Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FTLjkMulpGtKRDVNe7tfH3s_Wr4.roa
File: FTLjkMulpGtKRDVNe7tfH3s_Wr4.roa (raw, json)
Hash identifier: GZMN/vnPxBHHqzZOABCeoRgILXiku6boT5mNWl8ZY94=
Subject key identifier: 15:32:E3:90:CB:A5:A4:6B:4A:44:35:4D:7B:BB:5F:1F:7B:3F:5A:BE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01854B1DC99957EED57FA8919CF0B0A07706
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FTLjkMulpGtKRDVNe7tfH3s_Wr4.roa
Signing time: Sun 25 Dec 2022 21:08:41 +0000
ROA not before: Sun 25 Dec 2022 21:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4b:1d:c9:99:57:ee:d5:7f:a8:91:9c:f0:b0:a0:77:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 25 21:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1532e390cba5a46b4a44354d7bbb5f1f7b3f5abe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:27:12:8a:37:5c:11:95:5f:39:bd:2f:bb:04:
7f:f8:1e:b3:3c:40:af:ee:49:aa:b5:fe:1b:be:4d:
e1:08:57:32:51:1c:a3:77:8a:43:a5:d8:87:d5:63:
d9:92:82:f7:e1:9c:21:17:2f:c6:c5:3d:0d:2e:fc:
7c:9d:0d:da:d6:49:3d:32:d1:6d:ea:d7:74:ff:c4:
12:8f:b7:30:16:9a:81:25:70:fb:10:27:a6:f3:8d:
64:2a:0f:cc:aa:3e:96:c1:2a:b9:64:bb:ae:6a:8c:
8a:5e:2d:b9:b9:2e:7d:89:95:90:38:4c:ab:44:ae:
61:0f:01:9c:dc:f0:47:39:fd:bd:1a:c5:96:ba:6a:
e5:be:4c:04:ec:94:38:96:d5:ca:41:2c:7b:af:13:
35:92:4e:5e:27:94:a5:3e:90:04:77:77:9d:09:66:
0c:fe:39:f6:e5:0e:fc:82:92:9a:c2:e3:5c:55:a6:
64:a9:8f:ae:c9:31:d4:1c:10:4e:e7:4a:11:87:db:
ec:e1:e1:26:64:e1:2f:14:f8:f7:8a:a1:12:88:f4:
99:2c:e9:7e:86:a7:bb:89:cf:9c:2d:a4:90:e9:cd:
34:56:98:e8:07:97:2f:6a:a5:fe:16:6c:15:9f:de:
44:91:81:ea:eb:c1:52:44:c4:15:83:43:a6:56:b9:
7c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:32:E3:90:CB:A5:A4:6B:4A:44:35:4D:7B:BB:5F:1F:7B:3F:5A:BE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FTLjkMulpGtKRDVNe7tfH3s_Wr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:06:3f:a7:e6:58:70:4e:d4:34:5e:56:f2:14:3a:cd:5a:c6:
f7:0e:d1:bd:6b:e3:5d:51:4a:a6:4a:53:8f:81:09:b3:0d:bc:
ac:5d:69:f6:7b:15:e7:19:10:03:1a:4b:e8:bd:97:aa:4c:78:
f8:a1:fc:7f:bc:63:7d:57:4f:03:77:98:b3:54:1f:2f:2b:7d:
11:1c:d3:6b:d0:f0:38:ef:1f:55:bd:a8:d8:73:21:e1:f6:23:
84:50:14:4e:1c:71:cf:ed:e4:b3:8d:ea:f0:f5:62:88:d1:51:
34:cd:89:08:bd:d8:f2:11:44:cf:04:7f:f0:5a:2a:4d:9d:b7:
2f:0b:5b:78:44:65:63:a4:61:32:ff:9f:44:37:30:19:b3:f6:
58:6b:f9:44:67:cc:14:ae:a7:93:94:22:ae:87:02:3a:67:e1:
39:99:da:56:3f:6e:34:26:ff:f1:fe:cd:32:79:f3:62:84:52:
00:9d:16:2b:2a:2c:69:6e:79:12:8c:80:7a:88:10:73:61:13:
63:f1:06:06:7f:a4:34:71:b3:81:d2:eb:04:8c:85:5a:cd:cb:
53:47:18:b5:7a:87:6c:7e:0b:46:ce:27:2d:8b:50:2f:12:ab:
e3:12:92:47:70:e5:2b:c9:68:b9:a2:29:4c:61:6a:7b:d3:ac:
fe:e7:a7:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVLHcmZV+7Vf6iRnPCwoHcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI1MjEwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTMyZTM5MGNiYTVhNDZiNGE0NDM1NGQ3YmJiNWYxZjdiM2Y1YWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlScSijdcEZVfOb0vuwR/+B6zPECv
7kmqtf4bvk3hCFcyURyjd4pDpdiH1WPZkoL34ZwhFy/GxT0NLvx8nQ3a1kk9MtFt
6td0/8QSj7cwFpqBJXD7ECem841kKg/Mqj6WwSq5ZLuuaoyKXi25uS59iZWQOEyr
RK5hDwGc3PBHOf29GsWWumrlvkwE7JQ4ltXKQSx7rxM1kk5eJ5SlPpAEd3edCWYM
/jn25Q78gpKawuNcVaZkqY+uyTHUHBBO50oRh9vs4eEmZOEvFPj3iqESiPSZLOl+
hqe7ic+cLaSQ6c00VpjoB5cvaqX+FmwVn95EkYHq68FSRMQVg0OmVrl8uQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBUy45DLpaRrSkQ1TXu7Xx97P1q+MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRlRMamtNdWxwR3RLUkRWTmU3dGZIM3NfV3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACIGP6fmWHBO1DReVvIU
Os1axvcO0b1r411RSqZKU4+BCbMNvKxdafZ7FecZEAMaS+i9l6pMePih/H+8Y31X
TwN3mLNUHy8rfREc02vQ8DjvH1W9qNhzIeH2I4RQFE4ccc/t5LON6vD1YojRUTTN
iQi92PIRRM8Ef/BaKk2dty8LW3hEZWOkYTL/n0Q3MBmz9lhr+URnzBSup5OUIq6H
Ajpn4TmZ2lY/bjQm//H+zTJ582KEUgCdFisqLGlueRKMgHqIEHNhE2PxBgZ/pDRx
s4HS6wSMhVrNy1NHGLV6h2x+C0bOJy2LUC8Sq+MSkkdw5SvJaLmiKUxhanvTrP7n
p2Y=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:05:26 2025 by rpki-client