Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RfyVk_ZiEoaAXaVttehV4dsku2o.roa
File: RfyVk_ZiEoaAXaVttehV4dsku2o.roa (raw, json)
Hash identifier: CEsZKbIw8Go5i2yAt/Q6mxfvKOWpnk0jxIdTWjcGhWk=
Subject key identifier: 45:FC:95:93:F6:62:12:86:80:5D:A5:6D:B5:E8:55:E1:DB:24:BB:6A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856C611D989C4781952DAD40B28A7F9C0C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RfyVk_ZiEoaAXaVttehV4dsku2o.roa
Signing time: Sun 01 Jan 2023 08:09:41 +0000
ROA not before: Sun 01 Jan 2023 08:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:61:1d:98:9c:47:81:95:2d:ad:40:b2:8a:7f:9c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 1 08:09:41 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=45fc9593f6621286805da56db5e855e1db24bb6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:47:c1:d8:6c:fc:9d:1b:97:d2:a0:da:e4:c5:
3e:a5:a4:d4:93:99:27:e2:ff:ab:19:bc:dc:1d:b2:
c1:ec:6a:cf:7d:b7:21:7f:aa:0c:96:4b:89:62:43:
ff:df:61:53:97:61:19:f6:b2:67:59:c4:90:08:a1:
d9:12:a4:27:eb:ef:7b:e4:e1:a1:fd:9c:8f:77:e4:
ff:d0:39:92:ba:01:31:bc:fd:60:0a:10:53:53:da:
04:e5:1a:f7:a7:f5:4f:af:7e:4a:4b:b5:fc:f9:ae:
b4:7e:2d:59:dd:33:59:3e:14:8d:92:3c:e1:cd:05:
2b:9c:6d:b9:b8:2e:f0:d1:53:9f:30:82:32:71:cc:
e6:0a:00:49:03:f0:b5:42:1c:9e:37:e6:c8:d3:8b:
69:0c:a2:ad:f5:82:a1:59:15:04:1c:b7:8c:5e:8f:
14:45:52:47:49:00:67:30:a1:13:ca:70:f5:bc:7b:
68:73:4f:de:0e:c0:74:cc:4c:c1:61:af:bb:c1:da:
b5:3e:80:6a:c5:d1:49:25:3c:99:ad:3a:5d:14:ab:
e6:05:55:60:47:15:62:90:6c:b4:c6:2e:38:21:2d:
ae:0b:92:71:5b:2b:55:73:9d:e8:01:62:2d:d8:2f:
d4:0c:26:55:7e:ce:4e:f2:88:d6:65:01:14:fc:a4:
25:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:FC:95:93:F6:62:12:86:80:5D:A5:6D:B5:E8:55:E1:DB:24:BB:6A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RfyVk_ZiEoaAXaVttehV4dsku2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:af:70:fe:f0:41:37:52:88:03:51:16:8d:f6:1f:b4:92:79:
3b:1e:37:91:60:41:f1:4d:06:e6:a7:4d:b5:e2:37:53:c5:ca:
6e:48:a4:af:4e:d9:d9:06:c5:10:fd:83:57:11:b1:e1:a1:5d:
bf:26:07:fb:23:a4:46:7a:31:f6:63:71:5d:82:ca:e6:74:ca:
0b:d1:76:57:f0:8f:35:a5:02:41:6c:4a:35:a0:7a:8b:49:25:
ef:00:6e:00:2e:27:90:72:eb:12:2b:84:9f:c2:7c:53:8d:3b:
fa:8d:56:fc:34:b6:d3:d3:61:9a:2e:27:a9:fa:c5:73:27:eb:
c5:56:0a:6f:bd:16:48:26:77:68:21:80:e4:56:84:9a:ba:47:
27:95:cf:e1:d0:0b:83:1a:45:7e:4d:f9:05:0c:06:2f:f7:69:
08:06:c3:02:0e:44:19:a7:c7:ee:d0:80:f0:8f:19:c1:a7:f7:
b0:38:19:cb:b1:2d:e4:fe:89:f8:f6:89:03:3c:88:ac:b1:e8:
4d:d1:7f:dd:be:33:b7:93:5c:36:02:04:ff:e4:a7:ea:f3:78:
c8:c5:41:f6:08:54:d1:47:e4:a9:67:91:10:52:8b:da:25:43:
06:45:a4:89:95:3b:b2:f0:2a:21:20:c3:42:7e:74:bf:da:6e:
89:70:a7:8b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsYR2YnEeBlS2tQLKKf5wMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAxMDgwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWZjOTU5M2Y2NjIxMjg2ODA1ZGE1NmRiNWU4NTVlMWRiMjRiYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkfB2Gz8nRuX0qDa5MU+paTUk5kn
4v+rGbzcHbLB7GrPfbchf6oMlkuJYkP/32FTl2EZ9rJnWcSQCKHZEqQn6+975OGh
/ZyPd+T/0DmSugExvP1gChBTU9oE5Rr3p/VPr35KS7X8+a60fi1Z3TNZPhSNkjzh
zQUrnG25uC7w0VOfMIIycczmCgBJA/C1QhyeN+bI04tpDKKt9YKhWRUEHLeMXo8U
RVJHSQBnMKETynD1vHtoc0/eDsB0zEzBYa+7wdq1PoBqxdFJJTyZrTpdFKvmBVVg
RxVikGy0xi44IS2uC5JxWytVc53oAWIt2C/UDCZVfs5O8ojWZQEU/KQlnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEX8lZP2YhKGgF2lbbXoVeHbJLtqMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUmZ5VmtfWmlFb2FBWGFWdHRlaFY0ZHNrdTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACSvcP7wQTdSiANRFo32
H7SSeTseN5FgQfFNBuanTbXiN1PFym5IpK9O2dkGxRD9g1cRseGhXb8mB/sjpEZ6
MfZjcV2CyuZ0ygvRdlfwjzWlAkFsSjWgeotJJe8AbgAuJ5By6xIrhJ/CfFONO/qN
Vvw0ttPTYZouJ6n6xXMn68VWCm+9Fkgmd2ghgORWhJq6RyeVz+HQC4MaRX5N+QUM
Bi/3aQgGwwIORBmnx+7QgPCPGcGn97A4GcuxLeT+ifj2iQM8iKyx6E3Rf92+M7eT
XDYCBP/kp+rzeMjFQfYIVNFH5KlnkRBSi9olQwZFpImVO7LwKiEgw0J+dL/abolw
p4s=
-----END CERTIFICATE-----
Generated at Thu May 1 11:54:51 2025 by rpki-client