Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VL9woL9Uh27Y-2Q8VxAlowDEtRg.roa
File: VL9woL9Uh27Y-2Q8VxAlowDEtRg.roa (raw, json)
Hash identifier: hVEuvchBn9OQEhTZYWbYaJUIHS9sKKSZEc+K8Ork4Aw=
Subject key identifier: 54:BF:70:A0:BF:54:87:6E:D8:FB:64:3C:57:10:25:A3:00:C4:B5:18
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187906885F2544C31DCCE1197C5148CB29D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VL9woL9Uh27Y-2Q8VxAlowDEtRg.roa
Signing time: Mon 17 Apr 2023 18:09:41 +0000
ROA not before: Mon 17 Apr 2023 18:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:90:68:85:f2:54:4c:31:dc:ce:11:97:c5:14:8c:b2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 17 18:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54bf70a0bf54876ed8fb643c571025a300c4b518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:85:8a:27:6a:8c:c7:65:46:d4:97:84:85:95:
61:7b:a0:ad:c1:5c:4d:c9:0c:30:38:c8:1e:41:6b:
99:11:39:2f:da:f2:35:66:93:2a:ff:4e:cd:1e:5c:
73:c8:19:92:65:1c:27:1b:d5:ad:9d:0f:80:3d:32:
03:fc:be:e6:c8:66:21:e1:ba:d2:06:38:70:31:77:
cd:0c:e7:ea:08:33:06:db:00:9d:41:9f:eb:70:13:
31:6c:a1:a8:b0:18:15:13:5d:56:15:29:24:86:63:
18:51:e1:a4:fd:0c:f1:10:89:22:34:b1:92:c3:61:
d3:3d:14:fb:57:2b:bf:17:09:d8:74:7f:c5:41:c9:
3d:d8:c6:e7:ae:25:93:69:d3:83:84:56:88:04:a5:
15:8f:fc:4c:f4:44:12:24:f4:ac:b2:3e:2c:f5:a4:
88:9b:de:9a:36:bf:81:dd:4f:dc:f1:b0:61:f1:3c:
9b:95:c0:f7:4d:db:1e:19:23:a8:c1:45:08:eb:91:
b6:b9:ad:31:11:2c:8c:08:9c:13:bd:b1:ed:99:48:
39:70:a1:00:7d:df:59:15:e9:c3:df:dc:f5:26:86:
5d:1d:b4:53:e5:25:68:06:37:78:74:18:e4:cb:65:
aa:14:fa:82:b8:03:d1:99:e8:36:81:aa:ae:7f:20:
94:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:BF:70:A0:BF:54:87:6E:D8:FB:64:3C:57:10:25:A3:00:C4:B5:18
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VL9woL9Uh27Y-2Q8VxAlowDEtRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:a4:4e:43:4b:a6:1c:06:b9:41:62:9b:05:45:7a:e2:75:b7:
3f:30:3d:96:68:f0:ad:04:09:85:8f:cd:5e:dc:3c:01:fb:2a:
be:1c:a7:a6:d4:0a:a5:06:2a:42:73:5d:39:b3:5c:9e:96:1e:
3a:b2:b0:04:72:dd:11:e1:e6:03:ab:fb:31:00:c4:0b:90:be:
97:0c:3f:fe:31:7c:d9:ed:a6:f6:12:80:b8:32:49:c3:d0:23:
fe:8a:a9:6c:d7:aa:bc:f2:12:7f:07:25:73:11:50:77:ba:7d:
8e:d8:e4:6c:4a:88:5b:de:7e:76:b2:ac:84:84:b4:a0:82:3c:
51:42:6a:9e:65:7c:eb:c4:2b:94:6a:d9:48:1a:08:0d:87:01:
a4:69:c3:bc:43:18:21:4d:7d:ed:35:2c:2d:bb:f8:a9:6c:90:
4c:9d:8e:02:2e:01:c2:ec:98:88:36:20:d2:68:51:52:2b:f0:
f1:6a:74:2d:ce:eb:a7:ff:72:02:c9:6e:a4:ad:94:d9:d1:d9:
63:66:d8:54:30:81:8e:5e:53:b4:2d:8c:5c:2c:11:ca:42:c1:
f4:e7:e8:33:1c:5a:2a:fa:52:e0:f8:23:73:22:d2:1a:a6:6c:
46:6f:f5:33:11:14:b4:8f:d2:a5:0c:8e:f2:63:11:1c:63:db:
cd:9c:92:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeQaIXyVEwx3M4Rl8UUjLKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDE3MTgwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGJmNzBhMGJmNTQ4NzZlZDhmYjY0M2M1NzEwMjVhMzAwYzRiNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4WKJ2qMx2VG1JeEhZVhe6CtwVxN
yQwwOMgeQWuZETkv2vI1ZpMq/07NHlxzyBmSZRwnG9WtnQ+APTID/L7myGYh4brS
BjhwMXfNDOfqCDMG2wCdQZ/rcBMxbKGosBgVE11WFSkkhmMYUeGk/QzxEIkiNLGS
w2HTPRT7Vyu/FwnYdH/FQck92MbnriWTadODhFaIBKUVj/xM9EQSJPSssj4s9aSI
m96aNr+B3U/c8bBh8TyblcD3TdseGSOowUUI65G2ua0xESyMCJwTvbHtmUg5cKEA
fd9ZFenD39z1JoZdHbRT5SVoBjd4dBjky2WqFPqCuAPRmeg2gaqufyCUdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFS/cKC/VIdu2PtkPFcQJaMAxLUYMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVkw5d29MOVVoMjdZLTJROFZ4QWxvd0RFdFJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIWkTkNLphwGuUFimwVF
euJ1tz8wPZZo8K0ECYWPzV7cPAH7Kr4cp6bUCqUGKkJzXTmzXJ6WHjqysARy3RHh
5gOr+zEAxAuQvpcMP/4xfNntpvYSgLgyScPQI/6KqWzXqrzyEn8HJXMRUHe6fY7Y
5GxKiFvefnayrISEtKCCPFFCap5lfOvEK5Rq2UgaCA2HAaRpw7xDGCFNfe01LC27
+KlskEydjgIuAcLsmIg2INJoUVIr8PFqdC3O66f/cgLJbqStlNnR2WNm2FQwgY5e
U7QtjFwsEcpCwfTn6DMcWir6UuD4I3Mi0hqmbEZv9TMRFLSP0qUMjvJjERxj282c
khY=
-----END CERTIFICATE-----
Generated at Fri May 2 17:31:15 2025 by rpki-client