Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Rpdorh47sBXWgMhz4nQwQrTid1k.roa
File: Rpdorh47sBXWgMhz4nQwQrTid1k.roa (raw, json)
Hash identifier: CNe4kFJ82U7d2Y1y0zlSj4CG/5/x2zg6py4VQvkzRH8=
Subject key identifier: 46:97:68:AE:1E:3B:B0:15:D6:80:C8:73:E2:74:30:42:B4:E2:77:59
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018628C86F26AC8EBD81FA20321FFE23A396
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Rpdorh47sBXWgMhz4nQwQrTid1k.roa
Signing time: Mon 06 Feb 2023 22:11:09 +0000
ROA not before: Mon 06 Feb 2023 22:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:28:c8:6f:26:ac:8e:bd:81:fa:20:32:1f:fe:23:a3:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 6 22:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=469768ae1e3bb015d680c873e2743042b4e27759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:aa:d5:90:2f:16:ff:ba:d2:75:a9:e3:09:1a:
80:0d:3f:1c:9e:dd:cf:73:ec:18:04:9f:c2:83:ae:
fd:51:ed:40:b3:2d:9c:3a:c3:9b:14:a7:64:ab:b0:
83:34:65:5f:33:b9:12:d5:8e:83:d9:7a:d9:f5:5f:
c5:89:c0:83:83:ac:56:2b:23:c8:f2:32:c4:cd:1d:
cf:2f:56:1e:4b:a0:9f:ce:48:ed:be:50:52:ca:c5:
a6:fb:f9:7f:f8:b7:78:e5:46:93:f4:dd:4f:d4:60:
00:2a:03:05:d1:6a:f0:cb:a4:fb:9c:91:ce:d9:7e:
25:5c:f8:47:92:fc:7a:f6:a0:e3:a7:73:0e:26:9a:
64:04:bc:57:b1:70:17:3f:08:c2:cd:8d:73:ad:a0:
0e:e4:a3:ad:ee:4c:80:b5:c9:86:0e:2c:27:56:fb:
0e:d1:1c:f1:be:67:45:cf:52:94:dc:6d:c6:16:3d:
5a:88:77:66:4f:a0:a1:eb:e9:20:80:cc:34:53:58:
bb:1b:2d:7d:c7:85:28:52:b6:61:95:3c:17:4e:0a:
32:f0:b2:55:8e:65:c3:ad:87:51:29:4e:a8:71:50:
2f:df:fe:7c:d4:4b:f9:b3:3e:8f:1b:29:a8:ee:8e:
61:9b:4b:a5:e4:f8:c3:67:3c:b1:7d:1f:7c:1d:7a:
c2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:97:68:AE:1E:3B:B0:15:D6:80:C8:73:E2:74:30:42:B4:E2:77:59
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Rpdorh47sBXWgMhz4nQwQrTid1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:a7:4f:86:76:cd:a3:39:e5:50:76:d0:37:ed:0b:4e:8e:60:
be:38:96:7a:87:9f:1a:e0:00:45:c9:eb:a6:c3:f4:a3:29:5c:
98:b4:34:fe:34:5d:b9:37:a9:85:f4:dc:cf:84:53:e4:34:12:
e3:da:92:29:6f:f6:8b:9f:9a:cc:29:86:bf:10:f3:87:87:ae:
88:f2:19:42:bd:90:01:c4:80:13:1a:07:97:cc:fb:d7:22:95:
ad:fe:a9:b4:74:94:07:cd:ef:09:74:35:12:20:73:9b:9f:2a:
71:5d:e3:08:b6:17:4d:d4:03:a9:90:15:cb:e6:9d:58:d0:d6:
06:e0:6e:43:16:71:32:8f:bc:dc:b1:84:16:9e:39:43:4b:30:
3d:e4:45:a3:a4:5e:f4:d4:83:f0:6b:4d:a9:a6:56:c4:e5:39:
4d:b7:95:84:a5:0a:48:4b:45:93:4e:57:d0:ee:f8:9c:17:90:
85:44:f1:0f:77:01:18:e0:b1:8e:0f:97:7f:11:4a:7b:88:40:
d6:3f:6f:fc:2a:d5:8e:22:fc:02:9f:25:2e:4a:a0:26:81:f9:
64:01:46:f1:0a:79:18:22:92:e5:16:21:02:9d:3d:07:fe:e5:
31:5e:06:68:36:5e:36:be:81:e3:3d:a3:19:27:a5:39:45:56:
74:43:db:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYoyG8mrI69gfogMh/+I6OWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjA2MjIxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njk3NjhhZTFlM2JiMDE1ZDY4MGM4NzNlMjc0MzA0MmI0ZTI3NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6rVkC8W/7rSdanjCRqADT8cnt3P
c+wYBJ/Cg679Ue1Asy2cOsObFKdkq7CDNGVfM7kS1Y6D2XrZ9V/FicCDg6xWKyPI
8jLEzR3PL1YeS6CfzkjtvlBSysWm+/l/+Ld45UaT9N1P1GAAKgMF0Wrwy6T7nJHO
2X4lXPhHkvx69qDjp3MOJppkBLxXsXAXPwjCzY1zraAO5KOt7kyAtcmGDiwnVvsO
0RzxvmdFz1KU3G3GFj1aiHdmT6Ch6+kggMw0U1i7Gy19x4UoUrZhlTwXTgoy8LJV
jmXDrYdRKU6ocVAv3/581Ev5sz6PGymo7o5hm0ul5PjDZzyxfR98HXrCgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEaXaK4eO7AV1oDIc+J0MEK04ndZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUnBkb3JoNDdzQlhXZ01oejRuUXdRclRpZDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGanT4Z2zaM55VB20Dft
C06OYL44lnqHnxrgAEXJ66bD9KMpXJi0NP40Xbk3qYX03M+EU+Q0EuPakilv9ouf
mswphr8Q84eHrojyGUK9kAHEgBMaB5fM+9cila3+qbR0lAfN7wl0NRIgc5ufKnFd
4wi2F03UA6mQFcvmnVjQ1gbgbkMWcTKPvNyxhBaeOUNLMD3kRaOkXvTUg/BrTamm
VsTlOU23lYSlCkhLRZNOV9Du+JwXkIVE8Q93ARjgsY4Pl38RSnuIQNY/b/wq1Y4i
/AKfJS5KoCaB+WQBRvEKeRgikuUWIQKdPQf+5TFeBmg2Xja+geM9oxknpTlFVnRD
21I=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:29:40 2025 by rpki-client