Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Dm3K2PDdVtTCArIA5UFPA2hpJww.roa
File: Dm3K2PDdVtTCArIA5UFPA2hpJww.roa (raw, json)
Hash identifier: nWPzGsBrTq4kut9LFS5sV3hoPE/6+gyMcWPJO9/T2/Q=
Subject key identifier: 0E:6D:CA:D8:F0:DD:56:D4:C2:02:B2:00:E5:41:4F:03:68:69:27:0C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185CE0B854A80933F85A2E1AB32458C3A70
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Dm3K2PDdVtTCArIA5UFPA2hpJww.roa
Signing time: Fri 20 Jan 2023 07:18:59 +0000
ROA not before: Fri 20 Jan 2023 07:18:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ce:0b:85:4a:80:93:3f:85:a2:e1:ab:32:45:8c:3a:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 20 07:18:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e6dcad8f0dd56d4c202b200e5414f036869270c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9b:8d:db:1a:8d:a1:9a:aa:64:cc:00:8a:2a:
bb:fd:6d:9a:82:78:b9:ee:ae:3e:d1:56:6f:f6:d5:
fc:b9:3d:85:28:0f:35:30:17:b5:ed:40:16:3e:42:
9c:56:fd:68:00:67:b7:57:5e:44:a7:e8:64:f0:9b:
7b:9d:54:b4:81:c4:95:f5:a5:7a:51:1f:b7:61:b6:
f5:a3:1a:37:c5:46:c4:06:88:b2:28:c6:46:44:ab:
cb:58:12:a3:23:ba:7b:05:9f:63:c6:dc:63:8f:f5:
6e:e6:d0:2b:75:c8:b9:95:5e:4a:20:25:c8:65:8e:
45:98:a3:0f:d8:3c:4b:94:9d:ab:05:87:74:37:62:
7d:6a:c9:65:14:10:7b:e6:27:11:bc:0e:c0:0e:27:
42:42:ac:7d:1b:d2:04:ac:9b:0a:43:30:29:6f:a0:
1c:e1:c9:0e:31:af:d1:88:3a:02:5b:60:3c:f5:47:
a8:f4:6d:35:b3:bf:e2:cd:9d:d9:ce:9c:e9:ae:da:
18:27:7f:a1:65:b5:df:e3:fd:97:37:80:f2:5e:d8:
07:d9:fa:21:a4:1c:45:6e:33:4a:2b:ab:cb:51:10:
51:03:b2:b5:b7:29:1f:7a:50:9c:5f:21:13:e4:34:
71:34:ea:4e:70:28:d0:94:55:9f:d0:50:16:b2:e4:
2f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:6D:CA:D8:F0:DD:56:D4:C2:02:B2:00:E5:41:4F:03:68:69:27:0C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Dm3K2PDdVtTCArIA5UFPA2hpJww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:20:bd:49:ce:f3:d3:c7:df:fa:02:c8:2b:54:34:b1:90:e3:
76:b1:be:29:59:f6:27:5b:f1:0b:44:f3:9d:c9:24:82:fe:1a:
5a:f6:0b:1c:ed:29:c9:87:0f:7a:8e:f1:51:bd:e9:f6:47:40:
ba:04:23:8f:4c:b0:97:fc:55:56:c1:1d:9c:72:bb:f3:f1:74:
56:e9:96:d2:8c:c1:f5:37:7c:5f:d0:48:26:d5:05:8f:3e:b3:
03:36:e2:3c:d0:94:2b:7f:d2:23:2b:cb:1c:6a:d2:14:cb:c6:
0f:6d:a1:cd:c4:f8:9c:83:fa:ef:f7:5e:b5:d5:05:f9:a0:59:
84:b7:c2:de:3e:84:c4:05:8d:32:71:cb:30:ae:e3:dd:af:1c:
3c:7f:f4:62:e5:b8:29:b3:ab:81:f1:28:ff:a7:cf:ee:d2:20:
8b:21:d7:60:c8:76:42:00:0d:0a:d3:df:64:5d:51:92:93:3d:
d9:26:92:cd:16:72:7d:e1:51:c9:d1:3f:bd:9e:80:f3:b5:75:
27:f7:9a:e9:b1:79:c5:aa:7a:e7:d5:12:78:3e:e1:58:91:4f:
40:f5:bf:7f:57:7b:23:89:0d:fa:45:f0:54:6f:e3:a9:8f:c1:
10:a1:70:f0:d9:58:4f:48:8e:f6:2b:f9:7f:e4:cf:9e:48:e5:
fe:6f:19:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXOC4VKgJM/haLhqzJFjDpwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIwMDcxODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTZkY2FkOGYwZGQ1NmQ0YzIwMmIyMDBlNTQxNGYwMzY4NjkyNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJuN2xqNoZqqZMwAiiq7/W2agni5
7q4+0VZv9tX8uT2FKA81MBe17UAWPkKcVv1oAGe3V15Ep+hk8Jt7nVS0gcSV9aV6
UR+3Ybb1oxo3xUbEBoiyKMZGRKvLWBKjI7p7BZ9jxtxjj/Vu5tArdci5lV5KICXI
ZY5FmKMP2DxLlJ2rBYd0N2J9asllFBB75icRvA7ADidCQqx9G9IErJsKQzApb6Ac
4ckOMa/RiDoCW2A89Ueo9G01s7/izZ3ZzpzprtoYJ3+hZbXf4/2XN4DyXtgH2foh
pBxFbjNKK6vLURBRA7K1tykfelCcXyET5DRxNOpOcCjQlFWf0FAWsuQvjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA5tytjw3VbUwgKyAOVBTwNoaScMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRG0zSzJQRGRWdFRDQXJJQTVVRlBBMmhwSnd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJQgvUnO89PH3/oCyCtU
NLGQ43axvilZ9idb8QtE853JJIL+Glr2CxztKcmHD3qO8VG96fZHQLoEI49MsJf8
VVbBHZxyu/PxdFbpltKMwfU3fF/QSCbVBY8+swM24jzQlCt/0iMryxxq0hTLxg9t
oc3E+JyD+u/3XrXVBfmgWYS3wt4+hMQFjTJxyzCu492vHDx/9GLluCmzq4HxKP+n
z+7SIIsh12DIdkIADQrT32RdUZKTPdkmks0Wcn3hUcnRP72egPO1dSf3mumxecWq
eufVEng+4ViRT0D1v39XeyOJDfpF8FRv46mPwRChcPDZWE9IjvYr+X/kz55I5f5v
GaE=
-----END CERTIFICATE-----
Generated at Thu May 1 11:23:53 2025 by rpki-client