Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aVKJMYFjIX0FcMuINKNx6ipVt4E.roa
File: aVKJMYFjIX0FcMuINKNx6ipVt4E.roa (raw, json)
Hash identifier: 32OaRfFKLTU70mY+K4MvR89XIdSQ1i1e0wdwC+GwKSU=
Subject key identifier: 69:52:89:31:81:63:21:7D:05:70:CB:88:34:A3:71:EA:2A:55:B7:81
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A138039B947E56A738890606A96BA90F0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aVKJMYFjIX0FcMuINKNx6ipVt4E.roa
Signing time: Sun 20 Aug 2023 15:11:25 +0000
ROA not before: Sun 20 Aug 2023 15:11:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:13:80:39:b9:47:e5:6a:73:88:90:60:6a:96:ba:90:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 20 15:11:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=695289318163217d0570cb8834a371ea2a55b781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bd:83:eb:48:0c:88:cc:c5:dd:ab:7f:f1:4a:
00:7d:d1:46:77:2c:7a:69:1e:f2:3d:a9:e1:24:82:
df:cc:e7:7f:28:ad:f0:9a:18:41:12:1b:65:3e:9a:
bb:f8:6d:5b:d2:dd:01:93:9c:20:72:10:b9:97:5a:
7d:f7:03:35:9a:6f:87:98:c2:94:9c:05:c3:1a:f9:
66:c6:7c:e9:62:b5:3a:f5:23:8e:45:ed:c0:44:e3:
bf:80:bc:59:77:da:ef:75:e5:2d:1e:b3:a7:6c:ed:
71:dd:f1:cb:53:88:c7:a7:cc:34:5e:c1:82:37:c3:
06:54:56:89:9a:1a:bf:17:fe:73:40:78:a0:ff:0a:
d9:b3:c1:a3:7e:94:b1:3e:92:0e:46:6f:ba:5e:4d:
3e:b7:0f:91:4c:51:47:a4:b3:45:c7:eb:b1:d9:55:
95:4c:8f:9f:b9:f4:d4:03:e1:b2:bb:5a:7f:79:ad:
3c:15:d1:8b:e8:a1:be:68:e2:fa:27:71:39:40:a3:
5f:4d:f9:84:7b:77:a2:3f:da:83:e2:2a:37:12:d2:
c9:d4:f2:1a:1d:fb:93:53:8d:f0:21:84:e9:5b:e5:
f7:93:21:45:03:a5:1f:d6:3f:36:c5:e4:53:53:7a:
cc:0c:9c:78:b1:16:31:e8:7e:87:a4:ea:31:71:1a:
f0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:52:89:31:81:63:21:7D:05:70:CB:88:34:A3:71:EA:2A:55:B7:81
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aVKJMYFjIX0FcMuINKNx6ipVt4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:7c:35:7f:8b:24:74:2a:85:88:1f:bb:7a:ca:29:5d:d8:e6:
0a:bd:ad:34:0d:3b:60:b2:c5:7c:9e:cf:2f:0e:c2:b9:fa:ee:
18:7f:e7:67:24:f7:e3:69:14:7d:e6:99:98:9e:5f:6e:8f:a5:
76:a1:6d:04:e7:57:a8:42:f7:35:ba:2e:bc:e8:e2:24:ce:6f:
0f:29:44:21:b7:0a:9a:1a:af:fc:ef:5f:fc:90:d1:52:f4:e3:
4c:bd:ea:be:3c:78:44:0b:7a:d1:de:1a:01:00:a0:cb:ae:1b:
d6:df:18:86:17:01:ff:c0:1a:d8:3b:8e:45:9f:b6:ae:01:52:
77:3d:2f:a3:28:88:c3:65:cb:bf:94:ee:59:75:82:47:0b:41:
b9:ba:9a:2b:d8:56:b1:e5:62:c9:94:af:1a:42:f7:9e:11:12:
aa:5b:88:aa:93:81:44:e1:e4:e7:21:90:ba:79:9b:77:20:7d:
46:db:4f:10:44:9c:b0:64:f9:4c:99:6d:2d:70:32:82:86:d9:
c0:75:93:b8:ff:7a:16:ef:0d:66:16:f7:57:b1:c8:8a:ad:b6:
40:03:37:99:e8:bd:c2:5a:0c:fd:00:40:06:e0:89:a2:1c:d0:
05:20:14:9f:2a:15:f6:82:77:5d:46:00:cc:54:06:4b:b3:51:
b9:8c:8d:42
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoTgDm5R+Vqc4iQYGqWupDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIwMTUxMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTUyODkzMTgxNjMyMTdkMDU3MGNiODgzNGEzNzFlYTJhNTViNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlr2D60gMiMzF3at/8UoAfdFGdyx6
aR7yPanhJILfzOd/KK3wmhhBEhtlPpq7+G1b0t0Bk5wgchC5l1p99wM1mm+HmMKU
nAXDGvlmxnzpYrU69SOORe3AROO/gLxZd9rvdeUtHrOnbO1x3fHLU4jHp8w0XsGC
N8MGVFaJmhq/F/5zQHig/wrZs8GjfpSxPpIORm+6Xk0+tw+RTFFHpLNFx+ux2VWV
TI+fufTUA+Gyu1p/ea08FdGL6KG+aOL6J3E5QKNfTfmEe3eiP9qD4io3EtLJ1PIa
HfuTU43wIYTpW+X3kyFFA6Uf1j82xeRTU3rMDJx4sRYx6H6HpOoxcRrwAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGlSiTGBYyF9BXDLiDSjceoqVbeBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYVZLSk1ZRmpJWDBGY011SU5LTng2aXBWdDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAER8NX+LJHQqhYgfu3rK
KV3Y5gq9rTQNO2CyxXyezy8Owrn67hh/52ck9+NpFH3mmZieX26PpXahbQTnV6hC
9zW6Lrzo4iTObw8pRCG3Cpoar/zvX/yQ0VL040y96r48eEQLetHeGgEAoMuuG9bf
GIYXAf/AGtg7jkWftq4BUnc9L6MoiMNly7+U7ll1gkcLQbm6mivYVrHlYsmUrxpC
954REqpbiKqTgUTh5OchkLp5m3cgfUbbTxBEnLBk+UyZbS1wMoKG2cB1k7j/ehbv
DWYW91exyIqttkADN5novcJaDP0AQAbgiaIc0AUgFJ8qFfaCd11GAMxUBkuzUbmM
jUI=
-----END CERTIFICATE-----
Generated at Thu May 1 10:28:53 2025 by rpki-client