Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NFUuBqIQeDYOpOzzOA45kdRMDlQ.roa
File: NFUuBqIQeDYOpOzzOA45kdRMDlQ.roa (raw, json)
Hash identifier: vMbgD64H+xaCXqqt/0czkkikr2bevwKOwIbcTJgjRDk=
Subject key identifier: 34:55:2E:06:A2:10:78:36:0E:A4:EC:F3:38:0E:39:91:D4:4C:0E:54
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018584319D5DE85966C0E8646AE9A4D0E789
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NFUuBqIQeDYOpOzzOA45kdRMDlQ.roa
Signing time: Thu 05 Jan 2023 23:08:41 +0000
ROA not before: Thu 05 Jan 2023 23:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:84:31:9d:5d:e8:59:66:c0:e8:64:6a:e9:a4:d0:e7:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 5 23:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34552e06a21078360ea4ecf3380e3991d44c0e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e6:97:80:7b:52:11:92:80:1d:52:11:fb:68:
ff:21:c3:83:4f:ca:e8:81:0e:e3:25:bd:81:2c:b3:
d7:7b:52:bc:07:65:db:21:00:e0:50:4d:53:5b:2d:
11:41:2d:c5:00:55:82:c2:cd:07:11:00:6e:ca:b9:
c0:d6:11:48:9a:5b:67:86:1d:80:f1:43:67:d1:60:
2a:b4:64:e8:7c:6d:45:45:72:f7:fe:3f:56:1a:ea:
a0:be:8e:7c:ca:91:55:74:0d:07:ff:86:b5:db:75:
b3:85:d7:6f:af:d0:3f:35:84:55:40:32:37:13:ce:
14:ac:70:7a:0b:94:de:05:3e:7b:b4:ce:14:14:96:
07:eb:8e:43:45:d9:44:91:4b:a3:6c:9f:c2:c0:78:
4e:38:ba:09:e4:fb:1e:ca:a1:cc:30:d9:5e:4c:fe:
f6:ea:3b:79:68:49:ea:1e:60:37:c9:1b:34:e1:06:
39:a6:52:89:23:2d:e1:ed:1f:6d:c2:ac:4e:5f:48:
8f:3b:bb:4f:33:3b:c8:e1:be:71:e8:40:c9:a3:da:
fa:cb:91:d4:22:a3:e5:ce:df:4c:05:47:95:cd:35:
83:07:be:f4:30:52:a0:96:37:49:61:6c:64:d3:65:
ff:24:b0:67:93:e9:90:dc:16:9e:1b:69:17:ef:9f:
9a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:55:2E:06:A2:10:78:36:0E:A4:EC:F3:38:0E:39:91:D4:4C:0E:54
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NFUuBqIQeDYOpOzzOA45kdRMDlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:e9:2d:b9:9f:27:0d:57:44:e3:13:79:de:5e:53:64:1c:1d:
61:77:18:9f:b2:73:f6:04:2c:1b:0e:6e:4e:3f:cc:13:f8:53:
60:c7:7c:70:1e:47:b2:58:cb:38:59:02:c6:fb:2a:3d:23:d5:
65:a9:77:b8:37:4b:f4:d1:d2:46:6b:8e:1f:80:0d:90:96:25:
97:1a:f0:49:b0:9e:b5:8b:5f:4c:72:5b:de:a5:96:8d:2e:9d:
f0:86:54:a4:cc:71:c9:bd:36:c5:7d:38:1b:94:70:00:ab:f5:
82:9c:96:13:07:d2:e8:cc:c3:b3:32:b3:ea:85:7a:78:ff:8d:
a8:9d:d8:ca:b2:06:20:ce:ec:e0:0f:fd:06:02:f1:50:e0:ea:
a5:30:70:6e:64:23:df:9a:0f:53:33:fa:9f:8c:6c:c9:12:39:
ac:db:fc:f5:13:66:11:ca:81:25:c4:cd:77:a3:9d:73:57:d3:
83:0e:80:d6:31:41:23:4e:49:d9:e6:ee:a3:6b:c5:dd:53:14:
b3:88:f6:c8:b3:25:30:6d:a6:04:c6:98:e2:47:31:3c:16:71:
1d:85:e5:e4:ab:a8:9b:8b:85:bb:0b:5e:99:dd:b7:d5:f6:4a:
dd:5d:64:6f:91:6d:bb:f3:e2:f7:94:19:bc:a1:a0:0a:a2:84:
e5:14:18:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWEMZ1d6FlmwOhkaumk0OeJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA1MjMwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDU1MmUwNmEyMTA3ODM2MGVhNGVjZjMzODBlMzk5MWQ0NGMwZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+aXgHtSEZKAHVIR+2j/IcODT8ro
gQ7jJb2BLLPXe1K8B2XbIQDgUE1TWy0RQS3FAFWCws0HEQBuyrnA1hFImltnhh2A
8UNn0WAqtGTofG1FRXL3/j9WGuqgvo58ypFVdA0H/4a123Wzhddvr9A/NYRVQDI3
E84UrHB6C5TeBT57tM4UFJYH645DRdlEkUujbJ/CwHhOOLoJ5PseyqHMMNleTP72
6jt5aEnqHmA3yRs04QY5plKJIy3h7R9twqxOX0iPO7tPMzvI4b5x6EDJo9r6y5HU
IqPlzt9MBUeVzTWDB770MFKgljdJYWxk02X/JLBnk+mQ3BaeG2kX75+arwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDRVLgaiEHg2DqTs8zgOOZHUTA5UMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTkZVdUJxSVFlRFlPcE96ek9BNDVrZFJNRGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFXpLbmfJw1XROMTed5e
U2QcHWF3GJ+yc/YELBsObk4/zBP4U2DHfHAeR7JYyzhZAsb7Kj0j1WWpd7g3S/TR
0kZrjh+ADZCWJZca8EmwnrWLX0xyW96llo0unfCGVKTMccm9NsV9OBuUcACr9YKc
lhMH0ujMw7Mys+qFenj/jaid2MqyBiDO7OAP/QYC8VDg6qUwcG5kI9+aD1Mz+p+M
bMkSOazb/PUTZhHKgSXEzXejnXNX04MOgNYxQSNOSdnm7qNrxd1TFLOI9sizJTBt
pgTGmOJHMTwWcR2F5eSrqJuLhbsLXpndt9X2St1dZG+Rbbvz4veUGbyhoAqihOUU
GKM=
-----END CERTIFICATE-----
Generated at Thu May 1 03:26:36 2025 by rpki-client