Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EDc3F0rsnfzqUXvt9s1LzYjuCcY.roa
File: EDc3F0rsnfzqUXvt9s1LzYjuCcY.roa (raw, json)
Hash identifier: L4tOgiCjFWreiJLiwq7Rdco0vMNVpO1buhDKB/MaWIk=
Subject key identifier: 10:37:37:17:4A:EC:9D:FC:EA:51:7B:ED:F6:CD:4B:CD:88:EE:09:C6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185458A7CD0F84D8A873DCFD21855573F7D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EDc3F0rsnfzqUXvt9s1LzYjuCcY.roa
Signing time: Sat 24 Dec 2022 19:09:41 +0000
ROA not before: Sat 24 Dec 2022 19:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:45:8a:7c:d0:f8:4d:8a:87:3d:cf:d2:18:55:57:3f:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 24 19:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=103737174aec9dfcea517bedf6cd4bcd88ee09c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ec:eb:de:e2:45:90:e6:e5:35:fd:08:d0:c4:
1e:0c:d1:37:7b:17:cf:dc:71:e5:be:e0:06:93:c5:
d7:13:ab:07:08:49:8c:27:21:32:99:1e:84:25:70:
7c:4f:8d:75:d6:3e:53:4f:65:00:7f:60:53:6b:be:
8f:78:b0:6e:b5:22:45:5b:0d:27:ab:46:f8:c3:10:
7c:2b:54:82:00:3d:0b:7d:07:1d:fb:94:ff:96:04:
3a:57:8c:d0:66:a8:88:fe:eb:a9:ef:2f:10:96:44:
d2:60:d6:3c:ee:65:db:ee:4a:d6:26:b5:0c:08:c2:
b3:73:0c:4d:b2:36:16:92:12:33:19:87:df:6a:16:
c2:ba:a8:99:6b:22:3f:8d:2c:41:71:2e:89:09:b8:
7c:d5:74:df:8a:01:b5:74:33:13:81:9c:3e:44:3d:
aa:78:fc:2d:81:6c:27:c4:c5:7b:78:aa:47:e7:10:
ea:e0:c7:7b:e6:c3:c1:3f:aa:d8:ae:de:c7:bb:5d:
8f:4c:0b:61:f0:de:0d:4a:4f:d1:0c:cb:2b:dd:06:
ce:12:12:c2:5f:12:58:bf:f9:87:39:e7:bc:ab:b9:
e8:c6:61:73:d0:65:62:90:9f:63:40:58:7d:ed:d5:
6d:c5:d3:ae:0a:db:c1:2a:76:5e:9d:09:9f:5a:c6:
b1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:37:37:17:4A:EC:9D:FC:EA:51:7B:ED:F6:CD:4B:CD:88:EE:09:C6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EDc3F0rsnfzqUXvt9s1LzYjuCcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:6e:fd:09:24:19:2d:8b:c4:0d:3b:3d:48:9b:20:28:18:4a:
4f:c5:44:2f:b2:2c:ce:e1:3f:34:f0:3c:38:de:04:8c:64:57:
b6:3e:b3:20:55:b6:06:b4:66:fc:26:c5:9c:c0:1b:0b:fc:0d:
4b:de:3f:c3:d4:7b:08:86:6d:a8:96:5a:dc:85:21:88:a1:51:
1c:94:23:38:c7:e7:f2:1d:a1:3c:99:7d:44:b5:26:45:20:b3:
a6:e7:32:c8:a1:15:64:6e:13:08:5c:f3:57:18:e2:22:f5:9a:
53:6c:cb:af:7e:89:90:68:2e:00:f3:b9:f8:25:4a:e7:6d:f6:
91:8e:fb:6c:e1:58:77:b6:6b:c9:f2:2d:2e:cb:19:cb:45:c7:
62:6f:43:3e:92:43:e0:76:8a:eb:ca:2c:19:78:f2:65:c8:bb:
d4:85:6f:ea:bf:30:f2:6f:ee:9a:87:2c:bc:5e:6e:db:0c:84:
7d:8d:51:e6:58:58:a5:a0:23:48:24:e8:b3:b9:03:db:52:53:
ea:6d:c8:a0:bb:c8:5d:4d:c2:6d:29:7c:5b:07:9d:12:da:73:
ef:49:81:62:89:7d:16:31:87:2e:a1:f8:2d:f9:d0:8d:d2:be:
cb:9e:eb:81:14:00:7a:b1:d4:4d:2e:d7:c5:a9:c9:a0:1f:92:
09:de:2d:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVFinzQ+E2Khz3P0hhVVz99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI0MTkwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDM3MzcxNzRhZWM5ZGZjZWE1MTdiZWRmNmNkNGJjZDg4ZWUwOWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOzr3uJFkOblNf0I0MQeDNE3exfP
3HHlvuAGk8XXE6sHCEmMJyEymR6EJXB8T4111j5TT2UAf2BTa76PeLButSJFWw0n
q0b4wxB8K1SCAD0LfQcd+5T/lgQ6V4zQZqiI/uup7y8QlkTSYNY87mXb7krWJrUM
CMKzcwxNsjYWkhIzGYffahbCuqiZayI/jSxBcS6JCbh81XTfigG1dDMTgZw+RD2q
ePwtgWwnxMV7eKpH5xDq4Md75sPBP6rYrt7Hu12PTAth8N4NSk/RDMsr3QbOEhLC
XxJYv/mHOee8q7noxmFz0GVikJ9jQFh97dVtxdOuCtvBKnZenQmfWsax3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBA3NxdK7J386lF77fbNS82I7gnGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRURjM0YwcnNuZnpxVVh2dDlzMUx6WWp1Q2NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADVu/QkkGS2LxA07PUib
ICgYSk/FRC+yLM7hPzTwPDjeBIxkV7Y+syBVtga0ZvwmxZzAGwv8DUveP8PUewiG
baiWWtyFIYihURyUIzjH5/IdoTyZfUS1JkUgs6bnMsihFWRuEwhc81cY4iL1mlNs
y69+iZBoLgDzufglSudt9pGO+2zhWHe2a8nyLS7LGctFx2JvQz6SQ+B2iuvKLBl4
8mXIu9SFb+q/MPJv7pqHLLxebtsMhH2NUeZYWKWgI0gk6LO5A9tSU+ptyKC7yF1N
wm0pfFsHnRLac+9JgWKJfRYxhy6h+C350I3Svsue64EUAHqx1E0u18WpyaAfkgne
Lb4=
-----END CERTIFICATE-----
Generated at Thu May 1 10:13:48 2025 by rpki-client