Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9l8FuyDJBzxHkISgpBwj_tcsXjQ.roa
File: 9l8FuyDJBzxHkISgpBwj_tcsXjQ.roa (raw, json)
Hash identifier: +cmmgn4vKAI5ONhZFvONpCb4FGrNnRWI+TV6RyTezz4=
Subject key identifier: F6:5F:05:BB:20:C9:07:3C:47:90:84:A0:A4:1C:23:FE:D7:2C:5E:34
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185733E01A82F601F40BBC6C227BDC354B7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9l8FuyDJBzxHkISgpBwj_tcsXjQ.roa
Signing time: Mon 02 Jan 2023 16:08:41 +0000
ROA not before: Mon 02 Jan 2023 16:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:3e:01:a8:2f:60:1f:40:bb:c6:c2:27:bd:c3:54:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 2 16:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f65f05bb20c9073c479084a0a41c23fed72c5e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f3:b1:9d:b0:e2:87:62:96:2b:d9:5d:53:98:
8e:04:df:32:78:0f:4a:1b:56:f2:3e:af:41:37:d8:
4c:05:b5:64:27:a6:8e:fc:3b:32:81:12:ad:34:f2:
0f:47:04:ae:00:46:b6:d3:94:5b:95:42:2b:cf:c9:
07:12:26:81:d3:d8:5b:db:0c:1f:d1:05:f3:92:43:
46:64:fd:78:b9:3b:95:66:f0:46:41:04:85:a4:75:
17:37:d1:eb:24:64:e3:bd:9c:3b:fc:3f:bf:19:d9:
22:e1:3a:d0:58:d9:e5:c1:79:03:57:5e:e0:01:79:
05:48:2d:ba:7f:40:38:17:c1:32:10:c4:9c:16:2d:
f5:88:85:85:73:ad:9c:c0:3c:47:e5:5f:ec:ae:41:
a5:82:ee:91:a0:cb:f4:4e:5e:aa:ff:2e:79:c6:21:
0e:35:23:ee:51:3d:c6:89:c5:ea:45:34:5e:33:17:
48:60:55:a0:aa:7b:e3:bf:3b:0e:00:63:b3:4b:7d:
76:bd:5b:78:55:b5:ca:a6:ac:d7:af:29:63:50:6b:
1d:85:77:b7:aa:a6:33:33:c8:67:2b:21:f4:5c:b8:
3e:21:34:82:71:96:22:1b:79:ca:cb:c7:e8:8c:13:
52:66:60:2a:4d:0d:db:cd:be:bc:a4:b5:e5:bf:ec:
9e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5F:05:BB:20:C9:07:3C:47:90:84:A0:A4:1C:23:FE:D7:2C:5E:34
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9l8FuyDJBzxHkISgpBwj_tcsXjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:fc:09:29:d8:3d:2a:15:80:3c:8d:28:7c:e2:d0:e8:8c:26:
8a:ba:01:ba:06:15:f2:ee:5b:37:d0:cc:29:2b:53:2d:b9:9a:
c5:9e:76:c5:ef:40:f5:04:ce:67:eb:0d:7e:96:36:86:8b:bc:
18:b2:31:36:d3:f0:c3:91:4f:44:0a:11:5b:5a:72:f8:9b:5a:
8c:11:b8:92:3f:9d:73:7d:e3:9d:1a:e4:ad:5a:2c:16:95:95:
7b:60:33:cc:da:f9:87:e4:af:e4:a3:6a:43:b1:0a:3a:18:54:
34:10:f1:44:ee:4e:51:60:8a:15:35:7a:02:48:71:c8:3b:8f:
ee:a1:78:5d:bf:28:cf:36:4a:df:62:9a:76:a3:10:d1:0b:2f:
ec:c1:b6:64:ed:ed:5b:3b:d5:9e:c5:cf:97:fa:e0:ec:36:5e:
74:32:12:d6:bd:88:90:f4:42:17:dc:7f:3e:b7:67:dc:30:0b:
ff:d5:f7:89:63:b2:cb:0a:57:5b:a3:77:09:09:c5:b3:54:98:
8e:65:c7:21:27:5e:83:0f:70:22:25:75:aa:18:9c:60:82:2c:
aa:5b:c1:18:63:fe:60:ae:79:1a:19:73:a0:42:9a:78:78:c5:
16:cb:9d:23:1e:16:58:ae:a4:66:46:0e:f4:b9:c6:4b:ed:aa:
e7:7b:c0:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVzPgGoL2AfQLvGwie9w1S3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAyMTYwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjVmMDViYjIwYzkwNzNjNDc5MDg0YTBhNDFjMjNmZWQ3MmM1ZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPOxnbDih2KWK9ldU5iOBN8yeA9K
G1byPq9BN9hMBbVkJ6aO/DsygRKtNPIPRwSuAEa205RblUIrz8kHEiaB09hb2wwf
0QXzkkNGZP14uTuVZvBGQQSFpHUXN9HrJGTjvZw7/D+/Gdki4TrQWNnlwXkDV17g
AXkFSC26f0A4F8EyEMScFi31iIWFc62cwDxH5V/srkGlgu6RoMv0Tl6q/y55xiEO
NSPuUT3GicXqRTReMxdIYFWgqnvjvzsOAGOzS312vVt4VbXKpqzXryljUGsdhXe3
qqYzM8hnKyH0XLg+ITSCcZYiG3nKy8fojBNSZmAqTQ3bzb68pLXlv+yeQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPZfBbsgyQc8R5CEoKQcI/7XLF40MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOWw4RnV5REpCenhIa0lTZ3BCd2pfdGNzWGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGH8CSnYPSoVgDyNKHzi
0OiMJoq6AboGFfLuWzfQzCkrUy25msWedsXvQPUEzmfrDX6WNoaLvBiyMTbT8MOR
T0QKEVtacvibWowRuJI/nXN9450a5K1aLBaVlXtgM8za+Yfkr+SjakOxCjoYVDQQ
8UTuTlFgihU1egJIccg7j+6heF2/KM82St9imnajENELL+zBtmTt7Vs71Z7Fz5f6
4Ow2XnQyEta9iJD0Qhfcfz63Z9wwC//V94ljsssKV1ujdwkJxbNUmI5lxyEnXoMP
cCIldaoYnGCCLKpbwRhj/mCueRoZc6BCmnh4xRbLnSMeFliupGZGDvS5xkvtqud7
wAA=
-----END CERTIFICATE-----
Generated at Thu May 1 07:50:37 2025 by rpki-client