Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FLOWuSB3b4pk5t6w5QMwov3JqiQ.roa
File: FLOWuSB3b4pk5t6w5QMwov3JqiQ.roa (raw, json)
Hash identifier: 5RFWKheWE6uId9M6EsdBeQ7Zrb0bDYn0fzoQA7VXl9U=
Subject key identifier: 14:B3:96:B9:20:77:6F:8A:64:E6:DE:B0:E5:03:30:A2:FD:C9:AA:24
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856F2B39BCAAA7C899A015366CD79AEE88
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FLOWuSB3b4pk5t6w5QMwov3JqiQ.roa
Signing time: Sun 01 Jan 2023 21:09:41 +0000
ROA not before: Sun 01 Jan 2023 21:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2b:39:bc:aa:a7:c8:99:a0:15:36:6c:d7:9a:ee:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 1 21:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14b396b920776f8a64e6deb0e50330a2fdc9aa24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:49:3c:de:77:2d:f5:0c:09:96:5f:f8:bf:9d:
f2:df:fe:0e:22:d5:a6:37:58:02:bb:90:23:a8:18:
72:c6:03:f1:80:5a:27:39:f6:0e:e7:da:e9:0e:1d:
90:50:4f:ec:7b:1e:32:57:b8:fe:f5:8a:36:ef:91:
f0:56:c9:86:95:1f:43:4b:07:47:e4:98:20:a7:b9:
ef:ad:74:80:33:6b:87:f6:cd:03:47:67:b0:96:02:
86:50:a9:ca:cc:60:cd:92:f0:26:d5:6d:ad:0d:d7:
5f:2d:95:3d:f5:6f:d2:de:9a:38:a9:97:ca:eb:58:
7f:af:4d:5d:7e:22:c4:b1:b9:4c:9f:89:b2:de:4a:
29:db:dd:dc:c0:bb:ed:f8:f7:9a:6b:5e:c5:98:ad:
96:d6:d0:41:9e:97:f1:8b:9f:1d:29:22:a6:08:2c:
51:fa:87:81:c6:60:47:8d:1a:7b:8f:d9:be:10:a2:
f5:a7:b3:75:7a:88:29:0b:50:63:79:31:36:ac:3d:
0e:8a:9d:ca:a1:da:35:19:64:ce:1c:3c:54:cb:b0:
d5:2a:4e:e2:7e:b1:39:d9:49:14:2b:b0:50:ae:f9:
9b:71:84:2d:f0:18:b3:2b:5f:dc:e7:ff:79:e6:fc:
52:b6:53:7c:88:59:38:a4:d3:a4:1b:dc:f3:61:d2:
44:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B3:96:B9:20:77:6F:8A:64:E6:DE:B0:E5:03:30:A2:FD:C9:AA:24
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FLOWuSB3b4pk5t6w5QMwov3JqiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:6a:a6:ad:a0:8e:ab:e4:62:c3:88:db:e2:e2:ec:e9:a7:ce:
e0:09:cc:ea:79:49:2a:61:38:f2:1b:72:49:a6:35:75:9f:44:
08:96:b9:05:53:87:d5:df:81:9c:d0:9f:1e:28:b6:60:2f:95:
a7:e2:31:95:c1:ec:f3:e0:e9:a7:5c:62:4b:cc:7c:7d:d1:f0:
55:c8:f8:a5:bf:50:71:84:61:2d:d4:18:2e:53:10:99:0e:c8:
b3:60:e6:0a:f9:de:79:d8:9c:2a:80:69:29:7c:f0:ad:1e:ef:
ae:93:74:05:81:4b:e8:5b:d5:73:56:56:ad:66:95:89:e2:ae:
cc:fa:0c:f1:d4:4f:25:00:5a:5d:37:8c:29:31:d8:e9:0f:49:
d7:b1:d5:8e:18:70:13:b0:bb:8c:fb:b5:13:f1:4c:c1:9b:2b:
5b:35:45:ee:18:65:71:1f:29:df:5a:f2:1e:2f:65:53:19:19:
c8:07:da:15:62:1e:cf:05:87:44:a7:58:d4:20:0d:4d:b1:c9:
a8:4b:a2:f9:4d:9c:a1:4a:6c:a8:6f:8b:be:1a:00:8a:5f:07:
24:8e:35:1d:24:9c:f7:b2:13:a9:5c:e7:38:03:13:10:7b:51:
0d:17:25:9b:a4:0f:a8:50:09:28:80:90:70:d7:d3:da:39:2f:
79:ad:57:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvKzm8qqfImaAVNmzXmu6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAxMjEwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGIzOTZiOTIwNzc2ZjhhNjRlNmRlYjBlNTAzMzBhMmZkYzlhYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUk83nct9QwJll/4v53y3/4OItWm
N1gCu5AjqBhyxgPxgFonOfYO59rpDh2QUE/sex4yV7j+9Yo275HwVsmGlR9DSwdH
5Jggp7nvrXSAM2uH9s0DR2ewlgKGUKnKzGDNkvAm1W2tDddfLZU99W/S3po4qZfK
61h/r01dfiLEsblMn4my3kop293cwLvt+Peaa17FmK2W1tBBnpfxi58dKSKmCCxR
+oeBxmBHjRp7j9m+EKL1p7N1eogpC1BjeTE2rD0Oip3Kodo1GWTOHDxUy7DVKk7i
frE52UkUK7BQrvmbcYQt8BizK1/c5/955vxStlN8iFk4pNOkG9zzYdJETQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBSzlrkgd2+KZObesOUDMKL9yaokMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRkxPV3VTQjNiNHBrNXQ2dzVRTXdvdjNKcWlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAJqpq2gjqvkYsOI2+Li
7OmnzuAJzOp5SSphOPIbckmmNXWfRAiWuQVTh9XfgZzQnx4otmAvlafiMZXB7PPg
6adcYkvMfH3R8FXI+KW/UHGEYS3UGC5TEJkOyLNg5gr53nnYnCqAaSl88K0e766T
dAWBS+hb1XNWVq1mlYnirsz6DPHUTyUAWl03jCkx2OkPSdex1Y4YcBOwu4z7tRPx
TMGbK1s1Re4YZXEfKd9a8h4vZVMZGcgH2hViHs8Fh0SnWNQgDU2xyahLovlNnKFK
bKhvi74aAIpfBySONR0knPeyE6lc5zgDExB7UQ0XJZukD6hQCSiAkHDX09o5L3mt
V8c=
-----END CERTIFICATE-----
Generated at Thu May 1 17:08:06 2025 by rpki-client