Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VFZi-urzvMe5uaJU1cZdfHYN3rE.roa
File: VFZi-urzvMe5uaJU1cZdfHYN3rE.roa (raw, json)
Hash identifier: 6w2VIKxOWzA8x2jo3v44AQLzLLACWbIjLCYZvI00sZc=
Subject key identifier: 54:56:62:FA:EA:F3:BC:C7:B9:B9:A2:54:D5:C6:5D:7C:76:0D:DE:B1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189B5EC224D1DCDFD249293EE6F24924539
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VFZi-urzvMe5uaJU1cZdfHYN3rE.roa
Signing time: Wed 02 Aug 2023 11:04:58 +0000
ROA not before: Wed 02 Aug 2023 11:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
2001:67c:64:ffff:0:189:b5eb:98a2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b5:ec:22:4d:1d:cd:fd:24:92:93:ee:6f:24:92:45:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 2 11:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=545662faeaf3bcc7b9b9a254d5c65d7c760ddeb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:65:be:f0:77:cb:f1:ed:d8:6b:2a:5a:e1:9a:
85:0a:10:09:9b:4a:43:28:ab:1b:2d:c9:18:d7:6a:
52:ed:90:58:ba:9a:f8:f7:89:32:a9:47:08:11:b0:
ad:30:57:ae:37:39:7c:d7:3a:94:b6:32:5f:0a:9b:
e1:86:16:0e:e2:2c:97:c9:4b:bb:81:e3:3a:30:51:
d9:ce:33:87:0c:23:68:9e:29:15:7a:20:1b:55:4b:
4c:c5:63:3b:1a:f2:e2:b8:36:26:2b:5c:0e:f4:c2:
be:b9:bf:a7:38:eb:00:b6:a2:8e:6b:13:39:ae:59:
6f:77:6a:e8:35:22:06:27:10:25:88:43:82:5f:b3:
70:25:b3:1a:80:77:aa:0b:07:27:51:0e:9a:45:5e:
9a:00:45:e7:f6:b7:9b:e0:3b:2c:f6:fe:bd:03:a2:
db:41:de:40:6a:b9:04:de:2a:ca:80:3c:c3:ab:b1:
65:9c:a0:dc:a7:3c:b6:17:e9:ab:e1:c4:b0:32:55:
94:60:24:2d:7c:0f:58:f9:49:b4:8c:c8:7f:e7:3f:
cb:0d:35:c3:0a:69:6e:65:b7:95:c0:49:0d:e2:d8:
8f:f0:c4:2e:f6:fc:b0:5c:69:32:5b:c4:76:1f:8c:
d6:15:8d:32:4b:d2:a4:f3:c2:8b:80:b7:ec:29:cf:
f9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:56:62:FA:EA:F3:BC:C7:B9:B9:A2:54:D5:C6:5D:7C:76:0D:DE:B1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VFZi-urzvMe5uaJU1cZdfHYN3rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:cb:b1:26:1e:99:6d:65:74:53:82:a3:c0:c4:26:b0:37:f0:
99:b2:7c:c7:44:ae:27:4c:5e:cc:7c:1c:cb:50:b9:ca:5f:72:
b8:2d:da:21:03:70:e2:cf:90:6e:58:20:d0:89:42:cc:9d:fb:
cd:7f:ed:2e:85:2e:c2:13:0e:d9:5d:7a:96:7e:00:cf:8a:f1:
76:21:7a:c0:c6:d8:27:89:97:1b:70:35:36:ed:07:64:90:7a:
ba:60:9a:f6:85:49:36:3a:14:32:46:8d:b1:72:ea:a5:98:cc:
74:a4:0b:65:09:00:96:4f:7c:ce:99:90:51:1e:1c:24:c4:47:
a8:d7:a3:cb:ab:42:fe:37:ce:b2:16:48:47:72:14:01:47:96:
ee:f2:7e:57:71:38:6e:66:74:b4:fc:8b:8e:e1:6f:71:a0:8a:
1a:de:81:67:5d:44:f1:50:bf:83:98:da:f1:4d:84:d1:34:62:
59:ad:38:04:63:04:ce:0b:fd:9f:a2:dd:c6:93:84:ed:29:93:
6d:79:e0:b8:fc:89:c2:1b:8a:7b:d9:5a:fa:97:34:93:5c:ad:
dd:50:ed:11:5d:d9:8a:1b:38:f6:ac:a3:6c:15:3b:81:c2:ef:
6b:7e:cb:42:df:de:01:4b:4e:ed:a0:a5:90:88:bf:95:ac:f2:
f1:e3:57:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm17CJNHc39JJKT7m8kkkU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODAyMTEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDU2NjJmYWVhZjNiY2M3YjliOWEyNTRkNWM2NWQ3Yzc2MGRkZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmW+8HfL8e3Yaypa4ZqFChAJm0pD
KKsbLckY12pS7ZBYupr494kyqUcIEbCtMFeuNzl81zqUtjJfCpvhhhYO4iyXyUu7
geM6MFHZzjOHDCNonikVeiAbVUtMxWM7GvLiuDYmK1wO9MK+ub+nOOsAtqKOaxM5
rllvd2roNSIGJxAliEOCX7NwJbMagHeqCwcnUQ6aRV6aAEXn9reb4Dss9v69A6Lb
Qd5AarkE3irKgDzDq7FlnKDcpzy2F+mr4cSwMlWUYCQtfA9Y+Um0jMh/5z/LDTXD
CmluZbeVwEkN4tiP8MQu9vywXGkyW8R2H4zWFY0yS9Kk88KLgLfsKc/5HwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFRWYvrq87zHubmiVNXGXXx2Dd6xMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVkZaaS11cnp2TWU1dWFKVTFjWmRmSFlOM3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABbLsSYemW1ldFOCo8DE
JrA38JmyfMdEridMXsx8HMtQucpfcrgt2iEDcOLPkG5YINCJQsyd+81/7S6FLsIT
DtldepZ+AM+K8XYhesDG2CeJlxtwNTbtB2SQerpgmvaFSTY6FDJGjbFy6qWYzHSk
C2UJAJZPfM6ZkFEeHCTER6jXo8urQv43zrIWSEdyFAFHlu7yfldxOG5mdLT8i47h
b3GgihregWddRPFQv4OY2vFNhNE0YlmtOARjBM4L/Z+i3caThO0pk2154Lj8icIb
invZWvqXNJNcrd1Q7RFd2YobOPaso2wVO4HC72t+y0Lf3gFLTu2gpZCIv5Ws8vHj
V8s=
-----END CERTIFICATE-----
Generated at Fri May 2 10:53:37 2025 by rpki-client