Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DtYUvqik2usPAtCu1saSpmhyeYY.roa
File: DtYUvqik2usPAtCu1saSpmhyeYY.roa (raw, json)
Hash identifier: +0sROdXgb8N2Evh1Br8iYWD907+7SXfMQfxpRiQwrlg=
Subject key identifier: 0E:D6:14:BE:A8:A4:DA:EB:0F:02:D0:AE:D6:C6:92:A6:68:72:79:86
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E55806BFA2FEBDADEB19E3C4E7213C63
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DtYUvqik2usPAtCu1saSpmhyeYY.roa
Signing time: Fri 11 Aug 2023 16:04:58 +0000
ROA not before: Fri 11 Aug 2023 16:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:e557:870d/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e5:58:06:bf:a2:fe:bd:ad:eb:19:e3:c4:e7:21:3c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 11 16:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ed614bea8a4daeb0f02d0aed6c692a668727986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:90:be:d5:53:de:60:c0:e3:6e:9f:1a:da:5c:
16:ed:ec:cc:3a:76:bf:83:b5:c3:6e:43:65:b2:00:
db:7b:75:d3:b5:5c:d1:30:a2:5c:ee:a1:1e:91:22:
00:dc:57:e8:9b:7a:63:de:ae:f5:6f:16:85:95:f3:
58:53:6c:21:c3:4d:3a:e9:03:c0:88:47:f7:4f:74:
bb:60:9d:dc:c5:2f:9d:ae:6f:f6:5f:90:b5:e1:89:
de:54:ac:2e:5e:3f:01:ac:d9:97:b3:97:98:51:d8:
b3:4e:cd:41:19:05:0e:64:bb:2a:91:13:da:7d:f4:
f7:17:57:a8:89:4b:dd:b7:ae:5a:01:cf:7a:6a:39:
21:ed:f3:a5:bc:b6:fa:3d:9d:f3:ed:8f:bf:df:e9:
8d:b7:4b:15:a8:65:6d:96:7b:6f:8c:7f:d6:28:30:
cf:3b:4c:d3:df:72:d7:89:78:25:f1:c2:bb:1c:56:
83:37:13:b4:14:fe:ce:84:45:82:cc:76:5b:66:07:
64:b6:ed:5b:cf:62:d7:34:fb:13:71:0c:a8:cf:e8:
24:8a:33:83:02:a0:71:46:a8:50:15:a7:c2:f8:f1:
6d:5b:31:1e:9e:ee:77:97:80:58:47:6d:64:12:e9:
d1:33:f7:e2:5f:fd:92:fd:07:e8:c0:fe:ad:84:90:
38:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D6:14:BE:A8:A4:DA:EB:0F:02:D0:AE:D6:C6:92:A6:68:72:79:86
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DtYUvqik2usPAtCu1saSpmhyeYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4c:0c:8c:22:88:12:18:80:c6:2e:d3:77:2e:00:7d:c8:84:06:
65:f0:82:2c:86:f5:aa:fc:b5:29:63:7f:5b:d5:1d:f3:d2:e5:
27:f4:b0:16:38:6e:a6:2b:15:46:fc:6a:a3:82:a9:2b:71:20:
62:a2:98:0d:10:6b:a4:07:80:26:a5:ea:86:bc:63:e9:4f:9d:
04:1e:0a:24:fc:f1:1b:1b:d3:2d:00:50:84:68:ef:71:06:f5:
c4:15:24:26:07:61:85:8a:71:10:0e:e9:de:0d:4e:1d:3e:56:
d9:2e:e2:64:1a:d1:70:19:79:c5:8f:1f:41:37:f8:66:db:4b:
39:c8:aa:6e:0a:f3:f9:14:fc:38:71:d8:0f:c2:4c:a2:1d:23:
6f:78:cb:36:dc:88:a9:b8:30:e1:28:c4:39:08:75:1e:4e:50:
04:46:bb:81:89:ba:fa:2e:b1:88:01:35:b8:f9:64:9c:b8:2b:
27:e0:f4:cc:42:b4:8b:ad:1d:a8:00:33:30:21:9b:8e:1c:8d:
3c:38:05:70:db:d3:21:dd:7e:12:e9:6a:8b:e9:3a:36:26:57:
db:d9:6c:b2:9b:2b:37:31:a1:b9:99:5c:89:df:ff:af:65:f2:
a2:7b:c9:07:2c:e7:4f:53:01:20:5c:36:2d:27:f7:9b:41:d6:
cd:d4:af:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnlWAa/ov69resZ48TnITxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODExMTYwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWQ2MTRiZWE4YTRkYWViMGYwMmQwYWVkNmM2OTJhNjY4NzI3OTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25C+1VPeYMDjbp8a2lwW7ezMOna/
g7XDbkNlsgDbe3XTtVzRMKJc7qEekSIA3Ffom3pj3q71bxaFlfNYU2whw0066QPA
iEf3T3S7YJ3cxS+drm/2X5C14YneVKwuXj8BrNmXs5eYUdizTs1BGQUOZLsqkRPa
ffT3F1eoiUvdt65aAc96ajkh7fOlvLb6PZ3z7Y+/3+mNt0sVqGVtlntvjH/WKDDP
O0zT33LXiXgl8cK7HFaDNxO0FP7OhEWCzHZbZgdktu1bz2LXNPsTcQyoz+gkijOD
AqBxRqhQFafC+PFtWzEenu53l4BYR21kEunRM/fiX/2S/QfowP6thJA41QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA7WFL6opNrrDwLQrtbGkqZocnmGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRHRZVXZxaWsydXNQQXRDdTFzYVNwbWh5ZVlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEwMjCKIEhiAxi7Tdy4A
fciEBmXwgiyG9ar8tSljf1vVHfPS5Sf0sBY4bqYrFUb8aqOCqStxIGKimA0Qa6QH
gCal6oa8Y+lPnQQeCiT88Rsb0y0AUIRo73EG9cQVJCYHYYWKcRAO6d4NTh0+Vtku
4mQa0XAZecWPH0E3+GbbSznIqm4K8/kU/Dhx2A/CTKIdI294yzbciKm4MOEoxDkI
dR5OUARGu4GJuvousYgBNbj5ZJy4Kyfg9MxCtIutHagAMzAhm44cjTw4BXDb0yHd
fhLpaovpOjYmV9vZbLKbKzcxobmZXInf/69l8qJ7yQcs509TASBcNi0n95tB1s3U
r6Y=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:25:26 2025 by rpki-client