Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_bBdbUQz-jplPMD4jZyP-YY1bEE.roa
File: _bBdbUQz-jplPMD4jZyP-YY1bEE.roa (raw, json)
Hash identifier: vlAGTo+PuL7jhEwagJk3tX6ijNaFiq1toE4rm4a3ozk=
Subject key identifier: FD:B0:5D:6D:44:33:FA:3A:65:3C:C0:F8:8D:9C:8F:F9:86:35:6C:41
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018524EF88EC68F04387971E24760487A9BE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_bBdbUQz-jplPMD4jZyP-YY1bEE.roa
Signing time: Sun 18 Dec 2022 11:12:36 +0000
ROA not before: Sun 18 Dec 2022 11:12:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:24:ef:88:ec:68:f0:43:87:97:1e:24:76:04:87:a9:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 18 11:12:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fdb05d6d4433fa3a653cc0f88d9c8ff986356c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:41:31:c7:3b:45:2c:c7:dc:c3:05:3d:13:50:
61:57:07:42:59:ed:6f:ff:e9:c9:6f:a5:03:2d:9a:
ac:5a:b8:2c:5e:83:82:b7:49:9d:5b:d6:5d:5f:ef:
65:26:0a:a3:ad:54:b9:0c:b2:29:55:c0:c3:85:57:
fb:8d:a9:ca:b7:10:47:81:5a:f6:a3:54:50:e2:15:
5a:95:0d:65:1c:5c:79:d1:d5:71:30:c8:ea:4d:d9:
f2:45:5b:54:19:55:32:4e:cf:34:3d:51:dd:56:99:
46:49:9b:10:73:23:95:54:be:ae:96:5b:41:9b:27:
67:da:27:68:d4:a2:9e:0b:c6:d7:9b:36:9a:57:a3:
56:90:56:0c:17:ef:69:9d:f7:eb:44:10:a7:c5:79:
66:19:4d:ef:be:f5:bc:bb:f7:c1:7c:da:c6:71:89:
75:7a:40:72:81:c1:1a:75:b9:ab:87:9f:0d:23:e9:
35:71:05:41:03:c0:b4:cf:3d:b1:74:c7:a7:01:f7:
2a:fe:c3:a1:ed:d7:20:41:93:b6:c0:72:8c:1c:11:
f9:de:14:92:3f:d7:0c:42:d7:58:18:ba:de:ea:fa:
d0:ee:68:1b:14:02:69:a9:31:ed:a4:a8:01:2a:41:
d4:15:12:dc:9c:89:1e:4e:90:cf:7f:fc:1a:94:10:
2d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B0:5D:6D:44:33:FA:3A:65:3C:C0:F8:8D:9C:8F:F9:86:35:6C:41
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_bBdbUQz-jplPMD4jZyP-YY1bEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:79:c8:fd:23:68:fb:b8:f1:ef:64:fd:1d:7b:e5:58:4b:6f:
cb:de:ce:0a:d2:86:8c:d7:d5:1d:d4:8d:9f:b4:f8:b7:98:10:
15:d9:36:eb:f4:16:eb:f5:e6:7f:5c:0a:a6:9b:74:28:fd:e4:
c3:e3:47:ef:db:2b:da:b9:30:99:9c:b7:37:29:55:e7:e4:34:
1a:81:f6:3e:8e:2b:f5:9f:b2:64:b6:47:fd:fb:72:e4:a5:29:
c8:a4:62:da:2b:d2:35:46:5a:52:2e:60:42:12:1d:54:14:d0:
7e:89:49:3b:ca:22:d2:88:03:6f:a5:d5:b2:4a:41:08:a1:60:
b6:36:63:4f:32:79:f3:c0:9d:da:5a:db:a2:30:01:1d:56:65:
44:1f:31:3c:87:33:2d:43:5b:39:2f:02:f4:2e:80:e2:a5:0c:
ab:41:68:03:84:03:1b:17:d2:2b:b3:bf:4c:62:fd:57:d9:3e:
4b:71:bc:7a:0f:71:d2:9e:90:a7:45:8d:df:b2:40:71:e7:aa:
5c:ac:a4:ad:3e:71:23:0f:29:42:fd:aa:9e:36:64:e1:a9:72:
aa:06:a8:53:0d:b2:ad:98:d1:31:01:81:84:83:b5:68:72:6e:
15:fa:20:6a:9d:f1:f7:98:50:50:70:c5:29:31:e2:9e:ad:e2:
b3:0d:83:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUk74jsaPBDh5ceJHYEh6m+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE4MTExMjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGIwNWQ2ZDQ0MzNmYTNhNjUzY2MwZjg4ZDljOGZmOTg2MzU2YzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEExxztFLMfcwwU9E1BhVwdCWe1v
/+nJb6UDLZqsWrgsXoOCt0mdW9ZdX+9lJgqjrVS5DLIpVcDDhVf7janKtxBHgVr2
o1RQ4hValQ1lHFx50dVxMMjqTdnyRVtUGVUyTs80PVHdVplGSZsQcyOVVL6ulltB
mydn2ido1KKeC8bXmzaaV6NWkFYMF+9pnffrRBCnxXlmGU3vvvW8u/fBfNrGcYl1
ekBygcEadbmrh58NI+k1cQVBA8C0zz2xdMenAfcq/sOh7dcgQZO2wHKMHBH53hSS
P9cMQtdYGLre6vrQ7mgbFAJpqTHtpKgBKkHUFRLcnIkeTpDPf/walBAt4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP2wXW1EM/o6ZTzA+I2cj/mGNWxBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvX2JCZGJVUXotanBsUE1ENGpaeVAtWVkxYkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEJ5yP0jaPu48e9k/R17
5VhLb8vezgrShozX1R3UjZ+0+LeYEBXZNuv0Fuv15n9cCqabdCj95MPjR+/bK9q5
MJmctzcpVefkNBqB9j6OK/WfsmS2R/37cuSlKcikYtor0jVGWlIuYEISHVQU0H6J
STvKItKIA2+l1bJKQQihYLY2Y08yefPAndpa26IwAR1WZUQfMTyHMy1DWzkvAvQu
gOKlDKtBaAOEAxsX0iuzv0xi/VfZPktxvHoPcdKekKdFjd+yQHHnqlyspK0+cSMP
KUL9qp42ZOGpcqoGqFMNsq2Y0TEBgYSDtWhybhX6IGqd8feYUFBwxSkx4p6t4rMN
gxc=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:16:12 2025 by rpki-client