Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/D3ORkJKNycHffr6EArZSjUltT1s.roa
File: D3ORkJKNycHffr6EArZSjUltT1s.roa (raw, json)
Hash identifier: BQQiqYZOpVcwzBLWdaRO7pluo+6SOWWfPYZ2fgeEFi4=
Subject key identifier: 0F:73:91:90:92:8D:C9:C1:DF:7E:BE:84:02:B6:52:8D:49:6D:4F:5B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018573E2CDD2EAD35F0EE2FDF85FA06A006C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/D3ORkJKNycHffr6EArZSjUltT1s.roa
Signing time: Mon 02 Jan 2023 19:08:41 +0000
ROA not before: Mon 02 Jan 2023 19:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:e2:cd:d2:ea:d3:5f:0e:e2:fd:f8:5f:a0:6a:00:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 2 19:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f739190928dc9c1df7ebe8402b6528d496d4f5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:86:46:35:ab:c4:9b:d8:a5:6e:5f:62:14:ad:
fe:7e:75:e2:cb:37:f9:eb:f2:34:be:3e:e1:29:02:
48:ab:1f:37:01:f0:4e:fc:6b:74:61:95:9c:09:71:
ea:18:5b:92:62:78:3b:d6:e7:66:72:4f:cf:2f:92:
9f:b5:e6:1d:58:a8:fe:6f:06:fa:6e:0d:5d:26:be:
5c:9b:52:a2:8e:7f:6b:c1:a5:b7:c0:80:d9:be:85:
0a:a5:1a:14:d1:42:e0:51:cb:6d:d1:6d:b3:bd:e4:
e0:a5:dd:f5:aa:50:02:dc:1d:d5:68:a3:15:4f:88:
d6:08:6a:07:08:5a:e9:7c:82:8a:84:ea:42:a9:48:
f3:b0:21:35:98:fd:cc:bb:9a:9a:63:ac:58:cd:8e:
5e:0d:bf:95:df:04:73:d6:c5:17:b5:9e:58:49:25:
ce:c5:23:a1:c6:7b:00:c2:a7:55:9b:8a:d2:83:a4:
c7:4f:56:d2:b1:ae:a5:01:8a:08:fd:a2:21:78:bf:
6a:eb:8c:3f:75:a7:b7:34:01:30:ce:96:1f:ab:22:
48:24:22:5f:8e:18:6a:d2:91:49:01:4c:85:b3:cc:
95:87:21:9d:df:90:f0:d5:2c:7c:8a:5d:f1:06:73:
9a:42:62:7f:05:d7:3f:a0:ae:91:23:ac:53:aa:d1:
e1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:73:91:90:92:8D:C9:C1:DF:7E:BE:84:02:B6:52:8D:49:6D:4F:5B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/D3ORkJKNycHffr6EArZSjUltT1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:28:a6:de:a0:b4:59:3e:72:e0:16:6c:1f:e8:c2:8d:bc:cd:
38:0f:7e:94:19:26:92:6e:0e:ce:ce:96:a9:a2:10:05:2c:a3:
4e:21:ba:75:54:4d:0c:23:12:d7:db:ca:2d:43:e7:3a:9d:af:
e7:9e:e0:1d:04:fa:48:c8:08:1e:49:eb:ad:41:92:17:85:de:
86:fd:0f:df:fc:fa:c2:eb:89:50:b2:09:1c:eb:f3:7d:53:f8:
4f:63:9f:6b:90:59:b5:9e:7b:ae:51:d7:bb:e6:f4:ec:53:98:
af:31:2c:41:2e:ed:1c:a1:c9:97:ad:3c:9c:d0:54:78:5b:7f:
b6:44:de:a6:77:54:1c:93:b2:be:57:2c:ba:48:7f:4a:7f:89:
de:d6:1b:08:6b:2f:88:57:b7:70:0f:aa:d5:95:ec:69:02:19:
45:fd:67:d2:83:c6:45:35:f9:a3:40:9e:8c:04:e0:21:e3:ff:
de:7e:fb:9b:e0:f8:3e:62:05:1c:83:c1:ff:77:9e:35:03:4f:
10:b2:f6:e2:87:bd:e0:6e:a9:fa:bd:b7:02:a4:2b:99:3f:d2:
45:f9:d4:f5:e9:05:f1:ed:9b:a4:be:2f:8c:b6:ef:d7:cf:39:
3d:ec:d0:5f:4b:c7:90:56:91:39:a3:24:41:32:c8:2b:a5:ef:
ae:7d:68:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVz4s3S6tNfDuL9+F+gagBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAyMTkwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjczOTE5MDkyOGRjOWMxZGY3ZWJlODQwMmI2NTI4ZDQ5NmQ0ZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoZGNavEm9ilbl9iFK3+fnXiyzf5
6/I0vj7hKQJIqx83AfBO/Gt0YZWcCXHqGFuSYng71udmck/PL5KfteYdWKj+bwb6
bg1dJr5cm1Kijn9rwaW3wIDZvoUKpRoU0ULgUctt0W2zveTgpd31qlAC3B3VaKMV
T4jWCGoHCFrpfIKKhOpCqUjzsCE1mP3Mu5qaY6xYzY5eDb+V3wRz1sUXtZ5YSSXO
xSOhxnsAwqdVm4rSg6THT1bSsa6lAYoI/aIheL9q64w/dae3NAEwzpYfqyJIJCJf
jhhq0pFJAUyFs8yVhyGd35Dw1Sx8il3xBnOaQmJ/Bdc/oK6RI6xTqtHhSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA9zkZCSjcnB336+hAK2Uo1JbU9bMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRDNPUmtKS055Y0hmZnI2RUFyWlNqVWx0VDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABgopt6gtFk+cuAWbB/o
wo28zTgPfpQZJpJuDs7OlqmiEAUso04hunVUTQwjEtfbyi1D5zqdr+ee4B0E+kjI
CB5J661BkheF3ob9D9/8+sLriVCyCRzr831T+E9jn2uQWbWee65R17vm9OxTmK8x
LEEu7RyhyZetPJzQVHhbf7ZE3qZ3VByTsr5XLLpIf0p/id7WGwhrL4hXt3APqtWV
7GkCGUX9Z9KDxkU1+aNAnowE4CHj/95++5vg+D5iBRyDwf93njUDTxCy9uKHveBu
qfq9twKkK5k/0kX51PXpBfHtm6S+L4y279fPOT3s0F9Lx5BWkTmjJEEyyCul7659
aNw=
-----END CERTIFICATE-----
Generated at Thu May 1 05:45:07 2025 by rpki-client