Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/W4R0gBKeKgT1zEw-l08W7HCxIDo.roa
File: W4R0gBKeKgT1zEw-l08W7HCxIDo.roa (raw, json)
Hash identifier: lYQw1pwntxkB7yMNTsUMhN1zDw5OMFnLxshl71rKq2U=
Subject key identifier: 5B:84:74:80:12:9E:2A:04:F5:CC:4C:3E:97:4F:16:EC:70:B1:20:3A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01820CF1331EA08B8A9F8CA24285D806D1E5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/W4R0gBKeKgT1zEw-l08W7HCxIDo.roa
Signing time: Sun 17 Jul 2022 16:15:09 +0000
ROA not before: Sun 17 Jul 2022 16:15:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:0c:f1:33:1e:a0:8b:8a:9f:8c:a2:42:85:d8:06:d1:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 17 16:15:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b847480129e2a04f5cc4c3e974f16ec70b1203a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0e:0b:bb:dd:a5:5f:2c:fc:53:e3:80:5d:25:
8b:53:df:ee:c5:91:2c:93:f8:50:26:62:98:06:40:
0f:46:2d:b2:5b:ad:59:9a:78:f4:3c:60:26:90:b9:
7d:6b:79:bf:a2:d8:aa:a4:7c:e8:5a:02:fa:a6:df:
7c:63:c5:44:f5:11:70:2b:e6:60:71:a0:f0:4c:64:
ee:c5:2a:42:76:37:93:82:3b:b6:7a:c6:ba:12:6b:
b2:8a:27:0d:1f:8c:0a:64:98:51:b5:94:14:aa:7b:
37:16:c8:26:16:08:4c:0c:fe:57:1d:d2:5a:16:04:
36:35:8c:66:06:4e:91:49:30:80:30:fc:eb:df:af:
02:73:3c:54:fc:1c:e4:c8:98:7b:b3:80:30:1f:5c:
df:2d:da:5f:27:47:8d:13:0c:23:b6:7a:5f:b1:6c:
ee:a1:8f:7d:9b:d5:a7:09:e1:fa:66:85:a4:a8:95:
77:b0:58:7f:ef:a6:5d:43:38:ae:35:c2:8d:74:68:
63:ac:66:50:1a:b0:0e:73:e5:ab:2d:f1:2f:92:99:
93:93:81:3f:b3:9d:0d:32:84:6d:2d:89:ce:e1:13:
6e:4d:dc:b0:fc:a9:8a:7c:c6:03:29:10:08:6d:66:
08:d4:f4:7c:68:86:94:59:fe:db:ca:5b:3f:b2:7d:
91:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:84:74:80:12:9E:2A:04:F5:CC:4C:3E:97:4F:16:EC:70:B1:20:3A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/W4R0gBKeKgT1zEw-l08W7HCxIDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:2d:4b:49:05:04:8f:3a:d8:57:0d:a3:67:9c:24:93:33:d0:
2b:c3:1f:d0:83:83:81:21:e4:5a:05:40:bb:58:70:c3:e8:0e:
c6:66:ce:85:aa:8d:3a:f4:0a:dd:63:89:cd:a6:18:c0:dd:6c:
71:ca:6a:85:7e:5d:fa:cc:81:96:f0:59:6c:32:4b:c2:15:ac:
ac:6a:8d:bb:ea:73:1c:cf:ee:1d:d6:17:c3:4f:d0:2a:28:b9:
4d:13:d8:c8:46:28:cf:0b:90:6b:f3:c5:64:20:cf:e3:55:24:
05:bb:c8:65:eb:7c:6d:f7:32:76:6d:44:4f:80:a6:88:8e:dc:
9e:13:6e:2f:17:09:22:7a:84:3d:58:71:a9:78:f4:e2:e8:04:
95:1c:8c:27:d4:01:5c:38:8f:8f:f8:c9:82:0d:6c:b2:75:be:
9f:c3:12:99:28:2a:af:24:72:ef:bb:66:0e:09:bd:25:e2:b3:
78:91:69:93:06:5e:07:64:06:d5:a7:e3:68:eb:da:a8:fb:8f:
a5:11:66:72:42:42:ff:11:a8:5f:f5:32:25:c2:25:e5:03:38:
0a:1f:e1:b9:01:15:3e:56:e8:8d:9a:c5:06:7f:5d:1b:80:20:
25:01:dd:70:db:96:69:5c:ee:e3:e5:f2:11:f3:4b:3a:e3:74:
3d:90:c1:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYIM8TMeoIuKn4yiQoXYBtHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzE3MTYxNTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjg0NzQ4MDEyOWUyYTA0ZjVjYzRjM2U5NzRmMTZlYzcwYjEyMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Q4Lu92lXyz8U+OAXSWLU9/uxZEs
k/hQJmKYBkAPRi2yW61Zmnj0PGAmkLl9a3m/otiqpHzoWgL6pt98Y8VE9RFwK+Zg
caDwTGTuxSpCdjeTgju2esa6EmuyiicNH4wKZJhRtZQUqns3FsgmFghMDP5XHdJa
FgQ2NYxmBk6RSTCAMPzr368CczxU/BzkyJh7s4AwH1zfLdpfJ0eNEwwjtnpfsWzu
oY99m9WnCeH6ZoWkqJV3sFh/76ZdQziuNcKNdGhjrGZQGrAOc+WrLfEvkpmTk4E/
s50NMoRtLYnO4RNuTdyw/KmKfMYDKRAIbWYI1PR8aIaUWf7byls/sn2RWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFuEdIASnioE9cxMPpdPFuxwsSA6MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVzRSMGdCS2VLZ1QxekV3LWwwOFc3SEN4SURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHgtS0kFBI862FcNo2ec
JJMz0CvDH9CDg4Eh5FoFQLtYcMPoDsZmzoWqjTr0Ct1jic2mGMDdbHHKaoV+XfrM
gZbwWWwyS8IVrKxqjbvqcxzP7h3WF8NP0CoouU0T2MhGKM8LkGvzxWQgz+NVJAW7
yGXrfG33MnZtRE+ApoiO3J4Tbi8XCSJ6hD1Ycal49OLoBJUcjCfUAVw4j4/4yYIN
bLJ1vp/DEpkoKq8kcu+7Zg4JvSXis3iRaZMGXgdkBtWn42jr2qj7j6URZnJCQv8R
qF/1MiXCJeUDOAof4bkBFT5W6I2axQZ/XRuAICUB3XDblmlc7uPl8hHzSzrjdD2Q
wek=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:01:55 2025 by rpki-client