Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VCnCjZAXjtdYnVjryB6Uk5tdKFk.roa
File: VCnCjZAXjtdYnVjryB6Uk5tdKFk.roa (raw, json)
Hash identifier: 5Nmld15DJKf6LnDXSR1ILgqoqRUdv3UEOp9UhPtW5XY=
Subject key identifier: 54:29:C2:8D:90:17:8E:D7:58:9D:58:EB:C8:1E:94:93:9B:5D:28:59
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3A9C24BB9325F11150614EA0A6689392
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VCnCjZAXjtdYnVjryB6Uk5tdKFk.roa
Signing time: Mon 28 Aug 2023 05:27:06 +0000
ROA not before: Mon 28 Aug 2023 05:27:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3a:9c:24:bb:93:25:f1:11:50:61:4e:a0:a6:68:93:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 05:27:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5429c28d90178ed7589d58ebc81e94939b5d2859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f2:ec:6f:39:83:b7:14:02:be:18:38:24:f8:
58:d6:bb:e9:d1:e5:5d:70:3f:6c:bd:35:ef:67:41:
08:64:d0:a9:09:67:20:79:5a:c9:1b:56:9a:15:2d:
f0:f6:bb:ce:fe:55:4d:eb:14:8f:6b:b1:d4:1b:ac:
18:78:32:34:eb:f6:05:37:6d:74:67:26:10:14:19:
2f:39:09:96:ed:62:1e:35:64:13:e7:c0:e6:14:d2:
9d:4d:de:95:2a:89:ff:15:12:32:31:23:af:be:cc:
29:eb:ed:54:7f:c5:b5:ba:c0:4f:85:76:29:ee:3f:
1b:dc:97:fe:04:fc:65:2c:da:99:ac:86:24:d7:65:
bc:09:4b:75:7b:c3:d1:d4:4b:04:cd:dd:7d:9e:b0:
28:07:d0:29:62:09:21:7b:4f:d3:bc:02:81:b6:a5:
d3:b3:85:06:ed:7d:85:bc:07:28:af:87:e9:d1:8d:
30:3f:a2:ef:87:da:a3:3e:11:61:41:cd:21:f7:e5:
83:85:f5:5b:ca:64:3a:51:de:3f:ac:9d:29:3f:b4:
9d:84:ee:71:09:b7:a9:fb:f4:62:d8:6f:29:2f:ea:
22:1d:31:27:9a:39:b7:01:93:67:e2:ae:dd:e2:a9:
06:e6:06:73:f2:6f:5f:ea:aa:4c:ee:7b:b2:f2:01:
a8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:29:C2:8D:90:17:8E:D7:58:9D:58:EB:C8:1E:94:93:9B:5D:28:59
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VCnCjZAXjtdYnVjryB6Uk5tdKFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:c1:53:9d:cb:9a:85:1d:39:9a:d6:48:dc:b7:5d:aa:bd:a8:
05:98:26:8d:7c:1a:0b:43:22:3f:ea:fa:98:80:ce:0d:66:ae:
4a:b0:a3:c9:7a:0a:9d:13:54:86:1d:33:84:23:0b:26:9e:68:
1e:ea:75:d9:0a:ee:92:57:9e:69:35:70:5e:f8:98:43:79:f2:
e7:63:bf:29:6a:59:46:79:ce:14:bf:27:4b:e0:f7:d9:01:fd:
59:c4:fd:14:89:a3:33:22:d7:4a:00:d6:d4:a8:4c:79:27:1e:
dd:c1:ac:57:4e:ff:ac:a4:52:51:9d:35:fc:30:a9:ab:a7:1f:
e3:e6:63:25:af:97:c0:d4:02:52:05:e0:11:ba:02:4b:21:d4:
de:cc:6c:8d:f3:25:d7:e6:3a:9f:97:92:91:a8:96:81:1c:21:
51:eb:9a:b3:21:67:2c:35:57:8c:62:a4:60:b0:28:b8:44:16:
e7:97:47:7b:11:70:3d:28:d3:df:0b:ec:bb:67:8f:76:86:5c:
1b:1d:dc:26:b4:12:7c:67:d8:90:71:f9:8c:cb:d0:b2:df:92:
14:bb:78:bd:48:33:8a:bd:57:b2:03:ed:3d:74:4c:af:c7:76:
bd:a1:9f:4d:88:ce:b3:4e:f7:20:d5:48:12:fe:ba:fa:c8:56:
25:bf:a9:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo6nCS7kyXxEVBhTqCmaJOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI4MDUyNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDI5YzI4ZDkwMTc4ZWQ3NTg5ZDU4ZWJjODFlOTQ5MzliNWQyODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvLsbzmDtxQCvhg4JPhY1rvp0eVd
cD9svTXvZ0EIZNCpCWcgeVrJG1aaFS3w9rvO/lVN6xSPa7HUG6wYeDI06/YFN210
ZyYQFBkvOQmW7WIeNWQT58DmFNKdTd6VKon/FRIyMSOvvswp6+1Uf8W1usBPhXYp
7j8b3Jf+BPxlLNqZrIYk12W8CUt1e8PR1EsEzd19nrAoB9ApYgkhe0/TvAKBtqXT
s4UG7X2FvAcor4fp0Y0wP6Lvh9qjPhFhQc0h9+WDhfVbymQ6Ud4/rJ0pP7SdhO5x
Cbep+/Ri2G8pL+oiHTEnmjm3AZNn4q7d4qkG5gZz8m9f6qpM7nuy8gGoYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFQpwo2QF47XWJ1Y68gelJObXShZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVkNuQ2paQVhqdGRZblZqcnlCNlVrNXRkS0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJvBU53LmoUdOZrWSNy3
Xaq9qAWYJo18GgtDIj/q+piAzg1mrkqwo8l6Cp0TVIYdM4QjCyaeaB7qddkK7pJX
nmk1cF74mEN58udjvylqWUZ5zhS/J0vg99kB/VnE/RSJozMi10oA1tSoTHknHt3B
rFdO/6ykUlGdNfwwqaunH+PmYyWvl8DUAlIF4BG6Aksh1N7MbI3zJdfmOp+XkpGo
loEcIVHrmrMhZyw1V4xipGCwKLhEFueXR3sRcD0o098L7Ltnj3aGXBsd3Ca0Enxn
2JBx+YzL0LLfkhS7eL1IM4q9V7ID7T10TK/Hdr2hn02IzrNO9yDVSBL+uvrIViW/
qZc=
-----END CERTIFICATE-----
Generated at Thu May 1 09:30:15 2025 by rpki-client