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db416625171e46bdb39c6c25c69bf6bb13c321d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:99:cf:5d:c7:d6:1e:bc:6d:e1:e2:04:40:91:
a7:36:80:3a:4b:78:62:40:fb:ae:8e:c7:e7:dd:0b:
04:32:e8:4c:36:5c:4c:6d:d3:80:75:6e:18:a4:0c:
2d:ca:00:46:44:57:28:75:61:5d:d1:d3:2c:b2:ab:
f1:b0:2a:7f:d2:2b:d3:8b:1e:c9:1e:9a:f0:e9:2b:
fd:af:e3:6e:7c:a6:58:4c:25:bd:1a:72:b4:c9:e8:
a5:01:b6:d3:85:03:2a:bd:98:51:ad:b8:6a:d5:98:
98:63:f4:22:0b:11:8b:20:df:ce:dc:50:b1:be:a7:
87:d2:0a:ee:db:e0:ee:a5:f4:6b:01:e5:b8:c4:9c:
b3:f8:ff:d2:a3:ea:22:53:18:58:0b:2d:0f:87:b6:
73:71:23:86:45:ae:92:84:84:80:a3:b1:f9:e2:8d:
97:d7:b6:09:31:1f:16:f5:dd:df:75:0d:0a:9a:1d:
89:70:50:0c:ed:09:74:02:9b:b9:ac:1c:1d:c5:0c:
6f:17:9c:9d:8a:19:51:d2:08:c1:fe:94:21:19:d1:
b6:4d:28:0c:9f:33:69:e7:07:83:01:4a:d1:0e:a2:
1f:28:9a:d2:85:e9:6b:71:e2:61:c9:0d:e1:69:15:
54:df:fe:e5:02:1b:a7:95:6b:92:9e:5d:eb:83:6c:
41:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:41:66:25:17:1E:46:BD:B3:9C:6C:25:C6:9B:F6:BB:13:C3:21:D2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/20FmJRceRr2znGwlxpv2uxPDIdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:d5:71:24:c8:13:96:08:6e:13:aa:aa:0e:70:44:82:7f:f7:
c4:f3:90:24:d6:46:d2:7f:68:67:f0:c6:ef:08:90:8e:e8:a0:
09:85:4d:e3:13:c1:d0:cf:c3:3b:f7:26:45:11:74:bf:15:8f:
d4:c7:14:e6:6a:54:d0:e6:dd:c7:c2:b1:40:3e:fd:bd:be:66:
cf:aa:08:90:d5:91:6e:af:50:74:52:43:73:ea:7a:3b:5a:76:
29:4b:25:d7:89:e1:39:cf:11:66:ec:7c:0f:ff:b1:9a:1d:50:
b0:4b:cb:87:7a:2d:4d:a6:b3:bb:70:ba:2a:3a:3b:f7:39:96:
e4:ff:f6:6f:52:55:2b:af:8b:15:78:53:eb:a3:c4:d0:86:44:
f0:da:0b:c7:45:ae:83:ee:64:42:3e:53:c8:c8:a5:5b:5e:c9:
98:53:56:65:e4:46:fb:b4:fb:4a:3a:34:5d:4f:f3:f7:48:2a:
26:3c:2c:22:db:be:e8:85:3c:f4:69:67:fc:58:33:f3:9b:22:
fe:df:9d:5c:a1:db:54:71:3f:32:05:7a:e2:a3:ac:86:5d:04:
08:4f:c8:91:60:05:19:ea:8e:53:53:b3:cb:1d:24:70:fa:30:
d8:e6:98:cb:06:17:38:29:6f:76:60:b4:95:96:89:db:3e:3a:
e7:fd:08:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYY+PZO1a40DpfaXupjIQz4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjExMDIxMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQxNjYyNTE3MWU0NmJkYjM5YzZjMjVjNjliZjZiYjEzYzMyMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8JnPXcfWHrxt4eIEQJGnNoA6S3hi
QPuujsfn3QsEMuhMNlxMbdOAdW4YpAwtygBGRFcodWFd0dMssqvxsCp/0ivTix7J
Hprw6Sv9r+NufKZYTCW9GnK0yeilAbbThQMqvZhRrbhq1ZiYY/QiCxGLIN/O3FCx
vqeH0gru2+DupfRrAeW4xJyz+P/So+oiUxhYCy0Ph7ZzcSOGRa6ShISAo7H54o2X
17YJMR8W9d3fdQ0Kmh2JcFAM7Ql0Apu5rBwdxQxvF5ydihlR0gjB/pQhGdG2TSgM
nzNp5weDAUrRDqIfKJrShelrceJhyQ3haRVU3/7lAhunlWuSnl3rg2xBHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNtBZiUXHka9s5xsJcab9rsTwyHSMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMjBGbUpSY2VScjJ6bkd3bHhwdjJ1eFBESWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACbVcSTIE5YIbhOqqg5w
RIJ/98TzkCTWRtJ/aGfwxu8IkI7ooAmFTeMTwdDPwzv3JkURdL8Vj9THFOZqVNDm
3cfCsUA+/b2+Zs+qCJDVkW6vUHRSQ3PqejtadilLJdeJ4TnPEWbsfA//sZodULBL
y4d6LU2ms7twuio6O/c5luT/9m9SVSuvixV4U+ujxNCGRPDaC8dFroPuZEI+U8jI
pVteyZhTVmXkRvu0+0o6NF1P8/dIKiY8LCLbvuiFPPRpZ/xYM/ObIv7fnVyh21Rx
PzIFeuKjrIZdBAhPyJFgBRnqjlNTs8sdJHD6MNjmmMsGFzgpb3ZgtJWWids+Ouf9
CBs=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:25 2025 by rpki-client