Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aVbhCCHlTlzaB9zeah5TqZIoT_M.roa
File: aVbhCCHlTlzaB9zeah5TqZIoT_M.roa (raw, json)
Hash identifier: swv2y+6/f1C7kMp5Bu3Ke7PXhZ+wtBH32fz/o4/kTlE=
Subject key identifier: 69:56:E1:08:21:E5:4E:5C:DA:07:DC:DE:6A:1E:53:A9:92:28:4F:F3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185831EF474B576E5B446D4909E08EFEF7B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aVbhCCHlTlzaB9zeah5TqZIoT_M.roa
Signing time: Thu 05 Jan 2023 18:08:42 +0000
ROA not before: Thu 05 Jan 2023 18:08:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:83:1e:f4:74:b5:76:e5:b4:46:d4:90:9e:08:ef:ef:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 5 18:08:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6956e10821e54e5cda07dcde6a1e53a992284ff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:68:61:49:f1:dd:f5:8d:02:78:03:d5:10:ce:
8e:bb:84:7e:23:5a:7e:7e:87:37:ed:ac:76:84:67:
b5:6d:cb:c9:c9:dc:42:58:53:2d:a1:77:33:f0:53:
7c:0e:4b:43:ea:e7:00:d6:01:4c:09:20:b3:66:ac:
4a:1c:a8:06:3f:12:d8:03:60:ab:8f:bf:e9:11:b9:
42:52:50:f1:96:ca:25:ce:c4:44:4d:11:b2:5e:b4:
b1:09:b9:bf:6d:55:24:db:0e:c4:ee:81:82:e7:ce:
dc:91:64:80:8a:75:44:2a:c4:9d:41:97:de:b7:65:
59:dc:7b:17:54:68:66:89:6e:4f:1d:65:ea:46:2e:
a9:15:d3:04:a0:0b:fb:6a:5e:34:7a:67:0c:18:41:
96:fc:f5:ea:ba:73:78:21:4c:df:db:ab:c4:1c:e9:
1e:63:47:46:30:b0:53:b3:af:c2:82:5d:48:0e:eb:
4d:ec:ac:5d:9c:35:ea:1c:c1:8e:fb:84:84:6e:20:
29:ba:f6:80:72:c9:2c:37:05:f2:eb:7f:da:3d:9a:
76:40:e3:84:4e:be:05:30:f6:04:cb:4c:c1:32:7a:
2a:cf:ba:c2:71:ab:57:c5:6f:84:88:53:05:fa:3f:
67:06:b4:e2:d6:13:6c:4c:b5:59:db:46:1c:99:e9:
d9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:56:E1:08:21:E5:4E:5C:DA:07:DC:DE:6A:1E:53:A9:92:28:4F:F3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aVbhCCHlTlzaB9zeah5TqZIoT_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:f3:24:68:e7:ae:3e:68:b1:12:b8:c5:7c:8e:57:b4:26:0e:
a3:93:88:c5:62:3b:5a:ac:db:fe:de:17:2e:88:9c:de:d8:1f:
5f:4d:81:5e:14:a3:c5:4d:cb:ec:eb:57:94:11:68:0a:aa:61:
88:24:de:68:f6:40:e9:24:3c:db:3d:57:08:a7:93:d7:71:47:
3a:54:ab:e8:e2:00:9a:92:2f:15:74:93:83:34:0a:b8:1f:10:
58:eb:1f:58:9f:11:1b:fe:65:11:83:bc:b0:90:84:b4:57:9f:
f9:48:63:7b:6b:1d:1d:f7:e5:93:08:ee:53:1e:e0:b3:ab:df:
49:0a:d7:7b:2a:cd:82:ef:a2:85:46:e5:d9:f3:06:ab:00:ab:
99:db:57:24:ab:05:f6:a1:80:2e:71:c1:e2:f1:02:70:47:43:
68:e7:f7:33:43:f2:08:a0:b4:f0:7c:57:3e:c7:b9:e6:52:e7:
1d:6f:e0:48:5b:7e:2a:97:ca:49:76:86:75:e2:6a:18:2c:1e:
a3:89:ae:07:6d:e4:2f:66:67:69:64:50:5b:0e:81:bf:2f:82:
44:64:f7:a2:3a:4a:d2:ee:dc:84:53:ad:be:99:e5:1f:25:4b:
8b:92:16:b1:45:74:f5:51:38:d4:1c:64:4a:95:f5:e9:03:35:
f9:3a:e2:cc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWDHvR0tXbltEbUkJ4I7+97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA1MTgwODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTU2ZTEwODIxZTU0ZTVjZGEwN2RjZGU2YTFlNTNhOTkyMjg0ZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWhhSfHd9Y0CeAPVEM6Ou4R+I1p+
foc37ax2hGe1bcvJydxCWFMtoXcz8FN8DktD6ucA1gFMCSCzZqxKHKgGPxLYA2Cr
j7/pEblCUlDxlsolzsRETRGyXrSxCbm/bVUk2w7E7oGC587ckWSAinVEKsSdQZfe
t2VZ3HsXVGhmiW5PHWXqRi6pFdMEoAv7al40emcMGEGW/PXqunN4IUzf26vEHOke
Y0dGMLBTs6/Cgl1IDutN7KxdnDXqHMGO+4SEbiApuvaAcsksNwXy63/aPZp2QOOE
Tr4FMPYEy0zBMnoqz7rCcatXxW+EiFMF+j9nBrTi1hNsTLVZ20YcmenZPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGlW4Qgh5U5c2gfc3moeU6mSKE/zMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYVZiaENDSGxUbHphQjl6ZWFoNVRxWklvVF9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACbzJGjnrj5osRK4xXyO
V7QmDqOTiMViO1qs2/7eFy6InN7YH19NgV4Uo8VNy+zrV5QRaAqqYYgk3mj2QOkk
PNs9Vwink9dxRzpUq+jiAJqSLxV0k4M0CrgfEFjrH1ifERv+ZRGDvLCQhLRXn/lI
Y3trHR335ZMI7lMe4LOr30kK13sqzYLvooVG5dnzBqsAq5nbVySrBfahgC5xweLx
AnBHQ2jn9zND8gigtPB8Vz7HueZS5x1v4EhbfiqXykl2hnXiahgsHqOJrgdt5C9m
Z2lkUFsOgb8vgkRk96I6StLu3IRTrb6Z5R8lS4uSFrFFdPVRONQcZEqV9ekDNfk6
4sw=
-----END CERTIFICATE-----
Generated at Sat May 3 19:15:35 2025 by rpki-client