Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Aw-F05Uz8RTObL8ICLllDTKXWpQ.roa
File: Aw-F05Uz8RTObL8ICLllDTKXWpQ.roa (raw, json)
Hash identifier: gYf+JR5uzrygeuDMsf78gZhckwR2m1f6JrAtBzF1rwc=
Subject key identifier: 03:0F:85:D3:95:33:F1:14:CE:6C:BF:08:08:B9:65:0D:32:97:5A:94
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185022B2632666C0F248CAC1D10153EC6E4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Aw-F05Uz8RTObL8ICLllDTKXWpQ.roa
Signing time: Sun 11 Dec 2022 17:11:00 +0000
ROA not before: Sun 11 Dec 2022 17:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:02:2b:26:32:66:6c:0f:24:8c:ac:1d:10:15:3e:c6:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 11 17:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=030f85d39533f114ce6cbf0808b9650d32975a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:cc:ae:1d:55:2c:6b:e3:d4:42:ad:3a:83:2f:
4e:cb:1d:76:e0:b1:05:72:17:1f:7a:52:87:e7:0f:
86:0f:58:55:ec:25:3e:82:14:3a:c3:45:8a:71:7a:
fe:21:f5:6f:58:fe:52:5e:b3:a7:dc:9f:75:bb:16:
07:4f:c3:05:cf:aa:c5:be:bf:2c:98:8b:75:eb:60:
83:c5:c4:ee:66:00:93:fe:69:d2:82:17:14:01:3a:
90:dc:34:20:18:d5:18:29:60:85:ed:2e:b9:da:2c:
c0:5b:01:bf:0f:fa:52:e1:53:9f:a0:ab:07:f6:81:
c5:b5:67:e7:8d:a3:7d:f3:22:ec:c4:5a:dc:77:1a:
90:64:99:e1:32:20:0f:8d:de:fb:40:fa:af:47:c4:
59:32:82:0b:5a:15:40:3c:cd:58:2b:b5:13:8d:8c:
74:b5:a0:0a:8b:d7:ad:42:76:b0:4c:58:87:0b:72:
95:16:34:5d:d2:af:e5:70:fe:8f:ed:30:06:48:c2:
2d:2f:40:e7:b0:32:fe:ab:33:1c:4c:6b:bd:c9:c3:
77:ec:53:2a:18:18:4d:91:fb:53:26:13:72:60:29:
af:c2:41:22:7b:40:6f:14:80:35:80:8d:1d:93:58:
60:dd:a0:b4:8c:0b:cf:46:e3:66:53:c8:e1:bc:51:
99:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:0F:85:D3:95:33:F1:14:CE:6C:BF:08:08:B9:65:0D:32:97:5A:94
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Aw-F05Uz8RTObL8ICLllDTKXWpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:43:f8:d5:02:66:f4:38:8e:bf:37:55:f4:da:1f:ab:da:38:
06:60:ac:c3:bb:53:3b:9d:75:6d:0b:ad:9e:0b:69:89:8c:12:
99:67:c1:16:b7:28:67:6e:ad:5a:82:5a:a3:69:14:fa:c4:30:
0b:1c:68:58:e1:1a:62:d1:bf:80:e0:6a:44:d2:2f:0f:f9:1a:
d9:5f:b7:c0:e1:86:c0:96:4a:68:ea:08:43:23:bd:6c:f5:60:
12:57:6c:e8:14:7f:62:80:1e:72:15:3a:93:82:0d:1d:f2:d8:
24:86:07:c2:7c:44:e8:ed:8a:7a:26:5c:8e:08:67:5a:11:c0:
5d:8e:73:71:ad:8f:f1:ad:df:f0:37:f5:87:15:c4:65:0f:4b:
6c:1d:e7:d5:5e:da:c7:19:e7:8d:15:b8:28:78:48:f2:b5:6a:
31:e8:e8:2f:f9:96:89:06:ee:4a:0b:14:46:a8:e9:dd:82:9c:
c0:80:3e:ba:52:e6:62:fa:72:c0:a4:d2:4e:6a:0c:b6:ff:bd:
67:7f:4c:cf:e4:62:9b:c4:52:81:86:7a:a3:74:4b:3d:cb:1a:
1d:ec:5a:a2:71:dc:49:47:f3:02:24:0f:20:4b:15:75:1b:83:
6f:1d:2f:09:e7:b1:f0:ef:d4:d7:e9:0d:6f:3f:93:a6:33:ed:
c9:6d:35:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUCKyYyZmwPJIysHRAVPsbkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjExMTcxMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzBmODVkMzk1MzNmMTE0Y2U2Y2JmMDgwOGI5NjUwZDMyOTc1YTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MyuHVUsa+PUQq06gy9Oyx124LEF
chcfelKH5w+GD1hV7CU+ghQ6w0WKcXr+IfVvWP5SXrOn3J91uxYHT8MFz6rFvr8s
mIt162CDxcTuZgCT/mnSghcUATqQ3DQgGNUYKWCF7S652izAWwG/D/pS4VOfoKsH
9oHFtWfnjaN98yLsxFrcdxqQZJnhMiAPjd77QPqvR8RZMoILWhVAPM1YK7UTjYx0
taAKi9etQnawTFiHC3KVFjRd0q/lcP6P7TAGSMItL0DnsDL+qzMcTGu9ycN37FMq
GBhNkftTJhNyYCmvwkEie0BvFIA1gI0dk1hg3aC0jAvPRuNmU8jhvFGZrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAMPhdOVM/EUzmy/CAi5ZQ0yl1qUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQXctRjA1VXo4UlRPYkw4SUNMbGxEVEtYV3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABBD+NUCZvQ4jr83VfTa
H6vaOAZgrMO7UzuddW0LrZ4LaYmMEplnwRa3KGdurVqCWqNpFPrEMAscaFjhGmLR
v4DgakTSLw/5Gtlft8DhhsCWSmjqCEMjvWz1YBJXbOgUf2KAHnIVOpOCDR3y2CSG
B8J8ROjtinomXI4IZ1oRwF2Oc3Gtj/Gt3/A39YcVxGUPS2wd59Ve2scZ540VuCh4
SPK1ajHo6C/5lokG7koLFEao6d2CnMCAPrpS5mL6csCk0k5qDLb/vWd/TM/kYpvE
UoGGeqN0Sz3LGh3sWqJx3ElH8wIkDyBLFXUbg28dLwnnsfDv1NfpDW8/k6Yz7clt
NVA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:02:38 2025 by rpki-client