Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AM0FHDWP80I48WlZ6b_DOIxTiFA.roa
File: AM0FHDWP80I48WlZ6b_DOIxTiFA.roa (raw, json)
Hash identifier: cYAfLsKIUfdoOY+T4Cl9R3eUUn4RF5itbzwk6CjbvTA=
Subject key identifier: 00:CD:05:1C:35:8F:F3:42:38:F1:69:59:E9:BF:C3:38:8C:53:88:50
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01851920722DCE0FB7C1B3DC6D8772407044
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AM0FHDWP80I48WlZ6b_DOIxTiFA.roa
Signing time: Fri 16 Dec 2022 04:10:34 +0000
ROA not before: Fri 16 Dec 2022 04:10:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:19:20:72:2d:ce:0f:b7:c1:b3:dc:6d:87:72:40:70:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 16 04:10:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00cd051c358ff34238f16959e9bfc3388c538850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7b:b4:f8:f9:91:9b:a4:d3:9c:b2:90:1f:1b:
1c:96:3d:50:f9:bf:d1:52:85:a6:7f:0d:ab:9d:a1:
2c:28:cf:52:d2:98:47:2a:5f:fd:04:4b:61:87:0b:
6f:dd:df:66:88:05:f5:8e:ca:d9:80:fe:76:b1:ea:
5a:d0:33:8d:ce:18:54:99:57:a5:eb:73:f3:bd:a8:
3d:27:ea:af:bc:a7:0c:84:07:89:0d:e4:c7:d8:56:
b1:e7:3f:38:5d:88:95:2d:33:97:22:d2:b8:0c:4a:
c9:cf:71:cb:ce:0c:ea:26:62:66:49:3f:b6:96:4e:
97:2d:ef:dc:c6:43:d6:da:04:69:be:ad:e0:06:8e:
26:75:84:b8:af:24:85:88:63:fb:2a:b6:57:96:8e:
42:d7:d9:ea:47:d8:79:1e:36:eb:17:34:3e:76:c7:
b7:75:15:8d:87:2b:cb:44:05:82:b1:25:70:f3:3a:
ae:07:75:d3:c3:79:22:b6:5b:9f:12:70:9d:32:72:
05:0e:3b:c1:69:f7:78:7d:f5:65:d5:ac:31:76:55:
67:d7:8e:9d:02:16:3c:dd:99:34:f2:9a:b6:25:ac:
75:6e:ae:a4:07:2f:f2:5e:4f:32:3b:5e:d4:be:5b:
1b:66:cb:4b:dd:86:8d:d8:83:b4:3c:f1:4b:e2:b8:
c9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CD:05:1C:35:8F:F3:42:38:F1:69:59:E9:BF:C3:38:8C:53:88:50
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AM0FHDWP80I48WlZ6b_DOIxTiFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:25:4c:de:cb:a1:be:a6:e5:6d:9b:76:11:bd:9c:17:78:a6:
61:cb:40:1b:f6:55:e2:18:7b:e5:2d:b4:ad:f9:81:e0:3a:ae:
5c:a3:3c:8e:8d:36:3f:0f:0d:65:92:61:d6:01:11:c5:57:a7:
23:d1:ea:90:7a:36:56:2a:12:8c:64:76:b4:86:87:69:5e:4c:
05:1e:c0:e2:59:0a:c8:f1:88:d8:94:65:29:a3:67:22:72:6d:
37:80:0e:f9:a1:8e:6c:11:fe:fc:fa:59:a7:72:c6:57:b0:39:
b4:f7:eb:9e:7e:6e:a7:14:11:7e:1f:b9:de:f1:84:a2:35:4d:
be:04:09:8a:bb:7a:fa:cb:35:44:93:f2:eb:ee:22:03:63:2d:
aa:0d:29:a4:88:f6:51:59:0c:2e:17:9b:11:44:9b:f1:2a:6b:
b7:fd:b5:38:12:db:d0:da:13:d5:1c:d0:80:2b:d5:a1:87:de:
02:cb:f9:26:d3:fc:a4:3d:74:2e:d7:74:58:6c:ce:dd:4e:54:
0f:29:7f:e9:6f:b4:60:f0:26:51:8e:5a:36:02:bb:68:75:6b:
0c:4d:02:0b:f0:4d:bd:4d:e0:a7:fb:05:7e:2e:89:78:25:c6:
74:d3:2c:b8:04:8d:51:f2:3a:50:79:84:b5:eb:05:d0:65:c9:
b1:5e:79:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUZIHItzg+3wbPcbYdyQHBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE2MDQxMDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGNkMDUxYzM1OGZmMzQyMzhmMTY5NTllOWJmYzMzODhjNTM4ODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnu0+PmRm6TTnLKQHxsclj1Q+b/R
UoWmfw2rnaEsKM9S0phHKl/9BEthhwtv3d9miAX1jsrZgP52sepa0DONzhhUmVel
63Pzvag9J+qvvKcMhAeJDeTH2Fax5z84XYiVLTOXItK4DErJz3HLzgzqJmJmST+2
lk6XLe/cxkPW2gRpvq3gBo4mdYS4rySFiGP7KrZXlo5C19nqR9h5HjbrFzQ+dse3
dRWNhyvLRAWCsSVw8zquB3XTw3kitlufEnCdMnIFDjvBafd4ffVl1awxdlVn146d
AhY83Zk08pq2Jax1bq6kBy/yXk8yO17UvlsbZstL3YaN2IO0PPFL4rjJnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFADNBRw1j/NCOPFpWem/wziMU4hQMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQU0wRkhEV1A4MEk0OFdsWjZiX0RPSXhUaUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA8lTN7Lob6m5W2bdhG9
nBd4pmHLQBv2VeIYe+UttK35geA6rlyjPI6NNj8PDWWSYdYBEcVXpyPR6pB6NlYq
EoxkdrSGh2leTAUewOJZCsjxiNiUZSmjZyJybTeADvmhjmwR/vz6WadyxlewObT3
655+bqcUEX4fud7xhKI1Tb4ECYq7evrLNUST8uvuIgNjLaoNKaSI9lFZDC4XmxFE
m/Eqa7f9tTgS29DaE9Uc0IAr1aGH3gLL+SbT/KQ9dC7XdFhszt1OVA8pf+lvtGDw
JlGOWjYCu2h1awxNAgvwTb1N4Kf7BX4uiXglxnTTLLgEjVHyOlB5hLXrBdBlybFe
eUk=
-----END CERTIFICATE-----
Generated at Thu May 1 02:51:47 2025 by rpki-client