Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/C7KsRvqD9MmuhTKq4UVCGvRJ46U.roa
File: C7KsRvqD9MmuhTKq4UVCGvRJ46U.roa (raw, json)
Hash identifier: u8011XVQWLcVVAvNlkiKKG9IVCAOhkl3aMslZKr8jqI=
Subject key identifier: 0B:B2:AC:46:FA:83:F4:C9:AE:85:32:AA:E1:45:42:1A:F4:49:E3:A5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856E4F834109C0393521409E8A3CEB43C8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/C7KsRvqD9MmuhTKq4UVCGvRJ46U.roa
Signing time: Sun 01 Jan 2023 17:09:42 +0000
ROA not before: Sun 01 Jan 2023 17:09:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:4f:83:41:09:c0:39:35:21:40:9e:8a:3c:eb:43:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 1 17:09:42 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bb2ac46fa83f4c9ae8532aae145421af449e3a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7c:d2:d0:ef:52:2b:01:98:ea:dc:c5:4e:92:
f4:38:16:1f:39:2e:4a:29:34:a5:47:7a:63:2a:82:
02:b6:9b:64:1e:28:3d:fb:1a:ab:f1:cc:8e:37:21:
b1:66:71:0b:ca:8a:5c:36:77:42:15:1b:9d:2d:0e:
e7:7c:4b:4d:c7:9d:ac:ab:2f:06:09:b5:f9:95:58:
fb:4e:62:92:6f:bf:de:c6:63:a6:ef:09:c6:b4:ee:
60:3d:b1:33:c3:1a:22:65:2c:14:b5:cd:a1:72:23:
90:94:e6:25:c1:09:75:06:3c:61:05:40:b6:28:4d:
34:34:20:f1:b4:3c:14:4c:cc:6b:4e:c4:dc:69:95:
bd:fa:63:99:a1:fb:27:16:2f:ea:dd:18:29:05:1f:
55:35:51:ea:56:54:65:70:9d:e7:92:88:a3:61:ec:
2e:15:7a:84:1b:c9:c6:64:7a:8c:9d:e6:56:44:7b:
08:38:36:b6:e0:44:ab:16:53:a2:a2:03:13:b9:36:
d8:35:e8:b1:d6:58:55:7c:ea:b8:bd:2f:69:06:6b:
e8:4d:49:0e:bd:0f:de:bd:89:94:b5:42:a0:aa:1b:
0e:ec:55:41:19:05:33:10:4d:c8:30:90:f4:6f:00:
7d:61:66:56:76:d0:ef:bf:d3:07:a1:a0:63:89:48:
bf:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B2:AC:46:FA:83:F4:C9:AE:85:32:AA:E1:45:42:1A:F4:49:E3:A5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/C7KsRvqD9MmuhTKq4UVCGvRJ46U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:fd:79:29:68:c6:d8:1a:86:44:f5:7d:da:ce:7f:ad:75:ce:
59:89:fc:94:b8:d0:98:4b:e6:67:59:70:21:db:d2:7b:83:e6:
d1:62:29:53:8f:a9:dd:00:2e:01:42:1b:50:e6:38:24:2f:85:
c5:09:71:ad:28:c3:e3:af:d0:70:ff:29:04:74:c4:f7:d1:e3:
0f:3c:63:2a:d4:76:a3:e0:ca:1f:54:f6:9e:57:b9:0e:43:d2:
f5:94:78:b5:42:93:30:13:16:ac:79:30:f4:b8:6f:e2:92:c2:
7b:4b:63:be:aa:96:f8:e6:00:9d:c5:c3:01:90:c3:7e:03:b4:
97:a4:e9:3d:89:cd:24:a8:4f:94:d6:28:c0:97:69:2e:9e:55:
76:c6:bc:62:90:50:81:f1:92:db:93:cb:c6:59:da:18:0b:72:
b0:b2:a2:fb:39:80:47:85:6d:5c:e3:6d:b2:38:1c:ab:2d:79:
ac:e8:ee:e2:04:f7:cd:ee:ad:23:39:54:95:86:34:fe:66:b2:
76:9b:f0:e6:df:f5:2b:4b:4d:da:99:55:2c:25:6d:d7:a3:cf:
81:33:b1:3a:86:b5:81:05:62:36:e7:30:a6:c4:a2:9e:c9:95:
7b:b5:f6:a7:60:c8:b1:20:5b:ff:ab:56:d1:9e:81:b2:d7:53:
ed:6b:d5:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuT4NBCcA5NSFAnoo860PIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAxMTcwOTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmIyYWM0NmZhODNmNGM5YWU4NTMyYWFlMTQ1NDIxYWY0NDllM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHzS0O9SKwGY6tzFTpL0OBYfOS5K
KTSlR3pjKoICtptkHig9+xqr8cyONyGxZnELyopcNndCFRudLQ7nfEtNx52sqy8G
CbX5lVj7TmKSb7/exmOm7wnGtO5gPbEzwxoiZSwUtc2hciOQlOYlwQl1BjxhBUC2
KE00NCDxtDwUTMxrTsTcaZW9+mOZofsnFi/q3RgpBR9VNVHqVlRlcJ3nkoijYewu
FXqEG8nGZHqMneZWRHsIODa24ESrFlOiogMTuTbYNeix1lhVfOq4vS9pBmvoTUkO
vQ/evYmUtUKgqhsO7FVBGQUzEE3IMJD0bwB9YWZWdtDvv9MHoaBjiUi/KwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAuyrEb6g/TJroUyquFFQhr0SeOlMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQzdLc1J2cUQ5TW11aFRLcTRVVkNHdlJKNDZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAL9eSloxtgahkT1fdrO
f611zlmJ/JS40JhL5mdZcCHb0nuD5tFiKVOPqd0ALgFCG1DmOCQvhcUJca0ow+Ov
0HD/KQR0xPfR4w88YyrUdqPgyh9U9p5XuQ5D0vWUeLVCkzATFqx5MPS4b+KSwntL
Y76qlvjmAJ3FwwGQw34DtJek6T2JzSSoT5TWKMCXaS6eVXbGvGKQUIHxktuTy8ZZ
2hgLcrCyovs5gEeFbVzjbbI4HKsteazo7uIE983urSM5VJWGNP5msnab8Obf9StL
TdqZVSwlbdejz4EzsTqGtYEFYjbnMKbEop7JlXu19qdgyLEgW/+rVtGegbLXU+1r
1YI=
-----END CERTIFICATE-----
Generated at Thu May 1 02:52:39 2025 by rpki-client