Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3bLS6mMehY825Vy-2lBnwOHS830.roa
File: 3bLS6mMehY825Vy-2lBnwOHS830.roa (raw, json)
Hash identifier: H//Zk7cxiS4s4fpwZVRzu/1OXifJwBbBtYmSZBWHZ4c=
Subject key identifier: DD:B2:D2:EA:63:1E:85:8F:36:E5:5C:BE:DA:50:67:C0:E1:D2:F3:7D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182F7B1858316B1A1C59BBC63C4AC67156C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3bLS6mMehY825Vy-2lBnwOHS830.roa
Signing time: Thu 01 Sep 2022 06:16:22 +0000
ROA not before: Thu 01 Sep 2022 06:16:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f7:b1:85:83:16:b1:a1:c5:9b:bc:63:c4:ac:67:15:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 1 06:16:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddb2d2ea631e858f36e55cbeda5067c0e1d2f37d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:2e:82:c1:2e:65:f2:3a:57:47:95:9f:ea:30:
23:6f:f0:b5:2f:09:da:f5:6a:04:52:01:78:09:52:
ac:12:aa:35:56:a3:c3:e4:c7:fa:b8:58:2e:cd:f2:
b6:0a:2d:56:76:d4:d1:6a:18:3b:cd:c9:ea:30:f8:
dc:74:f6:64:6e:d4:9f:3c:1a:63:5c:2e:cf:99:ac:
a8:4d:df:e1:25:72:54:3f:37:d3:bb:fb:d0:d1:a5:
b0:56:22:71:2b:29:9b:1f:18:3e:65:b8:74:cb:59:
f7:61:78:6d:4a:0f:73:5e:1c:a0:50:2c:63:4c:31:
51:68:28:72:d9:47:94:4f:0f:4f:b0:8a:65:6c:7d:
60:d6:65:ae:c5:1d:f7:5b:98:7f:4a:70:a0:8d:0f:
55:9d:7e:7a:1b:37:c5:4e:69:ee:db:73:6e:a9:cb:
90:45:98:8d:85:a6:e8:57:ef:f3:b5:40:35:c0:c8:
6a:08:37:da:9c:7a:91:dd:82:6d:2f:b4:5d:d9:3a:
1f:8b:ce:36:7b:fb:44:b5:33:23:ca:74:d4:c0:3a:
b3:fb:43:d5:09:eb:90:35:b3:1a:34:c8:5b:6b:4c:
c7:3f:9e:33:c9:ab:1a:79:ef:f0:15:79:bb:d5:b2:
c6:57:5a:29:da:c3:39:e5:2b:74:0c:34:87:ac:a2:
51:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B2:D2:EA:63:1E:85:8F:36:E5:5C:BE:DA:50:67:C0:E1:D2:F3:7D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3bLS6mMehY825Vy-2lBnwOHS830.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:af:0e:df:2b:3f:af:1c:57:1a:c6:df:b7:f5:4a:74:50:a4:
89:fa:49:bc:7b:6f:23:a5:da:e4:cc:19:5b:36:8b:c8:f8:65:
35:ce:99:16:13:fd:c4:26:89:e3:15:c3:42:65:47:32:e1:e8:
87:a9:df:2e:73:0b:14:d1:d7:d1:a9:2a:f1:c2:ff:3c:e7:4a:
30:e4:aa:6c:d7:9a:ff:b9:3c:f4:87:c2:4c:0c:7b:a5:87:d2:
c9:89:69:41:5b:cc:dd:ad:fe:cc:0f:91:09:f1:ac:74:01:90:
81:e1:78:20:4a:9f:2d:99:8d:ec:00:d5:f4:56:5f:f3:f3:d7:
38:93:c2:f3:41:92:b4:16:fa:13:36:53:80:29:f6:9f:23:43:
eb:01:02:1d:c3:a1:6e:f4:2c:e3:02:db:38:d9:f7:5c:9c:16:
d8:a3:94:8c:91:61:93:6a:68:30:ff:d2:d6:8f:ce:85:2a:85:
de:8a:56:18:4b:67:95:d8:f6:36:c3:83:ba:4a:5e:f0:eb:44:
9e:cc:ab:e1:6c:d5:73:b9:18:73:dc:a6:bb:32:72:58:ca:78:
4f:39:78:58:91:c4:d9:8a:04:6c:b7:88:b9:c9:1f:5c:f7:5b:
c7:82:37:a1:16:20:9f:b4:90:9e:a0:c1:34:2d:26:6b:00:62:
96:60:4d:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYL3sYWDFrGhxZu8Y8SsZxVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTAxMDYxNjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGIyZDJlYTYzMWU4NThmMzZlNTVjYmVkYTUwNjdjMGUxZDJmMzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgC6CwS5l8jpXR5Wf6jAjb/C1Lwna
9WoEUgF4CVKsEqo1VqPD5Mf6uFguzfK2Ci1WdtTRahg7zcnqMPjcdPZkbtSfPBpj
XC7PmayoTd/hJXJUPzfTu/vQ0aWwViJxKymbHxg+Zbh0y1n3YXhtSg9zXhygUCxj
TDFRaChy2UeUTw9PsIplbH1g1mWuxR33W5h/SnCgjQ9VnX56GzfFTmnu23NuqcuQ
RZiNhaboV+/ztUA1wMhqCDfanHqR3YJtL7Rd2Tofi842e/tEtTMjynTUwDqz+0PV
CeuQNbMaNMhba0zHP54zyasaee/wFXm71bLGV1op2sM55St0DDSHrKJRowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN2y0upjHoWPNuVcvtpQZ8Dh0vN9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvM2JMUzZtTWVoWTgyNVZ5LTJsQm53T0hTODMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFWvDt8rP68cVxrG37f1
SnRQpIn6Sbx7byOl2uTMGVs2i8j4ZTXOmRYT/cQmieMVw0JlRzLh6Iep3y5zCxTR
19GpKvHC/zznSjDkqmzXmv+5PPSHwkwMe6WH0smJaUFbzN2t/swPkQnxrHQBkIHh
eCBKny2ZjewA1fRWX/Pz1ziTwvNBkrQW+hM2U4Ap9p8jQ+sBAh3DoW70LOMC2zjZ
91ycFtijlIyRYZNqaDD/0taPzoUqhd6KVhhLZ5XY9jbDg7pKXvDrRJ7Mq+Fs1XO5
GHPcprsycljKeE85eFiRxNmKBGy3iLnJH1z3W8eCN6EWIJ+0kJ6gwTQtJmsAYpZg
TeY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:42:16 2025 by rpki-client