Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_vBcyc-4hWYm3ifxnxpk1e-pk8s.roa
File: _vBcyc-4hWYm3ifxnxpk1e-pk8s.roa (raw, json)
Hash identifier: e7ovlPlMBfYeUqXbon2s16SSVnjnlskeWy4Ap8ISs5Q=
Subject key identifier: FE:F0:5C:C9:CF:B8:85:66:26:DE:27:F1:9F:1A:64:D5:EF:A9:93:CB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186B05F9A68AC7B2621D8536D2FC0D1DE7B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_vBcyc-4hWYm3ifxnxpk1e-pk8s.roa
Signing time: Sun 05 Mar 2023 06:05:00 +0000
ROA not before: Sun 05 Mar 2023 06:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:b05f:2313/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b0:5f:9a:68:ac:7b:26:21:d8:53:6d:2f:c0:d1:de:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 5 06:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fef05cc9cfb8856626de27f19f1a64d5efa993cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:24:a7:f3:ec:05:e3:01:58:a9:7f:99:af:ce:
b5:e3:75:04:42:49:01:2a:ee:72:83:d1:ac:ea:3c:
a3:0a:17:69:d9:64:10:6b:9e:9b:7a:9c:83:8e:a8:
5e:74:04:cd:85:dc:73:0b:bc:4f:12:bc:88:05:b5:
8a:cd:ad:8e:8f:a6:8f:77:27:40:45:bf:bd:6c:ba:
c3:e0:a1:87:5f:dc:08:82:aa:cd:2c:3d:d3:a0:75:
d5:b1:67:b1:80:dc:09:5a:18:75:c1:dc:91:db:ae:
1f:04:79:5a:dd:b5:e9:a6:42:47:73:3d:86:bc:40:
d1:e5:d4:41:ea:e7:30:f3:43:9c:48:0d:e9:36:49:
e2:4b:e9:15:ca:14:c3:8e:52:18:e9:82:df:26:e7:
df:9a:58:79:5a:8e:6f:9d:91:49:25:06:b5:c5:36:
0c:66:69:7c:c1:5f:f7:0f:13:af:48:e6:1d:8c:bf:
3f:6c:75:d8:93:68:fc:d5:0f:7c:4c:aa:6e:df:15:
e4:eb:9a:7b:fd:cc:33:33:c2:6c:e2:1e:34:5b:cd:
c8:c2:93:ac:27:0e:a3:b2:6b:42:40:a7:3b:98:27:
81:91:c1:bf:df:15:88:dc:04:37:32:38:b7:83:2e:
01:a7:2e:82:89:04:fa:15:78:91:95:09:25:15:fd:
7b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:F0:5C:C9:CF:B8:85:66:26:DE:27:F1:9F:1A:64:D5:EF:A9:93:CB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_vBcyc-4hWYm3ifxnxpk1e-pk8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
08:48:21:8f:ed:1d:62:47:9b:cd:ed:5f:7d:0f:ea:41:7e:66:
39:b3:68:7c:47:63:82:f5:71:33:ae:87:d9:8d:d2:93:06:e8:
c8:16:b3:8f:52:ef:ab:39:ff:59:a2:1d:f5:04:75:b5:f4:3c:
89:de:8b:3f:19:e6:47:81:23:77:b2:a0:2e:0a:fe:e8:8a:4d:
56:84:0d:8d:75:c1:cc:9d:c5:d5:0c:9b:d6:ff:59:f8:d7:aa:
72:09:4b:bc:5f:18:dc:bf:3c:c6:7b:59:e1:e9:bf:1f:cb:1a:
08:e1:cf:7d:fa:b2:6e:24:84:f6:58:cd:8c:0c:1c:0d:95:e9:
71:9a:49:ec:43:2a:34:7f:c1:3e:3c:2b:70:98:f4:7d:59:f7:
08:dc:04:8b:1a:c4:f3:d5:80:d4:89:c3:ca:65:2f:98:c5:d9:
af:08:45:12:c4:35:8b:22:00:d5:c7:8c:b9:fa:c8:f7:fa:f3:
f9:7f:a8:28:bf:54:94:fb:35:a8:74:41:ce:dc:cf:68:b5:f6:
bb:20:19:89:3c:87:76:05:3c:00:2a:63:78:5a:99:fa:c3:7b:
a4:e3:d1:6a:cf:9a:c5:f0:9a:a9:02:cd:96:6a:12:75:50:f1:
04:bb:f2:88:4d:27:40:ad:65:37:ed:7e:8e:51:ed:b9:db:17:
6d:28:0d:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYawX5porHsmIdhTbS/A0d57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA1MDYwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWYwNWNjOWNmYjg4NTY2MjZkZTI3ZjE5ZjFhNjRkNWVmYTk5M2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArySn8+wF4wFYqX+Zr86143UEQkkB
Ku5yg9Gs6jyjChdp2WQQa56bepyDjqhedATNhdxzC7xPEryIBbWKza2Oj6aPdydA
Rb+9bLrD4KGHX9wIgqrNLD3ToHXVsWexgNwJWhh1wdyR264fBHla3bXppkJHcz2G
vEDR5dRB6ucw80OcSA3pNkniS+kVyhTDjlIY6YLfJuffmlh5Wo5vnZFJJQa1xTYM
Zml8wV/3DxOvSOYdjL8/bHXYk2j81Q98TKpu3xXk65p7/cwzM8Js4h40W83IwpOs
Jw6jsmtCQKc7mCeBkcG/3xWI3AQ3Mji3gy4Bpy6CiQT6FXiRlQklFf17qQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP7wXMnPuIVmJt4n8Z8aZNXvqZPLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvX3ZCY3ljLTRoV1ltM2lmeG54cGsxZS1wazhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAhIIY/tHWJHm83tX30P
6kF+ZjmzaHxHY4L1cTOuh9mN0pMG6MgWs49S76s5/1miHfUEdbX0PIneiz8Z5keB
I3eyoC4K/uiKTVaEDY11wcydxdUMm9b/WfjXqnIJS7xfGNy/PMZ7WeHpvx/LGgjh
z336sm4khPZYzYwMHA2V6XGaSexDKjR/wT48K3CY9H1Z9wjcBIsaxPPVgNSJw8pl
L5jF2a8IRRLENYsiANXHjLn6yPf68/l/qCi/VJT7Nah0Qc7cz2i19rsgGYk8h3YF
PAAqY3hamfrDe6Tj0WrPmsXwmqkCzZZqEnVQ8QS78ohNJ0CtZTftfo5R7bnbF20o
Dao=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:36:53 2025 by rpki-client