Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3xfGy3kplgX39yvFF0MoYjdcoJI.roa
File: 3xfGy3kplgX39yvFF0MoYjdcoJI.roa (raw, json)
Hash identifier: YWv3ML0EQSsfzSGsBVtQ1HPZKf+oAjH62LXN176qZEY=
Subject key identifier: DF:17:C6:CB:79:29:96:05:F7:F7:2B:C5:17:43:28:62:37:5C:A0:92
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01855B377F1AE9E3F4C06593CE650BDF8934
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3xfGy3kplgX39yvFF0MoYjdcoJI.roa
Signing time: Thu 29 Dec 2022 00:10:41 +0000
ROA not before: Thu 29 Dec 2022 00:10:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5b:37:7f:1a:e9:e3:f4:c0:65:93:ce:65:0b:df:89:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 29 00:10:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df17c6cb79299605f7f72bc517432862375ca092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1e:cc:06:b8:ff:c7:76:c9:8f:37:bb:be:51:
fb:c7:c1:44:0e:51:37:1c:fb:43:e5:94:b6:83:42:
45:01:6c:de:77:68:a6:34:45:52:0c:16:fc:85:09:
02:95:23:c7:d9:18:26:81:a8:29:8a:19:28:49:b6:
56:2b:87:76:fd:20:f7:cc:f1:ff:b7:f7:fb:28:14:
0d:2f:40:32:72:b0:a9:da:0b:f4:7e:fe:3d:d9:76:
36:23:cf:8b:8a:0e:f9:c4:cf:38:19:97:a0:11:e5:
7b:c6:08:d4:05:1a:c0:86:c0:af:48:e5:5d:49:a0:
76:4a:94:4b:92:b1:d9:7a:ea:b6:a8:32:fd:5c:de:
3e:29:b7:23:75:c4:b1:1a:df:a4:f3:84:6b:ba:fc:
b8:e6:c7:90:43:54:c3:82:66:3c:9d:a5:7a:bd:1c:
7d:88:5c:3e:f9:31:97:35:86:e5:c8:3f:d7:60:6f:
3e:84:fb:aa:cb:0a:56:71:17:d6:67:0f:1f:37:e3:
e3:99:55:88:82:b9:ac:09:05:0a:30:1e:d3:5f:6d:
f5:9d:f7:db:c9:37:3e:cd:49:ac:0b:48:af:43:30:
b4:28:0a:cc:b0:9a:1f:aa:dd:76:ed:07:f9:4e:8a:
39:32:b6:f7:42:cd:44:fc:7f:1c:84:ff:cc:b2:e5:
6d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:17:C6:CB:79:29:96:05:F7:F7:2B:C5:17:43:28:62:37:5C:A0:92
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3xfGy3kplgX39yvFF0MoYjdcoJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:44:ba:8d:d6:cc:22:65:58:90:87:1e:63:b9:29:6a:bc:c9:
0c:be:5f:fc:ca:b2:08:68:0e:45:95:43:4a:74:d6:2c:3a:9b:
cc:73:85:03:be:53:70:ea:6d:f6:dd:a6:37:b5:ac:30:29:ac:
12:61:8a:49:8b:dc:3a:13:d4:76:58:0c:84:67:2c:11:e2:47:
8a:83:71:87:5d:e5:ef:82:cd:f6:8c:5e:c5:4c:4b:0a:49:56:
d1:13:34:f2:1b:59:98:c5:3c:9e:36:ca:27:21:9d:1d:ae:93:
88:46:75:4b:c1:9c:36:00:e7:17:b6:21:aa:61:7d:0c:a6:cc:
25:43:dd:3e:15:ca:e8:a7:34:3b:87:78:aa:cf:7d:25:04:9b:
f1:15:12:d3:cf:72:c4:4f:8e:ac:e6:57:3f:4f:5e:33:a5:58:
d7:fb:b0:28:a5:73:0c:49:8d:67:f9:fb:b7:02:0f:c1:b0:8c:
4d:12:8f:98:71:12:da:65:ef:40:04:ad:b9:71:30:17:6a:4c:
c6:5f:f4:d1:3d:3a:f6:0f:a7:5e:82:c3:2a:25:43:7b:39:7a:
78:78:b1:db:be:c3:18:44:90:21:00:dd:94:16:36:5f:d0:20:
f1:78:23:b9:1d:37:1e:80:8d:3a:5e:7d:a5:21:67:b1:4a:f2:
e1:8e:91:6e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVbN38a6eP0wGWTzmUL34k0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI5MDAxMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjE3YzZjYjc5Mjk5NjA1ZjdmNzJiYzUxNzQzMjg2MjM3NWNhMDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR7MBrj/x3bJjze7vlH7x8FEDlE3
HPtD5ZS2g0JFAWzed2imNEVSDBb8hQkClSPH2RgmgagpihkoSbZWK4d2/SD3zPH/
t/f7KBQNL0AycrCp2gv0fv492XY2I8+Lig75xM84GZegEeV7xgjUBRrAhsCvSOVd
SaB2SpRLkrHZeuq2qDL9XN4+KbcjdcSxGt+k84Rruvy45seQQ1TDgmY8naV6vRx9
iFw++TGXNYblyD/XYG8+hPuqywpWcRfWZw8fN+PjmVWIgrmsCQUKMB7TX231nffb
yTc+zUmsC0ivQzC0KArMsJofqt127Qf5Too5Mrb3Qs1E/H8chP/MsuVtwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN8Xxst5KZYF9/crxRdDKGI3XKCSMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvM3hmR3kza3BsZ1gzOXl2RkYwTW9ZamRjb0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJtEuo3WzCJlWJCHHmO5
KWq8yQy+X/zKsghoDkWVQ0p01iw6m8xzhQO+U3Dqbfbdpje1rDAprBJhikmL3DoT
1HZYDIRnLBHiR4qDcYdd5e+CzfaMXsVMSwpJVtETNPIbWZjFPJ42yichnR2uk4hG
dUvBnDYA5xe2IaphfQymzCVD3T4VyuinNDuHeKrPfSUEm/EVEtPPcsRPjqzmVz9P
XjOlWNf7sCilcwxJjWf5+7cCD8GwjE0Sj5hxEtpl70AErblxMBdqTMZf9NE9OvYP
p16CwyolQ3s5enh4sdu+wxhEkCEA3ZQWNl/QIPF4I7kdNx6AjTpefaUhZ7FK8uGO
kW4=
-----END CERTIFICATE-----
Generated at Thu May 1 22:34:38 2025 by rpki-client