Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aA0g6dkEe1O4v1r7UDQiQldsddk.roa
File: aA0g6dkEe1O4v1r7UDQiQldsddk.roa (raw, json)
Hash identifier: TsNYnGeb3REsC76wPQK6h5/sVSVSxBRtWOqnucppnLw=
Subject key identifier: 68:0D:20:E9:D9:04:7B:53:B8:BF:5A:FB:50:34:22:42:57:6C:75:D9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185E9B2E4C9B893066F2BEDA66BD10CD03A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aA0g6dkEe1O4v1r7UDQiQldsddk.roa
Signing time: Wed 25 Jan 2023 16:11:33 +0000
ROA not before: Wed 25 Jan 2023 16:11:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:b2:e4:c9:b8:93:06:6f:2b:ed:a6:6b:d1:0c:d0:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 25 16:11:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=680d20e9d9047b53b8bf5afb50342242576c75d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:51:96:86:7f:2a:53:5a:23:8b:41:2d:79:a4:
d6:78:e4:1b:59:44:62:76:97:93:f4:92:f3:38:eb:
87:4b:b2:f0:03:1f:b2:ed:05:f6:3d:d7:4f:e5:14:
4c:22:73:a0:64:26:3d:24:42:aa:ee:90:4f:3d:c8:
23:45:91:86:03:6a:5a:bb:53:d8:99:e5:98:f6:12:
6b:48:3d:a1:9c:fe:03:c1:e5:b6:27:85:ba:05:a4:
21:2a:bc:60:c0:a1:bb:07:1e:53:84:9c:ff:eb:58:
74:73:69:67:92:8e:87:6e:69:59:f8:f7:ca:76:65:
91:c7:ab:eb:b5:67:ca:91:24:f0:65:61:a5:88:77:
22:73:86:56:5c:56:41:7e:d2:d0:6f:d9:8d:86:90:
b9:6a:b5:94:13:1c:1a:53:04:2e:2f:8a:eb:76:85:
72:f4:88:9a:89:48:66:71:32:d2:f9:17:38:6e:37:
69:1e:37:33:c1:05:6f:7e:15:14:96:81:5a:d6:a9:
a9:a7:3d:f3:c3:01:d7:c5:93:cb:b0:6c:12:a6:dc:
60:99:1b:e7:00:25:53:0b:b3:14:7d:37:1f:84:1d:
70:fe:45:c5:67:34:21:d3:05:b5:61:81:dd:4e:ac:
f2:b3:5a:b8:35:6f:6b:0e:f3:2e:21:8d:ef:47:98:
1b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:0D:20:E9:D9:04:7B:53:B8:BF:5A:FB:50:34:22:42:57:6C:75:D9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aA0g6dkEe1O4v1r7UDQiQldsddk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:34:05:5b:1c:3a:e9:ff:05:37:2b:59:68:dd:a8:56:8c:91:
8f:13:c4:1a:18:5d:d5:87:fb:8e:4c:26:a5:bc:39:bc:39:25:
13:4a:39:3e:dc:56:06:1e:74:6f:7d:d8:47:6a:d3:f0:61:b6:
a3:73:e9:1c:4b:2c:51:3a:87:b6:7d:ed:d5:3f:df:96:4b:d1:
0f:a9:ad:bf:b2:d7:35:52:f9:c3:40:fa:08:93:14:cc:cc:c3:
e8:14:81:46:0c:ec:a5:d4:c4:44:c1:03:f6:7d:02:2b:be:48:
9d:bf:3d:b7:24:b6:dc:83:7d:5b:b4:ec:e5:d0:29:05:69:eb:
71:53:3c:98:98:0d:ef:68:79:f2:64:95:31:ef:40:c5:44:98:
9d:c1:9c:ac:bd:9a:20:d5:f2:ef:97:76:a6:c4:45:06:86:9c:
7a:28:42:c8:d3:3d:9f:35:72:6b:06:a8:95:6c:29:64:35:7f:
d4:d6:a7:0d:f8:8a:1f:76:ff:53:76:cd:c2:25:c0:38:63:66:
7a:11:b5:de:9d:3a:c4:e3:de:48:dd:50:52:61:d0:9f:50:b5:
e7:51:e2:9f:20:c1:f1:d2:d6:15:3d:0d:8a:db:45:55:82:17:
99:e5:31:8c:22:29:9c:59:c2:35:ad:45:eb:c5:c1:dd:b7:93:
bf:f2:b9:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXpsuTJuJMGbyvtpmvRDNA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI1MTYxMTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODBkMjBlOWQ5MDQ3YjUzYjhiZjVhZmI1MDM0MjI0MjU3NmM3NWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8lGWhn8qU1oji0EteaTWeOQbWURi
dpeT9JLzOOuHS7LwAx+y7QX2PddP5RRMInOgZCY9JEKq7pBPPcgjRZGGA2pau1PY
meWY9hJrSD2hnP4DweW2J4W6BaQhKrxgwKG7Bx5ThJz/61h0c2lnko6HbmlZ+PfK
dmWRx6vrtWfKkSTwZWGliHcic4ZWXFZBftLQb9mNhpC5arWUExwaUwQuL4rrdoVy
9IiaiUhmcTLS+Rc4bjdpHjczwQVvfhUUloFa1qmppz3zwwHXxZPLsGwSptxgmRvn
ACVTC7MUfTcfhB1w/kXFZzQh0wW1YYHdTqzys1q4NW9rDvMuIY3vR5gbIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGgNIOnZBHtTuL9a+1A0IkJXbHXZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYUEwZzZka0VlMU80djFyN1VEUWlRbGRzZGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEQ0BVscOun/BTcrWWjd
qFaMkY8TxBoYXdWH+45MJqW8Obw5JRNKOT7cVgYedG992Edq0/BhtqNz6RxLLFE6
h7Z97dU/35ZL0Q+prb+y1zVS+cNA+giTFMzMw+gUgUYM7KXUxETBA/Z9Aiu+SJ2/
PbckttyDfVu07OXQKQVp63FTPJiYDe9oefJklTHvQMVEmJ3BnKy9miDV8u+XdqbE
RQaGnHooQsjTPZ81cmsGqJVsKWQ1f9TWpw34ih92/1N2zcIlwDhjZnoRtd6dOsTj
3kjdUFJh0J9QtedR4p8gwfHS1hU9DYrbRVWCF5nlMYwiKZxZwjWtRevFwd23k7/y
udc=
-----END CERTIFICATE-----
Generated at Thu May 1 08:26:02 2025 by rpki-client