Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3dOF7UGROxJ1u4NhXxuyLbl8mFM.roa
File: 3dOF7UGROxJ1u4NhXxuyLbl8mFM.roa (raw, json)
Hash identifier: SxC2yWnjZwIQO09kJ/EQHz7qukfvtXtMeD2L61FtptY=
Subject key identifier: DD:D3:85:ED:41:91:3B:12:75:BB:83:61:5F:1B:B2:2D:B9:7C:98:53
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018510BC990EB6A211EB1781336D3731A340
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3dOF7UGROxJ1u4NhXxuyLbl8mFM.roa
Signing time: Wed 14 Dec 2022 13:04:33 +0000
ROA not before: Wed 14 Dec 2022 13:04:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:185:10bc:2ec9/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:10:bc:99:0e:b6:a2:11:eb:17:81:33:6d:37:31:a3:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 14 13:04:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddd385ed41913b1275bb83615f1bb22db97c9853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c2:33:56:37:2f:5f:4f:62:4b:06:a1:8e:75:
a1:da:f8:2f:de:e8:06:a8:3c:86:07:95:28:74:19:
4c:b5:1f:fe:a5:c3:76:dd:bd:20:e8:dd:22:bb:16:
4c:7b:06:ec:92:bd:d6:d4:80:8b:24:b9:16:90:7a:
89:54:0a:1c:b3:33:02:84:23:43:a5:1d:30:18:da:
55:80:6c:5a:67:2d:1f:a3:9b:77:f6:62:6f:84:c9:
09:f6:b7:0d:c4:80:bd:5d:ee:91:62:1a:68:b3:59:
f1:86:c0:83:0b:ed:d8:f1:d8:5e:b0:9f:4e:b8:c8:
34:ba:4e:6e:6f:87:a5:f5:9e:0d:0f:10:a6:d7:15:
e0:84:8c:48:bd:ff:c3:02:3f:c4:86:b5:a1:db:76:
a1:aa:9b:ea:97:7f:9d:59:50:86:f9:ba:6a:73:43:
7b:34:98:ea:c8:08:e7:6e:37:e4:ff:f4:07:d4:1a:
9c:4c:dd:42:e7:33:64:bb:a3:18:48:8c:0e:c8:a3:
32:e7:a8:0f:ca:2f:de:d7:95:1c:44:1a:0a:c2:35:
95:8a:b2:fc:9c:f2:6e:8c:0b:e9:54:e7:38:d9:a6:
a0:aa:63:28:54:be:94:e0:79:b7:fb:11:89:e5:53:
07:08:77:69:95:ec:7e:5d:a0:0d:4e:2a:27:a0:bc:
42:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D3:85:ED:41:91:3B:12:75:BB:83:61:5F:1B:B2:2D:B9:7C:98:53
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3dOF7UGROxJ1u4NhXxuyLbl8mFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
aa:05:07:b3:18:d1:5d:5a:6c:5c:89:2a:80:a8:4b:3e:b2:76:
b7:05:79:31:eb:c3:32:30:34:91:b0:18:95:6e:3a:f3:2f:0b:
8b:0b:62:d5:aa:89:03:6d:02:7c:bd:02:f9:2e:26:80:eb:11:
fd:92:67:b7:b7:45:87:46:96:4a:a2:32:cf:28:b0:bc:da:6a:
11:f7:1e:1f:72:92:7d:c4:ba:00:74:94:55:39:06:dd:8d:dd:
2d:45:b9:cb:3b:61:9c:ce:0a:4f:a6:05:09:90:6c:ef:43:a2:
1a:83:18:78:a2:42:61:99:3e:2c:76:65:b8:47:c8:2a:6b:df:
e1:78:20:dd:7a:9d:ec:fc:53:fa:d4:9b:14:3f:07:71:b8:8f:
19:e0:07:bb:c8:e9:96:0a:d3:41:5c:23:45:71:af:41:e5:c7:
8e:df:97:78:ed:ba:7d:49:3a:a3:e0:84:25:e2:87:4d:8e:3b:
36:80:49:3e:44:e9:49:7c:58:9f:0d:30:80:6e:e4:8a:90:a1:
69:34:12:7b:0c:80:e3:1c:95:e1:b5:1d:ed:23:7b:bb:2e:40:
81:f2:a0:7a:ff:32:28:59:8d:a3:a0:39:c1:39:db:9d:f7:eb:
1f:66:3c:66:c1:81:32:b9:0d:c7:59:69:f1:8b:42:f7:93:0d:
2a:a4:ef:f7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUQvJkOtqIR6xeBM203MaNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE0MTMwNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQzODVlZDQxOTEzYjEyNzViYjgzNjE1ZjFiYjIyZGI5N2M5ODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMIzVjcvX09iSwahjnWh2vgv3ugG
qDyGB5UodBlMtR/+pcN23b0g6N0iuxZMewbskr3W1ICLJLkWkHqJVAocszMChCND
pR0wGNpVgGxaZy0fo5t39mJvhMkJ9rcNxIC9Xe6RYhpos1nxhsCDC+3Y8dhesJ9O
uMg0uk5ub4el9Z4NDxCm1xXghIxIvf/DAj/EhrWh23ahqpvql3+dWVCG+bpqc0N7
NJjqyAjnbjfk//QH1BqcTN1C5zNku6MYSIwOyKMy56gPyi/e15UcRBoKwjWVirL8
nPJujAvpVOc42aagqmMoVL6U4Hm3+xGJ5VMHCHdplex+XaANTionoLxC0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN3The1BkTsSdbuDYV8bsi25fJhTMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvM2RPRjdVR1JPeEoxdTROaFh4dXlMYmw4bUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKoFB7MY0V1abFyJKoCo
Sz6ydrcFeTHrwzIwNJGwGJVuOvMvC4sLYtWqiQNtAny9AvkuJoDrEf2SZ7e3RYdG
lkqiMs8osLzaahH3Hh9ykn3EugB0lFU5Bt2N3S1Fucs7YZzOCk+mBQmQbO9DohqD
GHiiQmGZPix2ZbhHyCpr3+F4IN16nez8U/rUmxQ/B3G4jxngB7vI6ZYK00FcI0Vx
r0Hlx47fl3jtun1JOqPghCXih02OOzaAST5E6Ul8WJ8NMIBu5IqQoWk0EnsMgOMc
leG1He0je7suQIHyoHr/MihZjaOgOcE525336x9mPGbBgTK5DcdZafGLQveTDSqk
7/c=
-----END CERTIFICATE-----
Generated at Thu May 1 00:08:05 2025 by rpki-client