Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VFrP7NBX_7f1_aYy8fg4LI_TvaE.roa
File: VFrP7NBX_7f1_aYy8fg4LI_TvaE.roa (raw, json)
Hash identifier: I3Fs7705kzekt22lb1H25mmw+Tw6QR6bh+p1MDISLvI=
Subject key identifier: 54:5A:CF:EC:D0:57:FF:B7:F5:FD:A6:32:F1:F8:38:2C:8F:D3:BD:A1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186A3C2F98E6B54379C14FD8F0A44DC52E9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VFrP7NBX_7f1_aYy8fg4LI_TvaE.roa
Signing time: Thu 02 Mar 2023 19:18:29 +0000
ROA not before: Thu 02 Mar 2023 19:18:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a3:c2:f9:8e:6b:54:37:9c:14:fd:8f:0a:44:dc:52:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 2 19:18:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=545acfecd057ffb7f5fda632f1f8382c8fd3bda1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b0:31:a3:1c:81:b7:48:cd:63:55:ae:0b:be:
78:d9:86:c0:df:d0:82:9d:7d:59:52:a5:1e:97:ee:
f4:ce:0d:e6:68:ef:24:b6:a9:c1:5d:88:38:13:31:
dd:33:d2:74:82:9f:70:dd:73:18:91:78:ed:bb:92:
f9:cc:81:dd:dc:03:68:70:6c:1d:bf:21:f9:74:38:
bb:7e:2e:04:eb:81:36:ec:b7:97:d2:1f:dc:f8:ca:
81:8f:ed:17:c7:e3:a0:a2:a5:63:bd:67:19:0d:5d:
f8:53:a8:81:1f:9e:32:6f:2e:49:e3:63:a8:a8:47:
ae:0e:86:aa:9f:dd:b5:b0:b9:59:51:03:76:e3:70:
9f:be:a6:24:bc:53:12:17:52:76:1c:32:3b:d0:1e:
6e:e9:ec:e3:41:a4:53:ba:4f:97:9c:8c:0e:f7:9f:
51:70:eb:10:77:26:42:71:63:ad:12:23:e0:41:2f:
36:98:e3:f9:fa:5e:dd:24:e8:eb:da:2f:5b:42:79:
56:48:b5:37:06:44:c2:f9:74:52:ba:53:1a:fd:03:
e8:3f:03:20:3f:96:a1:0d:16:ec:10:86:ff:b3:1c:
7c:85:ea:2a:05:a8:6b:aa:6b:84:2f:eb:df:ce:83:
d4:aa:0b:d0:ba:02:31:a9:7f:03:06:46:42:f2:57:
06:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:5A:CF:EC:D0:57:FF:B7:F5:FD:A6:32:F1:F8:38:2C:8F:D3:BD:A1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VFrP7NBX_7f1_aYy8fg4LI_TvaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:85:2e:ac:6e:6c:40:8d:01:a8:6c:34:16:4b:d9:0f:3f:00:
eb:da:b9:e4:13:0d:6c:e5:d9:f1:a6:3c:9e:ad:4d:73:45:0e:
f7:d0:2c:e5:fb:f1:1a:4b:e3:17:3c:fa:2b:86:70:ff:0c:b6:
64:1c:20:a6:f1:76:ef:ae:55:93:4f:c2:38:7a:64:ae:b3:8e:
0c:29:d8:2f:86:b1:fd:bd:1b:68:0a:24:9c:1e:ee:54:24:1e:
43:c9:c3:9d:4a:69:bf:d8:3a:9f:eb:1c:21:c6:fc:11:43:f0:
4a:e2:8b:18:25:69:6c:84:be:3d:2c:f9:27:3f:dd:76:1e:b1:
84:57:5a:a1:2d:20:3f:5f:f5:aa:bf:e7:b7:51:85:88:d5:41:
5a:2f:15:85:3d:f0:4e:d5:c6:73:09:72:22:7a:5c:ce:3b:14:
ba:bb:77:0f:88:f1:d1:06:f6:25:29:4b:57:97:dd:48:1b:72:
16:63:8f:1c:a9:68:a5:1a:fc:d3:a7:9a:79:4a:a2:09:3a:3b:
d7:d0:f9:37:4b:76:31:3c:3f:ce:85:5e:6b:c6:db:86:b4:7d:
b2:1b:14:b4:c4:a2:c3:0c:7c:d9:05:20:8f:e6:8a:74:d6:eb:
5f:a5:7c:82:f0:ad:c1:2b:f9:bf:b8:fa:21:1a:c2:dd:38:8a:
2b:a3:6c:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYajwvmOa1Q3nBT9jwpE3FLpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAyMTkxODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDVhY2ZlY2QwNTdmZmI3ZjVmZGE2MzJmMWY4MzgyYzhmZDNiZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLAxoxyBt0jNY1WuC7542YbA39CC
nX1ZUqUel+70zg3maO8ktqnBXYg4EzHdM9J0gp9w3XMYkXjtu5L5zIHd3ANocGwd
vyH5dDi7fi4E64E27LeX0h/c+MqBj+0Xx+OgoqVjvWcZDV34U6iBH54yby5J42Oo
qEeuDoaqn921sLlZUQN243CfvqYkvFMSF1J2HDI70B5u6ezjQaRTuk+XnIwO959R
cOsQdyZCcWOtEiPgQS82mOP5+l7dJOjr2i9bQnlWSLU3BkTC+XRSulMa/QPoPwMg
P5ahDRbsEIb/sxx8heoqBahrqmuEL+vfzoPUqgvQugIxqX8DBkZC8lcGcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFRaz+zQV/+39f2mMvH4OCyP072hMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVkZyUDdOQlhfN2YxX2FZeThmZzRMSV9UdmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACyFLqxubECNAahsNBZL
2Q8/AOvaueQTDWzl2fGmPJ6tTXNFDvfQLOX78RpL4xc8+iuGcP8MtmQcIKbxdu+u
VZNPwjh6ZK6zjgwp2C+Gsf29G2gKJJwe7lQkHkPJw51Kab/YOp/rHCHG/BFD8Eri
ixglaWyEvj0s+Sc/3XYesYRXWqEtID9f9aq/57dRhYjVQVovFYU98E7VxnMJciJ6
XM47FLq7dw+I8dEG9iUpS1eX3UgbchZjjxypaKUa/NOnmnlKogk6O9fQ+TdLdjE8
P86FXmvG24a0fbIbFLTEosMMfNkFII/minTW61+lfILwrcEr+b+4+iEawt04iiuj
bDo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:42:19 2025 by rpki-client