Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_4KC3p9vDHq3vogC37GtWNlqVlw.roa
File: _4KC3p9vDHq3vogC37GtWNlqVlw.roa (raw, json)
Hash identifier: tldHJA5YDfkvvY3mA0uhnXOn/9RkXyLOzsbONq5+9DE=
Subject key identifier: FF:82:82:DE:9F:6F:0C:7A:B7:BE:88:02:DF:B1:AD:58:D9:6A:56:5C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856285EAE2284DABA1F3CDC907BC9A7609
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_4KC3p9vDHq3vogC37GtWNlqVlw.roa
Signing time: Fri 30 Dec 2022 10:13:41 +0000
ROA not before: Fri 30 Dec 2022 10:13:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:85:ea:e2:28:4d:ab:a1:f3:cd:c9:07:bc:9a:76:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 30 10:13:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff8282de9f6f0c7ab7be8802dfb1ad58d96a565c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:eb:db:b3:a9:ab:f0:2e:a1:52:60:f3:5c:65:
00:92:94:c1:86:6c:32:c8:ef:93:d8:f1:44:96:cf:
e9:1d:82:18:54:71:3a:cb:65:2f:fc:b3:0c:8e:e9:
f3:98:35:52:57:68:89:32:ba:36:57:de:6a:7c:e7:
12:65:3a:cd:2d:db:f5:b9:3a:4d:a0:46:fe:15:5e:
6b:fd:58:30:1a:a3:26:67:a2:a7:2f:c5:fb:17:e9:
68:0a:9b:e6:c4:7b:f5:43:ef:df:31:3d:f9:a2:ea:
4d:26:81:2f:8e:6b:12:72:7c:4b:ef:e0:b5:cd:17:
10:f9:2c:bb:84:3d:e9:11:dc:f1:e7:a6:ed:b7:3f:
20:d3:c0:09:18:43:fd:c8:bb:a7:78:1c:5b:07:ae:
58:0d:1e:a6:41:df:15:41:30:5c:b5:2d:90:2c:2c:
b8:3d:51:ab:4c:93:b0:75:a8:03:4e:90:4b:34:5c:
4c:52:88:a9:b7:6e:9c:c9:a0:18:84:44:e7:93:37:
6e:fb:55:72:b9:db:3f:03:7d:fe:9c:c9:c8:27:2a:
f4:82:ce:60:17:2a:02:e8:f8:4f:f9:78:65:1c:de:
d2:c5:d1:ff:52:aa:7f:0b:a0:11:19:4b:be:6b:e2:
ba:50:69:1a:56:79:36:a6:79:66:07:17:48:23:80:
8c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:82:82:DE:9F:6F:0C:7A:B7:BE:88:02:DF:B1:AD:58:D9:6A:56:5C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_4KC3p9vDHq3vogC37GtWNlqVlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:77:5b:3d:d2:5e:dc:fc:5a:3c:58:dd:7a:3a:38:a1:f6:f0:
cd:81:ab:30:90:de:59:48:38:0a:88:f0:e9:19:d3:81:31:bf:
fa:7c:b2:62:5a:b2:a1:1c:2d:94:66:a1:f7:9f:cf:ad:57:95:
87:a7:3a:6e:c6:32:70:85:5a:83:c6:76:a9:78:28:ae:15:c0:
d6:8d:fd:8a:76:2e:a4:f8:97:9d:8e:2b:4b:99:01:60:92:ae:
46:23:bc:79:a5:53:35:93:7a:f4:b2:1d:d3:69:28:db:5c:4f:
50:61:db:8d:08:f1:0d:ff:ef:8c:2a:4b:36:7f:03:56:1f:06:
ab:92:82:26:7f:9e:b6:70:90:5a:90:53:67:d3:2d:81:25:d5:
96:5a:ab:5a:a2:05:c0:47:84:72:cc:99:01:a4:a4:59:87:1d:
c9:d8:96:0b:44:8d:d5:d9:95:34:6b:f9:8a:2b:f6:5e:ce:e2:
5f:d4:63:49:88:7c:c2:50:51:18:2c:c2:56:69:cc:51:2f:7b:
4a:19:41:ac:cd:a7:f4:fb:1b:f2:98:cf:18:ed:44:d4:9d:4c:
21:83:77:14:b7:99:d3:8a:84:00:cb:2a:6a:43:e8:39:f8:5f:
01:f0:9d:cd:82:b9:9e:1b:ca:6d:4b:ab:3f:a0:16:ef:8e:d9:
f7:6e:93:5e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYViheriKE2rofPNyQe8mnYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMwMTAxMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjgyODJkZTlmNmYwYzdhYjdiZTg4MDJkZmIxYWQ1OGQ5NmE1NjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+vbs6mr8C6hUmDzXGUAkpTBhmwy
yO+T2PFEls/pHYIYVHE6y2Uv/LMMjunzmDVSV2iJMro2V95qfOcSZTrNLdv1uTpN
oEb+FV5r/VgwGqMmZ6KnL8X7F+loCpvmxHv1Q+/fMT35oupNJoEvjmsScnxL7+C1
zRcQ+Sy7hD3pEdzx56bttz8g08AJGEP9yLuneBxbB65YDR6mQd8VQTBctS2QLCy4
PVGrTJOwdagDTpBLNFxMUoipt26cyaAYhETnkzdu+1Vyuds/A33+nMnIJyr0gs5g
FyoC6PhP+XhlHN7SxdH/Uqp/C6ARGUu+a+K6UGkaVnk2pnlmBxdII4CMswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP+Cgt6fbwx6t76IAt+xrVjZalZcMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvXzRLQzNwOXZESHEzdm9nQzM3R3RXTmxxVmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHV3Wz3SXtz8WjxY3Xo6
OKH28M2BqzCQ3llIOAqI8OkZ04Exv/p8smJasqEcLZRmofefz61XlYenOm7GMnCF
WoPGdql4KK4VwNaN/Yp2LqT4l52OK0uZAWCSrkYjvHmlUzWTevSyHdNpKNtcT1Bh
240I8Q3/74wqSzZ/A1YfBquSgiZ/nrZwkFqQU2fTLYEl1ZZaq1qiBcBHhHLMmQGk
pFmHHcnYlgtEjdXZlTRr+Yor9l7O4l/UY0mIfMJQURgswlZpzFEve0oZQazNp/T7
G/KYzxjtRNSdTCGDdxS3mdOKhADLKmpD6Dn4XwHwnc2CuZ4bym1Lqz+gFu+O2fdu
k14=
-----END CERTIFICATE-----
Generated at Sat May 3 08:53:04 2025 by rpki-client