Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VvhxIzXGrn0B7HELP4bsTbiBXks.roa
File: VvhxIzXGrn0B7HELP4bsTbiBXks.roa (raw, json)
Hash identifier: 6b2D1ECmMjNlLgY6h2db5kx5IL6ugC7efcEkF7MA0co=
Subject key identifier: 56:F8:71:23:35:C6:AE:7D:01:EC:71:0B:3F:86:EC:4D:B8:81:5E:4B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185B2F96AF840E9DE72630284AD2CA04BC8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VvhxIzXGrn0B7HELP4bsTbiBXks.roa
Signing time: Sun 15 Jan 2023 01:09:28 +0000
ROA not before: Sun 15 Jan 2023 01:09:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b2:f9:6a:f8:40:e9:de:72:63:02:84:ad:2c:a0:4b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 15 01:09:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56f8712335c6ae7d01ec710b3f86ec4db8815e4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fe:3c:28:34:3f:21:5b:34:62:b3:38:46:39:
c4:8a:3f:ba:80:8e:6c:cb:a7:8e:4b:29:7a:4f:e9:
8e:b4:81:38:f8:5a:a3:29:ba:6f:17:fe:9a:fa:ee:
e4:3c:48:d4:83:ed:8b:92:1e:60:ab:cc:ab:6b:ad:
f3:ec:49:bc:e5:62:7d:f9:3e:d5:bf:a3:7b:55:b7:
79:5c:bf:af:b9:d2:96:b3:d8:a4:d1:56:96:96:b1:
24:45:07:57:fb:f9:73:82:07:bd:88:39:88:b2:31:
cc:92:a9:79:2b:e8:b7:05:a4:ad:45:14:e4:97:04:
db:f8:e3:f4:4e:75:98:06:16:c2:36:8b:93:2f:33:
3e:83:ce:da:83:75:f7:f2:98:42:d8:3e:c6:db:de:
3e:3a:80:2f:a4:c4:58:42:05:4c:46:22:7a:cf:03:
9d:9b:99:31:6a:bb:06:47:34:95:4e:d0:ea:3d:ea:
4c:4c:7c:93:a2:97:3b:1b:52:9f:ca:b7:e2:80:0a:
f1:60:41:05:02:13:fd:2b:2d:e5:70:b4:53:b1:72:
69:97:cb:56:bd:a0:ed:3a:11:e2:33:7f:a0:ef:67:
e9:19:23:64:00:ea:3d:84:96:48:bc:1c:5d:95:c5:
0f:83:85:74:a8:65:3e:85:a6:fd:b1:35:8c:b2:91:
76:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:F8:71:23:35:C6:AE:7D:01:EC:71:0B:3F:86:EC:4D:B8:81:5E:4B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/VvhxIzXGrn0B7HELP4bsTbiBXks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:11:9b:b8:4d:b9:5b:ed:48:87:4f:68:eb:80:6a:af:92:9b:
86:79:23:77:a8:4d:63:dc:6f:3e:3d:71:c3:96:39:7b:87:dc:
ce:8d:c3:d8:b4:10:4c:44:f4:f1:68:06:aa:f8:9a:6b:af:e0:
ed:6c:7d:6c:cf:1f:a2:c7:58:13:3f:dc:70:05:ec:f8:6f:79:
21:e3:37:bd:c1:5e:99:4e:a4:e3:81:4e:f1:c7:1e:99:e7:ab:
7e:3e:af:fe:c4:a9:68:df:82:ee:c6:0f:ac:50:a5:39:a3:9b:
ac:16:8e:5a:9e:74:7b:a6:8b:7d:be:c2:aa:62:45:4e:3d:46:
74:a2:f5:8f:d4:8b:a5:4e:50:4f:ae:67:84:ad:09:97:8e:f9:
56:ce:4e:73:89:3a:df:d7:08:30:52:2d:1d:17:38:9f:40:38:
6e:15:b9:38:3c:90:95:b5:d4:78:7d:8f:8e:ae:b6:2f:8d:00:
05:a8:21:d4:95:99:69:59:86:4f:94:ad:86:8e:03:cf:43:e3:
e9:9f:73:f7:34:ed:ec:59:69:ab:00:fd:41:25:d0:b9:28:62:
be:bc:5c:90:38:76:c8:7d:da:10:9b:ee:db:ce:4d:b8:e1:16:
4a:2f:1e:11:1c:2b:5e:75:76:49:9a:20:6b:96:ab:cf:8e:54:
00:ba:7e:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWy+Wr4QOnecmMChK0soEvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTE1MDEwOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmY4NzEyMzM1YzZhZTdkMDFlYzcxMGIzZjg2ZWM0ZGI4ODE1ZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf48KDQ/IVs0YrM4RjnEij+6gI5s
y6eOSyl6T+mOtIE4+FqjKbpvF/6a+u7kPEjUg+2Lkh5gq8yra63z7Em85WJ9+T7V
v6N7Vbd5XL+vudKWs9ik0VaWlrEkRQdX+/lzgge9iDmIsjHMkql5K+i3BaStRRTk
lwTb+OP0TnWYBhbCNouTLzM+g87ag3X38phC2D7G294+OoAvpMRYQgVMRiJ6zwOd
m5kxarsGRzSVTtDqPepMTHyTopc7G1KfyrfigArxYEEFAhP9Ky3lcLRTsXJpl8tW
vaDtOhHiM3+g72fpGSNkAOo9hJZIvBxdlcUPg4V0qGU+hab9sTWMspF2qQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFb4cSM1xq59AexxCz+G7E24gV5LMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVnZoeEl6WEdybjBCN0hFTFA0YnNUYmlCWGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA0Rm7hNuVvtSIdPaOuA
aq+Sm4Z5I3eoTWPcbz49ccOWOXuH3M6Nw9i0EExE9PFoBqr4mmuv4O1sfWzPH6LH
WBM/3HAF7PhveSHjN73BXplOpOOBTvHHHpnnq34+r/7EqWjfgu7GD6xQpTmjm6wW
jlqedHumi32+wqpiRU49RnSi9Y/Ui6VOUE+uZ4StCZeO+VbOTnOJOt/XCDBSLR0X
OJ9AOG4VuTg8kJW11Hh9j46uti+NAAWoIdSVmWlZhk+UrYaOA89D4+mfc/c07exZ
aasA/UEl0LkoYr68XJA4dsh92hCb7tvOTbjhFkovHhEcK151dkmaIGuWq8+OVAC6
fko=
-----END CERTIFICATE-----
Generated at Thu May 1 02:00:37 2025 by rpki-client