Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cW9dKhFPXfAidLK1xN_HmIPo3tw.roa
File: cW9dKhFPXfAidLK1xN_HmIPo3tw.roa (raw, json)
Hash identifier: VP/qk1je3Aj4+HQsIL7XhjzXvwqziThQsoQMPnnz+qA=
Subject key identifier: 71:6F:5D:2A:11:4F:5D:F0:22:74:B2:B5:C4:DF:C7:98:83:E8:DE:DC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184D81FBAA19BE5AC29EA7D2D4475F79E06
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cW9dKhFPXfAidLK1xN_HmIPo3tw.roa
Signing time: Sat 03 Dec 2022 13:14:28 +0000
ROA not before: Sat 03 Dec 2022 13:14:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d8:1f:ba:a1:9b:e5:ac:29:ea:7d:2d:44:75:f7:9e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 3 13:14:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=716f5d2a114f5df02274b2b5c4dfc79883e8dedc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d4:f1:07:c0:b8:b7:84:97:b1:80:6d:b0:2a:
74:c7:dd:54:6e:8e:cd:15:84:1c:dc:3f:f4:c6:36:
0b:8b:3b:00:18:af:9c:5c:19:3c:0a:e7:68:dd:f1:
fb:ce:1f:23:ab:9c:13:ec:2f:62:03:aa:36:d2:a7:
18:8e:62:d4:d3:f4:52:3f:72:1a:0a:4c:42:98:38:
c2:3c:ab:fd:9d:1f:68:70:67:60:3a:07:db:4f:ba:
38:6e:0d:38:9a:f5:dd:bb:bd:9b:4c:05:1f:d6:61:
74:08:ef:96:59:45:49:db:e2:43:15:cc:88:75:e8:
15:60:22:6f:a7:10:45:6d:af:37:fa:94:d7:84:be:
3d:af:f4:46:60:78:3e:39:be:51:3e:a4:da:e2:56:
ab:2f:c6:95:33:d1:74:e4:e3:db:1a:ce:9a:0d:de:
ef:12:86:d2:61:cc:d5:4f:4f:3b:fe:63:f1:9b:4f:
bd:16:84:f9:4b:f5:02:37:c7:6e:3c:38:51:54:1f:
03:1a:07:0d:54:08:85:e1:86:d2:ba:63:a8:ca:f3:
ea:10:79:c2:6b:0e:53:ce:8d:38:b3:ea:cb:f7:29:
a3:5d:b9:ac:92:d9:0e:cb:29:ab:94:d6:72:ff:b5:
24:b4:f7:b1:6e:68:a0:67:55:36:52:22:f8:4a:e7:
bb:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:6F:5D:2A:11:4F:5D:F0:22:74:B2:B5:C4:DF:C7:98:83:E8:DE:DC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cW9dKhFPXfAidLK1xN_HmIPo3tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:d1:62:d9:01:b1:6d:eb:57:1e:c2:d9:67:aa:0b:2a:52:5b:
30:18:26:03:4e:54:eb:d7:63:13:55:01:93:f4:18:80:02:1c:
16:58:3b:e3:54:35:59:b9:11:ea:1f:77:a0:26:49:47:31:ea:
01:fc:a4:80:52:5f:51:fb:2c:22:8f:0c:cf:6f:35:c7:5f:e8:
bc:fc:ee:f3:4b:a8:8b:79:ec:53:cd:62:df:bf:d5:d2:62:08:
7a:fe:e6:6c:9f:76:1f:13:09:d3:ae:36:18:30:5d:a0:ff:1f:
bd:5f:a3:b9:bf:0c:c1:98:38:98:40:58:71:ce:a5:94:8a:4c:
b1:b5:2f:df:88:cc:fb:2f:1f:b4:b6:7d:8f:bb:d8:5b:9a:0c:
fa:36:08:3b:1f:12:30:d6:dc:e2:14:b1:30:ba:21:b9:7d:c3:
04:73:79:99:c3:67:b7:91:ab:ed:89:ac:ac:af:00:d9:45:10:
6e:54:6a:f4:18:4d:59:31:f0:53:30:0a:ff:2c:f4:b8:61:3d:
9f:5e:d9:2d:70:da:32:04:86:a0:7c:a5:28:04:b7:4f:23:18:
5d:52:8f:22:34:17:ea:e5:c3:92:e6:bd:8a:eb:56:dd:96:e0:
c0:c0:45:29:f1:4e:76:a6:e6:55:db:06:5e:dd:b8:d6:6e:5a:
de:5c:7f:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTYH7qhm+WsKep9LUR1954GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjAzMTMxNDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTZmNWQyYTExNGY1ZGYwMjI3NGIyYjVjNGRmYzc5ODgzZThkZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndTxB8C4t4SXsYBtsCp0x91Ubo7N
FYQc3D/0xjYLizsAGK+cXBk8Cudo3fH7zh8jq5wT7C9iA6o20qcYjmLU0/RSP3Ia
CkxCmDjCPKv9nR9ocGdgOgfbT7o4bg04mvXdu72bTAUf1mF0CO+WWUVJ2+JDFcyI
degVYCJvpxBFba83+pTXhL49r/RGYHg+Ob5RPqTa4larL8aVM9F05OPbGs6aDd7v
EobSYczVT087/mPxm0+9FoT5S/UCN8duPDhRVB8DGgcNVAiF4YbSumOoyvPqEHnC
aw5Tzo04s+rL9ymjXbmsktkOyymrlNZy/7UktPexbmigZ1U2UiL4Sue7KQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHFvXSoRT13wInSytcTfx5iD6N7cMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvY1c5ZEtoRlBYZkFpZExLMXhOX0htSVBvM3R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB7RYtkBsW3rVx7C2Weq
CypSWzAYJgNOVOvXYxNVAZP0GIACHBZYO+NUNVm5Eeofd6AmSUcx6gH8pIBSX1H7
LCKPDM9vNcdf6Lz87vNLqIt57FPNYt+/1dJiCHr+5myfdh8TCdOuNhgwXaD/H71f
o7m/DMGYOJhAWHHOpZSKTLG1L9+IzPsvH7S2fY+72FuaDPo2CDsfEjDW3OIUsTC6
Ibl9wwRzeZnDZ7eRq+2JrKyvANlFEG5UavQYTVkx8FMwCv8s9LhhPZ9e2S1w2jIE
hqB8pSgEt08jGF1SjyI0F+rlw5LmvYrrVt2W4MDARSnxTnam5lXbBl7duNZuWt5c
fzM=
-----END CERTIFICATE-----
Generated at Thu May 1 03:29:04 2025 by rpki-client