Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aLfVCvfw_vl5wacy8WhD-X27jY4.roa
File: aLfVCvfw_vl5wacy8WhD-X27jY4.roa (raw, json)
Hash identifier: gvUd0gzOstnS8GBRMLtYP6K2zW6Tb6sL5uqxm1xUnVU=
Subject key identifier: 68:B7:D5:0A:F7:F0:FE:F9:79:C1:A7:32:F1:68:43:F9:7D:BB:8D:8E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3CEF712F92E4FDB85B68491DD08FCAF6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aLfVCvfw_vl5wacy8WhD-X27jY4.roa
Signing time: Mon 28 Aug 2023 16:17:19 +0000
ROA not before: Mon 28 Aug 2023 16:17:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:ef:71:2f:92:e4:fd:b8:5b:68:49:1d:d0:8f:ca:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 16:17:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68b7d50af7f0fef979c1a732f16843f97dbb8d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a0:fa:80:e0:18:ee:b9:58:af:a2:a9:ff:71:
19:03:ba:20:64:d6:6e:fd:87:bf:5e:05:86:61:88:
4e:3c:ee:a6:9a:f1:02:0e:3a:e0:7f:b1:8e:6e:f5:
58:59:5c:4c:c3:2e:07:b3:82:bc:be:05:a2:88:eb:
0b:90:71:8b:85:3e:8b:cf:9e:7c:d7:6d:96:81:48:
1a:03:24:34:5f:93:d9:d9:70:97:79:e5:28:6b:aa:
9f:1a:9e:5a:16:19:cd:e5:94:ec:97:d0:44:29:91:
0a:c4:d2:0d:10:e5:3c:4b:6f:30:e9:4f:15:10:ca:
2c:87:08:f9:5d:b7:36:df:a8:f5:6b:a9:95:6d:90:
aa:0f:c4:0b:30:61:dd:ea:86:c6:7e:ec:2e:e5:fb:
ca:3e:1c:27:a9:28:7e:fe:4b:fb:89:a2:1e:aa:8c:
98:45:87:84:cc:81:d7:8c:f8:83:1f:a8:23:da:d9:
08:ef:50:e2:5f:25:0b:8d:bd:cb:05:8b:42:08:f8:
a9:6a:43:1a:d7:ac:91:5e:6c:68:ba:57:76:3f:71:
a3:09:4b:fd:6d:bf:5a:60:bb:ff:77:00:fc:d3:87:
d0:0f:e8:15:60:ac:62:27:55:2a:1c:6a:33:24:4f:
ac:cb:4e:c9:e5:ac:71:de:be:2b:03:f4:cf:f8:78:
64:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B7:D5:0A:F7:F0:FE:F9:79:C1:A7:32:F1:68:43:F9:7D:BB:8D:8E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aLfVCvfw_vl5wacy8WhD-X27jY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:b7:df:e7:6f:c1:6b:04:6e:f3:cd:a0:b5:90:0e:76:bb:86:
e1:e1:94:46:91:58:25:f4:d0:28:5d:c4:49:a5:c6:59:be:1c:
11:eb:e9:ca:8f:dd:e4:ac:3d:6c:62:a2:25:f5:c4:1b:90:4b:
a4:d2:d6:c5:3f:bc:a4:9b:70:7c:e2:cc:53:8d:99:c9:77:a8:
f3:d2:93:a4:ea:1b:b9:9a:05:f7:f2:b6:ea:42:cd:71:ca:da:
47:ba:2b:d4:bc:04:e0:2e:e4:88:70:29:f5:f8:c6:48:b5:8d:
49:10:04:0f:e9:a6:6f:54:45:06:06:ee:ed:2e:23:d3:8d:d9:
2a:9f:2b:ca:b6:af:5a:48:01:e8:9d:24:2d:7c:18:32:0b:63:
1d:c7:96:72:2c:15:ba:92:00:00:16:0f:54:c2:01:d4:fc:21:
e6:b9:31:fb:08:82:50:bb:e9:f1:21:40:ce:5e:5c:13:34:56:
0c:35:57:5e:f5:a4:cb:af:20:75:a2:3e:be:ba:a6:95:56:a5:
ee:a1:b5:4d:4a:1f:65:76:a5:c8:dc:eb:16:ef:b0:ff:cb:35:
12:09:8e:fc:85:54:a6:71:c4:14:f4:61:d5:87:0d:27:5a:60:
7e:b3:14:c8:74:68:8d:2d:52:df:7f:15:54:0c:de:0b:cf:1f:
11:3f:17:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo873EvkuT9uFtoSR3Qj8r2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI4MTYxNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGI3ZDUwYWY3ZjBmZWY5NzljMWE3MzJmMTY4NDNmOTdkYmI4ZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaD6gOAY7rlYr6Kp/3EZA7ogZNZu
/Ye/XgWGYYhOPO6mmvECDjrgf7GObvVYWVxMwy4Hs4K8vgWiiOsLkHGLhT6Lz558
122WgUgaAyQ0X5PZ2XCXeeUoa6qfGp5aFhnN5ZTsl9BEKZEKxNINEOU8S28w6U8V
EMoshwj5Xbc236j1a6mVbZCqD8QLMGHd6obGfuwu5fvKPhwnqSh+/kv7iaIeqoyY
RYeEzIHXjPiDH6gj2tkI71DiXyULjb3LBYtCCPipakMa16yRXmxould2P3GjCUv9
bb9aYLv/dwD804fQD+gVYKxiJ1UqHGozJE+sy07J5axx3r4rA/TP+HhkJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGi31Qr38P75ecGnMvFoQ/l9u42OMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYUxmVkN2Zndfdmw1d2FjeThXaEQtWDI3alk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEO33+dvwWsEbvPNoLWQ
Dna7huHhlEaRWCX00ChdxEmlxlm+HBHr6cqP3eSsPWxioiX1xBuQS6TS1sU/vKSb
cHzizFONmcl3qPPSk6TqG7maBffytupCzXHK2ke6K9S8BOAu5IhwKfX4xki1jUkQ
BA/ppm9URQYG7u0uI9ON2SqfK8q2r1pIAeidJC18GDILYx3HlnIsFbqSAAAWD1TC
AdT8Iea5MfsIglC76fEhQM5eXBM0Vgw1V171pMuvIHWiPr66ppVWpe6htU1KH2V2
pcjc6xbvsP/LNRIJjvyFVKZxxBT0YdWHDSdaYH6zFMh0aI0tUt9/FVQM3gvPHxE/
F6Y=
-----END CERTIFICATE-----
Generated at Thu May 1 16:05:02 2025 by rpki-client