Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Rzbuy5BmvivkrGOLApc9DMj9BQ8.roa
File: Rzbuy5BmvivkrGOLApc9DMj9BQ8.roa (raw, json)
Hash identifier: LQlLEl5UtQNmaJ9SmBwSD7xRrPoS0WHJqb2nLJwU3Q0=
Subject key identifier: 47:36:EE:CB:90:66:BE:2B:E4:AC:63:8B:02:97:3D:0C:C8:FD:05:0F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185059AF98A03113185ED5A36291C01B0D6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Rzbuy5BmvivkrGOLApc9DMj9BQ8.roa
Signing time: Mon 12 Dec 2022 09:12:00 +0000
ROA not before: Mon 12 Dec 2022 09:12:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:9a:f9:8a:03:11:31:85:ed:5a:36:29:1c:01:b0:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 12 09:12:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4736eecb9066be2be4ac638b02973d0cc8fd050f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:23:90:56:ca:e6:c2:2a:fa:c2:60:a4:03:c6:
09:7e:e9:ab:4f:f8:20:96:f5:9a:bc:4a:8d:a3:2b:
41:b7:44:f3:f4:9f:e0:e5:24:7d:ba:33:eb:c5:18:
2b:7e:e6:64:2d:2b:fb:f7:06:23:04:d3:91:0f:e8:
40:40:ff:25:71:26:f2:c7:88:dc:62:87:8e:d0:e1:
3f:99:5d:84:ef:5d:e9:2d:d1:9c:8b:65:27:0b:ed:
a6:f8:97:68:24:99:94:62:80:f5:f3:b7:47:f2:3c:
00:19:1a:7e:87:ed:94:c4:69:e8:e2:16:4d:92:a1:
b4:43:11:73:9a:ad:81:82:74:6d:b2:8a:16:b6:c4:
13:14:57:f1:c0:26:c8:c8:bc:7c:39:ae:1a:90:39:
67:fd:da:7b:7a:ae:08:1b:c1:3c:0d:0e:39:e1:00:
c9:b2:10:60:16:be:9a:0d:19:c3:dd:6b:46:e5:48:
7e:e4:8c:e8:cd:d3:25:68:1b:78:d2:17:50:a7:65:
3b:16:e6:a7:df:0c:54:07:14:d5:79:83:57:af:42:
df:63:26:98:e2:4d:0a:19:ba:37:6b:2b:9e:e2:f1:
0c:05:23:87:49:92:77:cc:95:9d:6d:f7:63:44:7b:
d7:56:0b:aa:71:c1:84:c8:9f:cb:fa:ef:54:79:17:
8a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:36:EE:CB:90:66:BE:2B:E4:AC:63:8B:02:97:3D:0C:C8:FD:05:0F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Rzbuy5BmvivkrGOLApc9DMj9BQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:0c:c0:5c:58:1c:61:db:d1:df:79:6d:74:9d:af:20:5b:a0:
0c:a6:99:2d:12:04:9f:65:2b:69:9f:06:34:c7:13:5a:5e:62:
a3:3b:60:19:c3:ac:28:0d:6a:6c:51:6f:7e:2e:e6:6d:0a:36:
a3:cd:23:61:d6:61:27:58:fc:01:13:c5:89:60:06:22:b8:f1:
80:cf:43:64:a9:f1:c3:63:ec:83:20:42:e0:58:c4:3a:55:40:
18:b2:f2:72:2a:00:19:42:38:39:50:bd:73:1a:0f:be:5b:ee:
a7:07:73:d9:ec:94:13:74:1f:48:a9:f5:a3:0f:da:48:84:7b:
51:e7:0d:b2:35:21:4e:0e:cd:71:75:9f:15:fc:76:e5:94:b7:
85:42:ff:52:78:90:0e:76:32:6d:93:d3:68:cc:ea:bd:cc:20:
08:27:f2:fe:fc:63:06:2c:6c:71:9a:80:c4:61:88:ff:1f:0d:
28:52:48:29:f1:87:25:b5:36:1d:3b:54:2a:fb:b5:95:5a:db:
db:2c:09:46:b0:bc:46:31:39:4f:32:57:75:38:47:ae:c2:33:
36:f5:52:3a:2a:b4:9c:c2:6b:37:72:d4:9b:14:6d:6c:f6:c7:
42:75:30:ba:42:f9:02:67:7e:cc:38:37:5c:1f:5a:d8:b7:d4:
f9:8f:29:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUFmvmKAxExhe1aNikcAbDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjEyMDkxMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzM2ZWVjYjkwNjZiZTJiZTRhYzYzOGIwMjk3M2QwY2M4ZmQwNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1COQVsrmwir6wmCkA8YJfumrT/gg
lvWavEqNoytBt0Tz9J/g5SR9ujPrxRgrfuZkLSv79wYjBNORD+hAQP8lcSbyx4jc
YoeO0OE/mV2E713pLdGci2UnC+2m+JdoJJmUYoD187dH8jwAGRp+h+2UxGno4hZN
kqG0QxFzmq2BgnRtsooWtsQTFFfxwCbIyLx8Oa4akDln/dp7eq4IG8E8DQ454QDJ
shBgFr6aDRnD3WtG5Uh+5IzozdMlaBt40hdQp2U7Fuan3wxUBxTVeYNXr0LfYyaY
4k0KGbo3ayue4vEMBSOHSZJ3zJWdbfdjRHvXVguqccGEyJ/L+u9UeReKzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEc27suQZr4r5KxjiwKXPQzI/QUPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUnpidXk1Qm12aXZrckdPTEFwYzlETWo5QlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFcMwFxYHGHb0d95bXSd
ryBboAymmS0SBJ9lK2mfBjTHE1peYqM7YBnDrCgNamxRb34u5m0KNqPNI2HWYSdY
/AETxYlgBiK48YDPQ2Sp8cNj7IMgQuBYxDpVQBiy8nIqABlCODlQvXMaD75b7qcH
c9nslBN0H0ip9aMP2kiEe1HnDbI1IU4OzXF1nxX8duWUt4VC/1J4kA52Mm2T02jM
6r3MIAgn8v78YwYsbHGagMRhiP8fDShSSCnxhyW1Nh07VCr7tZVa29ssCUawvEYx
OU8yV3U4R67CMzb1UjoqtJzCazdy1JsUbWz2x0J1MLpC+QJnfsw4N1wfWti31PmP
KZo=
-----END CERTIFICATE-----
Generated at Fri May 2 20:41:41 2025 by rpki-client