Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9WjhzV4PN6JnezhhUvCtzS0HzZk.roa
File: 9WjhzV4PN6JnezhhUvCtzS0HzZk.roa (raw, json)
Hash identifier: C/TN5aDnjmPTdadzjH/UHXkId/zYhUtlqwklgewyUS0=
Subject key identifier: F5:68:E1:CD:5E:0F:37:A2:67:7B:38:61:52:F0:AD:CD:2D:07:CD:99
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01854440E5AE517C4B35F31BB7F4FFEAA3A5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9WjhzV4PN6JnezhhUvCtzS0HzZk.roa
Signing time: Sat 24 Dec 2022 13:09:41 +0000
ROA not before: Sat 24 Dec 2022 13:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:44:40:e5:ae:51:7c:4b:35:f3:1b:b7:f4:ff:ea:a3:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 24 13:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f568e1cd5e0f37a2677b386152f0adcd2d07cd99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9a:05:aa:c1:75:41:0f:b8:26:25:d4:d8:5c:
d0:86:dd:7e:02:fc:a5:73:a4:a2:71:9a:1f:c4:b9:
a9:a5:e3:d8:16:8a:ec:f9:7d:57:e6:81:01:12:16:
41:f9:44:b8:4d:86:34:5d:33:43:09:95:e2:49:b9:
96:1b:bf:f3:59:92:55:14:3f:21:aa:11:0f:19:f7:
93:52:e0:bb:37:32:96:4c:c7:37:a2:f3:e8:a4:60:
90:42:01:da:8a:9f:36:ec:86:86:d1:72:2e:66:18:
61:a7:55:d5:1f:8a:21:b1:10:fd:ab:d5:48:28:c5:
59:45:54:7c:93:81:9d:f7:af:23:19:7c:9c:8d:3a:
fd:33:0a:02:fc:af:a5:6b:a8:70:0f:c8:14:e0:bc:
9e:83:90:96:0c:ec:83:d0:8d:d9:e4:a6:cc:37:6b:
10:56:39:51:b9:de:e4:2a:c9:fc:21:f7:18:21:cf:
c2:a1:f9:df:6a:b0:31:ea:f9:5b:d2:bd:62:7d:15:
20:9d:54:fa:00:da:51:33:90:ae:dc:86:41:9a:0c:
5d:9e:15:fa:ff:0f:20:ad:50:6f:77:27:2c:d8:d2:
d4:d5:3b:a5:ae:44:5a:96:5d:92:79:62:8e:6f:6b:
71:fd:cb:18:84:03:14:fc:63:98:2b:64:42:33:d1:
9c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:68:E1:CD:5E:0F:37:A2:67:7B:38:61:52:F0:AD:CD:2D:07:CD:99
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9WjhzV4PN6JnezhhUvCtzS0HzZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ad:c3:52:a6:da:3d:00:cc:2c:40:c1:09:75:23:f1:62:31:9d:
63:22:38:ac:2a:37:91:ff:31:21:eb:12:b6:43:13:c8:90:0b:
87:d0:f4:65:42:fb:29:db:44:f6:81:27:5b:fe:04:89:43:d7:
d3:72:66:a4:3c:dd:04:d9:ac:56:06:b5:a3:dd:78:4f:16:f2:
30:25:55:ba:dc:70:a6:c8:de:99:eb:f6:66:15:d4:00:0f:4a:
f4:79:88:fd:c0:7a:5c:26:26:89:d6:c1:7a:5a:29:02:e5:43:
58:a4:68:49:7b:d2:62:32:6b:2a:ae:87:6f:6c:1d:ec:ca:48:
ac:25:65:00:e5:b4:90:f4:72:c5:b7:b7:65:09:a4:79:5f:c0:
96:89:29:0a:76:99:5c:6e:44:a4:76:3f:60:3e:99:87:5b:93:
97:ed:4d:a7:0d:0e:08:90:0c:40:f7:5f:00:e5:94:72:bb:2a:
f5:de:18:99:59:d0:9b:12:b4:35:13:f0:f5:7c:31:d8:8a:51:
8a:c1:f5:65:f9:99:24:f2:d9:0d:31:cf:b1:80:61:08:46:29:
1e:53:2f:7e:fb:20:a5:b1:2f:a9:07:41:22:15:e5:3d:91:45:
67:ac:81:c9:f7:9b:fa:d3:30:ab:aa:c3:5a:b0:e1:1e:3e:28:
e8:78:ab:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVEQOWuUXxLNfMbt/T/6qOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI0MTMwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTY4ZTFjZDVlMGYzN2EyNjc3YjM4NjE1MmYwYWRjZDJkMDdjZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipoFqsF1QQ+4JiXU2FzQht1+Avyl
c6SicZofxLmppePYFors+X1X5oEBEhZB+US4TYY0XTNDCZXiSbmWG7/zWZJVFD8h
qhEPGfeTUuC7NzKWTMc3ovPopGCQQgHaip827IaG0XIuZhhhp1XVH4ohsRD9q9VI
KMVZRVR8k4Gd968jGXycjTr9MwoC/K+la6hwD8gU4Lyeg5CWDOyD0I3Z5KbMN2sQ
VjlRud7kKsn8IfcYIc/CofnfarAx6vlb0r1ifRUgnVT6ANpRM5Cu3IZBmgxdnhX6
/w8grVBvdycs2NLU1TulrkRall2SeWKOb2tx/csYhAMU/GOYK2RCM9GcBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPVo4c1eDzeiZ3s4YVLwrc0tB82ZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOVdqaHpWNFBONkpuZXpoaFV2Q3R6UzBIelprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK3DUqbaPQDMLEDBCXUj
8WIxnWMiOKwqN5H/MSHrErZDE8iQC4fQ9GVC+ynbRPaBJ1v+BIlD19NyZqQ83QTZ
rFYGtaPdeE8W8jAlVbrccKbI3pnr9mYV1AAPSvR5iP3AelwmJonWwXpaKQLlQ1ik
aEl70mIyayquh29sHezKSKwlZQDltJD0csW3t2UJpHlfwJaJKQp2mVxuRKR2P2A+
mYdbk5ftTacNDgiQDED3XwDllHK7KvXeGJlZ0JsStDUT8PV8MdiKUYrB9WX5mSTy
2Q0xz7GAYQhGKR5TL377IKWxL6kHQSIV5T2RRWesgcn3m/rTMKuqw1qw4R4+KOh4
qyQ=
-----END CERTIFICATE-----
Generated at Fri May 2 14:43:36 2025 by rpki-client