Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cdrCrD9JIVDavVtj48muYLSLrIw.roa
File: cdrCrD9JIVDavVtj48muYLSLrIw.roa (raw, json)
Hash identifier: U6ChF6boxyBEbclPCQggbGjgHYOtBuVaffF/DXEtR6Y=
Subject key identifier: 71:DA:C2:AC:3F:49:21:50:DA:BD:5B:63:E3:C9:AE:60:B4:8B:AC:8C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018613551A9CF53F9ACF17C3562E1D0D89F9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cdrCrD9JIVDavVtj48muYLSLrIw.roa
Signing time: Thu 02 Feb 2023 18:13:09 +0000
ROA not before: Thu 02 Feb 2023 18:13:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:13:55:1a:9c:f5:3f:9a:cf:17:c3:56:2e:1d:0d:89:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 2 18:13:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71dac2ac3f492150dabd5b63e3c9ae60b48bac8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:54:91:02:d0:71:78:07:04:6e:3d:59:2c:37:
3e:9e:32:a9:52:16:9b:1f:cb:fc:19:8e:dc:62:ac:
f7:27:8a:30:ec:35:7a:98:12:07:35:0b:22:8c:e0:
b4:58:d9:53:ba:f2:f8:2d:14:9e:7f:92:46:08:81:
fc:0f:48:68:61:53:90:a5:df:8f:7f:2d:e6:a9:d9:
12:a1:50:43:1e:c2:bc:c8:84:01:c9:a3:87:fc:56:
19:c9:7a:9c:ca:0e:c4:b7:95:d0:a5:86:96:90:05:
e2:b2:c7:e2:6e:01:c1:ac:64:7d:1a:28:d2:f4:47:
bf:ed:a9:10:70:a0:4c:3b:92:60:e4:d8:ed:43:6c:
55:ee:1d:da:3c:07:63:d0:96:3d:9d:50:5e:1f:1b:
11:8f:c3:32:0a:df:31:c4:3b:f8:26:88:32:ae:3e:
e4:7e:98:37:04:40:32:45:70:ca:ca:8a:f7:d4:3b:
3a:2a:80:d5:51:56:8d:4b:85:b8:ff:10:69:49:5a:
43:c4:da:8d:02:8f:e5:12:ef:05:df:c3:21:59:5d:
93:de:ae:00:d0:5c:a2:f2:7b:21:94:cc:7b:57:cb:
6b:27:68:ff:6e:45:60:e6:63:93:78:2f:1e:f4:71:
40:5b:ec:90:8c:f3:8e:94:70:19:2c:7d:21:00:9f:
91:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:DA:C2:AC:3F:49:21:50:DA:BD:5B:63:E3:C9:AE:60:B4:8B:AC:8C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cdrCrD9JIVDavVtj48muYLSLrIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:34:fd:ca:9d:9d:17:29:09:be:41:03:18:48:be:17:16:79:
2b:20:06:59:9b:09:76:64:37:d5:3b:1d:f4:ac:2b:6c:08:a6:
2d:68:89:24:ee:04:e1:fc:c8:12:92:e4:04:d9:73:67:ae:74:
a9:f1:48:38:74:58:b6:03:9c:1d:57:69:db:85:6a:9c:6d:6a:
50:3a:c5:c5:1d:0c:4c:e1:67:5e:52:03:81:05:a8:de:44:5c:
de:6e:38:28:88:22:e5:2d:6b:17:57:80:ce:c2:1b:41:f2:79:
37:02:93:7e:30:97:d5:c5:6b:97:8a:71:36:d6:80:ae:49:63:
7e:c9:7f:88:48:2f:b3:49:7d:58:23:81:ff:1c:2b:58:d3:66:
cc:4b:2b:ba:48:92:cc:be:3d:52:b7:5f:34:01:7f:8e:ab:4e:
7d:a1:b9:ea:25:87:e8:c1:0b:7f:5a:e6:6d:89:5c:78:f0:8f:
66:59:d0:75:f2:f0:a5:e9:7e:02:d4:95:ce:e7:8f:2a:31:60:
ab:c8:66:1d:89:d6:3f:6a:8b:cf:f6:b8:70:4b:4c:1b:48:64:
a1:30:09:d0:81:ea:7c:0b:1c:4e:a7:40:22:57:7c:02:1a:79:
3f:4e:bc:9c:be:cb:0b:91:07:96:c4:32:bb:3d:c5:c1:a7:16:
44:70:1a:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYTVRqc9T+azxfDVi4dDYn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjAyMTgxMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWRhYzJhYzNmNDkyMTUwZGFiZDViNjNlM2M5YWU2MGI0OGJhYzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1SRAtBxeAcEbj1ZLDc+njKpUhab
H8v8GY7cYqz3J4ow7DV6mBIHNQsijOC0WNlTuvL4LRSef5JGCIH8D0hoYVOQpd+P
fy3mqdkSoVBDHsK8yIQByaOH/FYZyXqcyg7Et5XQpYaWkAXissfibgHBrGR9GijS
9Ee/7akQcKBMO5Jg5NjtQ2xV7h3aPAdj0JY9nVBeHxsRj8MyCt8xxDv4Jogyrj7k
fpg3BEAyRXDKyor31Ds6KoDVUVaNS4W4/xBpSVpDxNqNAo/lEu8F38MhWV2T3q4A
0Fyi8nshlMx7V8trJ2j/bkVg5mOTeC8e9HFAW+yQjPOOlHAZLH0hAJ+R7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHHawqw/SSFQ2r1bY+PJrmC0i6yMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvY2RyQ3JEOUpJVkRhdlZ0ajQ4bXVZTFNMckl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA80/cqdnRcpCb5BAxhI
vhcWeSsgBlmbCXZkN9U7HfSsK2wIpi1oiSTuBOH8yBKS5ATZc2eudKnxSDh0WLYD
nB1XaduFapxtalA6xcUdDEzhZ15SA4EFqN5EXN5uOCiIIuUtaxdXgM7CG0HyeTcC
k34wl9XFa5eKcTbWgK5JY37Jf4hIL7NJfVgjgf8cK1jTZsxLK7pIksy+PVK3XzQB
f46rTn2hueolh+jBC39a5m2JXHjwj2ZZ0HXy8KXpfgLUlc7njyoxYKvIZh2J1j9q
i8/2uHBLTBtIZKEwCdCB6nwLHE6nQCJXfAIaeT9OvJy+ywuRB5bEMrs9xcGnFkRw
GpI=
-----END CERTIFICATE-----
Generated at Thu May 1 10:03:55 2025 by rpki-client