Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_DnDPG7xrG0ZAS0Y7QKmdaynDgY.roa
File: _DnDPG7xrG0ZAS0Y7QKmdaynDgY.roa (raw, json)
Hash identifier: 5FuS2wv1GpwTz/v0bcOdm49EYXQQJ4ofFKgqQKKj1yI=
Subject key identifier: FC:39:C3:3C:6E:F1:AC:6D:19:01:2D:18:ED:02:A6:75:AC:A7:0E:06
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01850AC494319874545FA6034322DA451B4B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_DnDPG7xrG0ZAS0Y7QKmdaynDgY.roa
Signing time: Tue 13 Dec 2022 09:15:33 +0000
ROA not before: Tue 13 Dec 2022 09:15:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:c4:94:31:98:74:54:5f:a6:03:43:22:da:45:1b:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 13 09:15:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc39c33c6ef1ac6d19012d18ed02a675aca70e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cb:4c:88:3e:11:fa:df:2f:91:5e:d3:2b:25:
6a:9f:84:ad:d9:5c:4b:7d:6d:af:18:a1:3b:47:3b:
b8:e5:7e:21:ab:61:ba:dd:92:8b:2f:3a:98:86:ac:
17:44:40:8c:cc:9d:02:f2:09:13:40:fd:ef:74:a7:
bf:7f:a1:97:4e:02:b0:2f:38:cb:57:a3:a0:a1:70:
9e:f9:2f:87:3a:c8:8f:31:5e:2f:c8:bb:c7:94:6d:
17:32:43:fe:b6:2e:e2:8e:d0:3c:7b:1e:da:9f:b8:
3d:59:c5:a9:ea:f3:17:8d:9a:a9:a1:fd:26:d9:34:
5e:4b:2a:db:43:13:74:e2:f9:e1:7d:ff:7c:0c:8b:
ad:50:02:cc:9b:ca:81:9b:a0:03:a8:91:c8:87:d9:
84:da:e7:11:cb:c7:ab:7d:d9:27:2f:ba:16:dd:05:
2a:a5:7d:db:4a:c5:e8:bb:73:a5:8f:c6:7b:26:c3:
c1:32:f4:6c:b9:28:59:93:d4:94:f0:75:80:c5:80:
f9:c1:e6:0d:2c:d0:4b:00:b2:98:b6:e2:6d:b1:98:
38:24:c9:ce:fb:dc:11:d6:e9:39:f5:0d:63:51:a2:
b6:ed:5e:a5:5a:ec:4d:fd:99:cb:12:d7:3e:e8:3e:
0b:c8:d0:4b:65:0e:92:5f:57:c2:17:b1:6e:7d:ea:
58:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:39:C3:3C:6E:F1:AC:6D:19:01:2D:18:ED:02:A6:75:AC:A7:0E:06
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_DnDPG7xrG0ZAS0Y7QKmdaynDgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:68:28:d8:16:71:ea:77:cd:9c:f2:3f:ed:c7:5f:a4:04:50:
cf:8f:2f:bd:ee:05:e6:47:1a:fd:af:2c:84:94:37:fb:25:2b:
2a:98:da:8b:56:2c:12:14:7a:0a:98:af:98:1e:ed:3b:07:52:
72:7e:9b:25:25:b0:b7:ef:ac:ea:39:68:7b:36:dd:1f:2a:55:
f8:f3:3d:dd:1e:97:8c:8a:ae:0e:3a:85:4b:c0:e2:f8:a7:03:
3a:99:2f:20:66:a1:f4:d7:4e:8b:5e:d4:67:02:a0:57:4c:86:
8b:ce:c6:71:f1:db:f0:27:57:75:c0:27:2a:db:27:22:87:95:
ff:c0:9b:f4:3b:61:7a:89:36:75:4e:65:db:d3:ce:12:c8:0f:
0a:02:36:5e:f7:9e:b9:58:d7:20:6d:fe:06:49:0f:a0:08:93:
a3:f2:78:05:bd:eb:c6:4b:d7:27:3a:79:1f:22:4a:c4:56:9f:
ee:53:73:41:45:98:58:03:a0:a9:7c:59:eb:9c:5f:50:ee:1b:
16:d3:d7:3a:34:34:0b:66:c1:09:10:e8:0a:dd:2a:25:4c:72:
20:82:05:f7:d5:1d:1b:b9:b7:ec:a1:5b:9b:fa:c7:e7:b9:1d:
43:5c:d3:bc:a3:36:a5:4b:7c:16:db:f8:39:e2:7c:ee:f3:b4:
cc:a8:71:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUKxJQxmHRUX6YDQyLaRRtLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjEzMDkxNTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzM5YzMzYzZlZjFhYzZkMTkwMTJkMThlZDAyYTY3NWFjYTcwZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoctMiD4R+t8vkV7TKyVqn4St2VxL
fW2vGKE7Rzu45X4hq2G63ZKLLzqYhqwXRECMzJ0C8gkTQP3vdKe/f6GXTgKwLzjL
V6OgoXCe+S+HOsiPMV4vyLvHlG0XMkP+ti7ijtA8ex7an7g9WcWp6vMXjZqpof0m
2TReSyrbQxN04vnhff98DIutUALMm8qBm6ADqJHIh9mE2ucRy8erfdknL7oW3QUq
pX3bSsXou3Olj8Z7JsPBMvRsuShZk9SU8HWAxYD5weYNLNBLALKYtuJtsZg4JMnO
+9wR1uk59Q1jUaK27V6lWuxN/ZnLEtc+6D4LyNBLZQ6SX1fCF7FufepY6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPw5wzxu8axtGQEtGO0CpnWspw4GMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvX0RuRFBHN3hyRzBaQVMwWTdRS21kYXluRGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAJoKNgWcep3zZzyP+3H
X6QEUM+PL73uBeZHGv2vLISUN/slKyqY2otWLBIUegqYr5ge7TsHUnJ+myUlsLfv
rOo5aHs23R8qVfjzPd0el4yKrg46hUvA4vinAzqZLyBmofTXTote1GcCoFdMhovO
xnHx2/AnV3XAJyrbJyKHlf/Am/Q7YXqJNnVOZdvTzhLIDwoCNl73nrlY1yBt/gZJ
D6AIk6PyeAW968ZL1yc6eR8iSsRWn+5Tc0FFmFgDoKl8WeucX1DuGxbT1zo0NAtm
wQkQ6ArdKiVMciCCBffVHRu5t+yhW5v6x+e5HUNc07yjNqVLfBbb+DnifO7ztMyo
cQk=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:28:36 2025 by rpki-client