Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_ryb35lDLfwXPhWhPNbSoNpsTPA.roa
File: _ryb35lDLfwXPhWhPNbSoNpsTPA.roa (raw, json)
Hash identifier: vu25SZKfWM6eCmVxdUchLuu6VChLhOaqxak9co9bjGc=
Subject key identifier: FE:BC:9B:DF:99:43:2D:FC:17:3E:15:A1:3C:D6:D2:A0:DA:6C:4C:F0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01855BA4712610DDF0A29658F20BC2B0DDEC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_ryb35lDLfwXPhWhPNbSoNpsTPA.roa
Signing time: Thu 29 Dec 2022 02:09:41 +0000
ROA not before: Thu 29 Dec 2022 02:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5b:a4:71:26:10:dd:f0:a2:96:58:f2:0b:c2:b0:dd:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 29 02:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=febc9bdf99432dfc173e15a13cd6d2a0da6c4cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b9:0d:e0:0f:eb:7f:74:d3:10:10:bd:db:4f:
9b:a9:15:ff:3c:ff:c4:0c:37:66:3d:58:1b:0d:c0:
18:7a:1d:fe:32:b3:72:fe:5a:49:1e:12:ec:ce:e9:
87:04:0b:9c:81:a6:c6:83:0a:15:09:1c:ee:6a:ed:
54:5f:b1:4d:3f:70:e7:2d:24:ec:7e:cf:e5:78:55:
44:d5:b9:34:16:c4:32:7a:eb:77:8d:c7:aa:65:b4:
a2:2a:8c:82:59:e7:02:e4:82:72:08:4c:9d:99:68:
7e:10:f5:bc:47:65:15:7d:c5:78:b5:17:04:0c:a9:
05:fc:70:b5:37:84:a2:91:c5:30:0a:36:5c:8d:ae:
ff:ae:e0:0b:88:7a:c3:ec:f6:71:e3:ff:a3:85:4f:
bd:53:df:21:16:e6:11:0b:b2:16:93:75:89:71:c1:
6c:02:96:81:05:33:84:ce:54:82:bc:d5:aa:b2:63:
28:ee:e5:35:95:aa:04:3c:94:d9:d1:1b:54:2b:a2:
fa:4b:da:c6:ab:b2:50:2d:4f:d6:90:da:30:e6:0c:
4b:fa:3c:6d:05:95:ef:be:c2:9b:46:9b:46:ae:97:
15:89:c9:d7:a4:f2:1a:ca:54:0e:ee:ff:1f:28:d2:
b0:aa:13:02:e9:76:45:de:86:8b:70:d0:96:98:f6:
fb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:BC:9B:DF:99:43:2D:FC:17:3E:15:A1:3C:D6:D2:A0:DA:6C:4C:F0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_ryb35lDLfwXPhWhPNbSoNpsTPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b2:3e:c8:6e:bd:f0:60:f6:84:f6:cf:e5:48:60:74:0c:8b:6a:
a6:fe:ff:34:cd:fe:0d:9f:89:9c:79:cd:60:7f:ea:4a:1f:36:
91:e7:54:ba:c3:43:d7:7a:18:59:40:e4:0c:25:f4:c0:60:0b:
ab:b0:c8:84:07:48:ee:58:c5:56:40:9b:9b:74:0c:6c:96:9c:
82:4e:39:37:e4:ff:c7:ba:92:7b:0a:91:55:15:03:c4:d7:62:
97:b5:7f:82:1f:43:c6:e4:bb:ed:0c:9c:f5:4d:fb:79:5e:62:
41:c0:94:69:a2:54:1d:4a:af:e1:92:0f:33:bb:05:db:a4:f0:
e2:f8:82:ad:6b:bc:e3:5b:d5:3c:17:1b:e5:23:d3:a7:41:8b:
0d:52:05:3b:82:e2:2b:99:97:cb:63:d6:10:a7:4a:f4:a0:1f:
08:86:a4:cd:53:84:ba:37:1c:62:86:5a:18:7d:71:4e:42:95:
b0:3a:db:0f:57:ca:70:c7:cc:73:2f:e5:c1:f9:1a:49:9d:e3:
a0:c0:31:89:99:6a:42:d3:0c:1c:3e:28:cf:19:e4:1c:bb:97:
cc:6c:9e:5c:58:c0:4c:88:19:69:be:77:9f:0d:35:d1:ce:1d:
21:70:73:04:89:43:02:01:51:cb:d8:54:2b:ed:b0:88:c2:7f:
f5:af:05:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVbpHEmEN3wopZY8gvCsN3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI5MDIwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWJjOWJkZjk5NDMyZGZjMTczZTE1YTEzY2Q2ZDJhMGRhNmM0Y2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7kN4A/rf3TTEBC920+bqRX/PP/E
DDdmPVgbDcAYeh3+MrNy/lpJHhLszumHBAucgabGgwoVCRzuau1UX7FNP3DnLSTs
fs/leFVE1bk0FsQyeut3jceqZbSiKoyCWecC5IJyCEydmWh+EPW8R2UVfcV4tRcE
DKkF/HC1N4SikcUwCjZcja7/ruALiHrD7PZx4/+jhU+9U98hFuYRC7IWk3WJccFs
ApaBBTOEzlSCvNWqsmMo7uU1laoEPJTZ0RtUK6L6S9rGq7JQLU/WkNow5gxL+jxt
BZXvvsKbRptGrpcVicnXpPIaylQO7v8fKNKwqhMC6XZF3oaLcNCWmPb7HwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP68m9+ZQy38Fz4VoTzW0qDabEzwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvX3J5YjM1bERMZndYUGhXaFBOYlNvTnBzVFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALI+yG698GD2hPbP5Uhg
dAyLaqb+/zTN/g2fiZx5zWB/6kofNpHnVLrDQ9d6GFlA5Awl9MBgC6uwyIQHSO5Y
xVZAm5t0DGyWnIJOOTfk/8e6knsKkVUVA8TXYpe1f4IfQ8bku+0MnPVN+3leYkHA
lGmiVB1Kr+GSDzO7Bduk8OL4gq1rvONb1TwXG+Uj06dBiw1SBTuC4iuZl8tj1hCn
SvSgHwiGpM1ThLo3HGKGWhh9cU5ClbA62w9XynDHzHMv5cH5Gkmd46DAMYmZakLT
DBw+KM8Z5By7l8xsnlxYwEyIGWm+d58NNdHOHSFwcwSJQwIBUcvYVCvtsIjCf/Wv
BXY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:13:10 2025 by rpki-client