Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DMS0unlHgmDsNaggLifF90i3tHI.roa
File: DMS0unlHgmDsNaggLifF90i3tHI.roa (raw, json)
Hash identifier: Rvwkcm+SYz2s6qAvLK+EJVLqx1FQKp8mXY4InGsftao=
Subject key identifier: 0C:C4:B4:BA:79:47:82:60:EC:35:A8:20:2E:27:C5:F7:48:B7:B4:72
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01821AE2209B039815C50E479C6DF2FBB115
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DMS0unlHgmDsNaggLifF90i3tHI.roa
Signing time: Wed 20 Jul 2022 09:13:23 +0000
ROA not before: Wed 20 Jul 2022 09:13:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1a:e2:20:9b:03:98:15:c5:0e:47:9c:6d:f2:fb:b1:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 20 09:13:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0cc4b4ba79478260ec35a8202e27c5f748b7b472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:19:b5:d2:19:9f:ca:40:39:01:19:4a:c7:a0:
b6:7e:88:c2:06:c4:9f:ba:cf:fc:d6:3c:a4:09:e5:
46:e5:79:c9:f1:76:52:d4:24:55:11:a4:0b:70:06:
47:f7:4f:76:bf:a4:97:12:2e:6f:bf:26:dc:85:71:
8f:09:c0:6b:39:85:e5:f2:5f:5f:00:6a:b9:d2:ca:
3b:69:1a:8f:4b:92:ae:e8:7d:cf:de:80:bb:b4:f9:
81:2c:fb:31:b9:1f:4f:e1:2d:17:49:c0:bd:a5:30:
25:d0:55:c2:cb:10:fa:09:a1:46:13:d5:37:c4:3a:
82:8d:53:d4:a6:18:fd:c8:d6:a3:64:70:0e:08:38:
32:0b:55:e2:50:95:78:a4:83:09:d2:9c:77:f6:eb:
5e:a1:e1:8d:c8:f7:1a:32:9b:38:a1:9a:e7:fe:e1:
ae:ee:37:0c:c3:03:65:d0:47:5e:93:25:14:34:6f:
76:f7:8f:22:03:b1:bc:2a:ad:51:f0:47:7d:65:be:
a6:00:05:9f:6c:6c:0a:86:31:72:78:f9:57:4e:a9:
98:95:9d:24:34:c3:70:4b:78:e9:80:ee:12:0c:d5:
e5:02:f1:69:97:bd:87:55:18:2c:6f:46:f7:08:19:
cc:54:ee:8f:ad:50:67:7c:12:c7:4b:99:54:8b:c1:
07:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C4:B4:BA:79:47:82:60:EC:35:A8:20:2E:27:C5:F7:48:B7:B4:72
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DMS0unlHgmDsNaggLifF90i3tHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:db:0f:7c:2e:fa:55:b6:b5:23:71:54:14:1b:d6:dd:9c:b6:
7b:20:34:1a:00:0a:44:90:10:d4:53:6d:47:b3:d4:1a:2a:e3:
c9:c7:f8:c1:1f:df:a3:45:bc:1b:c3:40:c1:04:aa:dc:79:9e:
c8:a3:a8:03:be:76:76:35:da:41:52:72:48:3f:07:8b:a1:3c:
5d:78:68:d2:fd:eb:be:6f:16:40:08:af:79:dd:bd:83:ff:24:
5a:9e:ed:61:02:71:02:10:e4:47:82:d6:f0:52:88:98:7c:1e:
b1:b3:a0:1d:0b:82:f0:3f:46:fb:6d:37:c6:36:2a:e1:d2:49:
38:18:5a:e2:b4:34:84:ae:53:ce:78:3c:9a:d0:1a:77:c4:16:
1c:3f:09:e8:af:1e:84:44:35:39:3e:13:3f:bf:6b:ee:f0:d6:
8c:ff:84:32:99:0d:26:50:07:7e:46:ed:76:ff:ef:42:84:05:
00:40:f5:fd:42:83:a7:ca:1f:ff:76:45:66:f1:ae:40:e2:ab:
b9:2b:47:57:c0:51:4f:74:60:e4:bd:10:70:db:b0:09:0a:5a:
44:6a:19:79:54:a0:89:84:28:e0:89:b7:b0:b2:1b:31:dd:7a:
7b:53:44:e5:55:2a:21:6d:00:1f:2e:e3:1f:de:19:33:92:a0:
b2:b6:87:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYIa4iCbA5gVxQ5HnG3y+7EVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzIwMDkxMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2M0YjRiYTc5NDc4MjYwZWMzNWE4MjAyZTI3YzVmNzQ4YjdiNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hm10hmfykA5ARlKx6C2fojCBsSf
us/81jykCeVG5XnJ8XZS1CRVEaQLcAZH9092v6SXEi5vvybchXGPCcBrOYXl8l9f
AGq50so7aRqPS5Ku6H3P3oC7tPmBLPsxuR9P4S0XScC9pTAl0FXCyxD6CaFGE9U3
xDqCjVPUphj9yNajZHAOCDgyC1XiUJV4pIMJ0px39uteoeGNyPcaMps4oZrn/uGu
7jcMwwNl0EdekyUUNG92948iA7G8Kq1R8Ed9Zb6mAAWfbGwKhjFyePlXTqmYlZ0k
NMNwS3jpgO4SDNXlAvFpl72HVRgsb0b3CBnMVO6PrVBnfBLHS5lUi8EHNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAzEtLp5R4Jg7DWoIC4nxfdIt7RyMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRE1TMHVubEhnbURzTmFnZ0xpZkY5MGkzdEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFPbD3wu+lW2tSNxVBQb
1t2ctnsgNBoACkSQENRTbUez1Boq48nH+MEf36NFvBvDQMEEqtx5nsijqAO+dnY1
2kFSckg/B4uhPF14aNL9675vFkAIr3ndvYP/JFqe7WECcQIQ5EeC1vBSiJh8HrGz
oB0LgvA/RvttN8Y2KuHSSTgYWuK0NISuU854PJrQGnfEFhw/CeivHoRENTk+Ez+/
a+7w1oz/hDKZDSZQB35G7Xb/70KEBQBA9f1Cg6fKH/92RWbxrkDiq7krR1fAUU90
YOS9EHDbsAkKWkRqGXlUoImEKOCJt7CyGzHdentTROVVKiFtAB8u4x/eGTOSoLK2
h84=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:56:47 2025 by rpki-client