Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CitVNPoVdB5YFRRpwhaF088peQM.roa
File: CitVNPoVdB5YFRRpwhaF088peQM.roa (raw, json)
Hash identifier: Qq76H1yme/J3i9V2Z72Hn1nMxZ3QxIb49SxsvBoQDUM=
Subject key identifier: 0A:2B:55:34:FA:15:74:1E:58:15:14:69:C2:16:85:D3:CF:29:79:03
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 778FDD60
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CitVNPoVdB5YFRRpwhaF088peQM.roa
Signing time: Fri 01 Apr 2022 17:10:47 +0000
ROA not before: Fri 01 Apr 2022 17:10:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2005917024 (0x778fdd60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 1 17:10:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a2b5534fa15741e58151469c21685d3cf297903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bd:a3:0c:38:af:65:25:f7:99:1c:4d:d6:e5:
37:5f:2e:15:2e:c3:10:84:14:0c:3c:1f:3e:0a:61:
6d:aa:e6:d6:a0:8a:6a:2a:b9:63:6a:ed:1e:93:af:
f9:15:52:91:1a:e9:a9:72:dd:19:ea:c0:59:c9:0a:
c8:55:e5:3e:dc:85:6a:25:18:33:db:6c:4e:8e:50:
3d:ac:31:bb:bd:a1:7e:d2:c1:fb:13:6d:32:0f:f3:
e3:c3:5b:d8:68:ee:d1:06:9e:39:da:8c:bc:7a:88:
62:b6:a5:31:1b:3a:32:12:ab:04:d7:7a:8d:b3:86:
24:93:32:50:e3:ff:1d:29:73:a5:f6:04:50:67:58:
18:3a:c0:93:4d:2c:ca:19:0e:96:17:a3:f6:e1:84:
e3:eb:ec:29:88:dc:f5:11:5e:96:68:2f:12:93:5f:
e5:8e:5b:29:97:73:c8:ec:5d:58:42:1b:06:17:d0:
f4:f5:b3:3c:d5:09:15:62:59:00:98:59:d6:30:92:
46:15:48:47:fe:6d:e9:ac:df:27:32:23:ab:26:6d:
b4:6f:14:13:5a:aa:b6:91:17:bc:02:56:31:b1:17:
07:85:60:96:d4:5e:46:5f:b4:90:9c:f7:da:a3:73:
d3:67:1d:1d:f3:31:a3:48:01:95:5f:59:f4:a3:04:
c1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2B:55:34:FA:15:74:1E:58:15:14:69:C2:16:85:D3:CF:29:79:03
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CitVNPoVdB5YFRRpwhaF088peQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:40:76:4f:c1:33:09:f0:26:46:df:fb:dc:f6:9c:1b:8a:01:
ef:83:76:63:8f:cb:ec:87:36:35:51:8a:dc:5a:d5:3a:21:84:
24:4b:cc:2f:c3:a2:1e:11:a2:99:5f:e7:8e:7a:0e:6e:78:a6:
06:f5:c0:0b:41:a9:79:5c:29:f9:2d:17:7a:0e:84:07:99:a0:
cf:f5:c6:95:12:fc:1d:4d:69:f7:a9:b1:90:42:eb:6b:d2:c5:
5c:9c:72:6d:5e:dd:02:4b:c4:b3:11:dd:ff:47:c6:e4:09:93:
aa:42:3e:98:8d:32:69:d2:72:6b:c3:0e:96:f8:8c:e8:b4:04:
4d:73:a7:0a:07:0a:2a:df:7e:9f:4b:a0:68:e4:67:4c:77:47:
31:f4:32:34:28:86:f6:ef:c9:c9:91:12:f7:b2:e6:c2:53:3c:
70:20:ef:f8:b3:7b:1a:24:79:10:de:4a:8c:90:99:3f:7d:3e:
8c:9e:a6:6c:25:da:59:6d:36:c5:09:d4:30:42:6c:8a:26:c7:
1b:47:d4:06:6d:34:ec:fb:94:a8:9a:80:3a:10:60:f1:e2:15:
e3:a9:3a:dc:84:f7:4f:02:0e:e4:d1:d7:23:ac:ae:86:3b:87:
2e:74:6c:37:17:1a:d2:c2:7d:fc:59:66:fc:22:52:f6:c9:12:
31:e0:2f:b7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEd4/dYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQw
MTE3MTA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGEyYjU1MzRmYTE1
NzQxZTU4MTUxNDY5YzIxNjg1ZDNjZjI5NzkwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK69oww4r2Ul95kcTdblN18uFS7DEIQUDDwfPgphbarm1qCK
aiq5Y2rtHpOv+RVSkRrpqXLdGerAWckKyFXlPtyFaiUYM9tsTo5QPawxu72hftLB
+xNtMg/z48Nb2Gju0QaeOdqMvHqIYralMRs6MhKrBNd6jbOGJJMyUOP/HSlzpfYE
UGdYGDrAk00syhkOlhej9uGE4+vsKYjc9RFelmgvEpNf5Y5bKZdzyOxdWEIbBhfQ
9PWzPNUJFWJZAJhZ1jCSRhVIR/5t6azfJzIjqyZttG8UE1qqtpEXvAJWMbEXB4Vg
ltReRl+0kJz32qNz02cdHfMxo0gBlV9Z9KMEwQMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQKK1U0+hV0HlgVFGnCFoXTzyl5AzAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L0NpdFZOUG9WZEI1WUZSUnB3aGFGMDg4cGVRTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBKQHZPwTMJ8CZG3/vc9pwbigHvg3Zjj8vshzY1
UYrcWtU6IYQkS8wvw6IeEaKZX+eOeg5ueKYG9cALQal5XCn5LRd6DoQHmaDP9caV
EvwdTWn3qbGQQutr0sVcnHJtXt0CS8SzEd3/R8bkCZOqQj6YjTJp0nJrww6W+Izo
tARNc6cKBwoq336fS6Bo5GdMd0cx9DI0KIb278nJkRL3subCUzxwIO/4s3saJHkQ
3kqMkJk/fT6MnqZsJdpZbTbFCdQwQmyKJscbR9QGbTTs+5SomoA6EGDx4hXjqTrc
hPdPAg7k0dcjrK6GO4cudGw3FxrSwn38WWb8IlL2yRIx4C+3
-----END CERTIFICATE-----
Generated at Thu May 1 06:46:25 2025 by rpki-client