Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cwl8cReLxTkIUVmd90ehNh1bqD8.roa
File: cwl8cReLxTkIUVmd90ehNh1bqD8.roa (raw, json)
Hash identifier: GNsxjHf35TGVi1j1QvU5+/IxCHOjr1nSF4/9gGL5IQc=
Subject key identifier: 73:09:7C:71:17:8B:C5:39:08:51:59:9D:F7:47:A1:36:1D:5B:A8:3F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01859E971319FA23ABD281D821D8C12D334F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cwl8cReLxTkIUVmd90ehNh1bqD8.roa
Signing time: Wed 11 Jan 2023 02:09:39 +0000
ROA not before: Wed 11 Jan 2023 02:09:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9e:97:13:19:fa:23:ab:d2:81:d8:21:d8:c1:2d:33:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 11 02:09:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73097c71178bc5390851599df747a1361d5ba83f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:39:49:c6:d2:d9:7d:22:3d:c2:d5:f0:5d:57:
ac:fd:82:ae:9c:1f:80:a3:ca:b6:88:fd:0e:6f:86:
0e:aa:d2:c9:71:48:ed:67:30:47:91:ed:7c:2b:07:
98:6b:bc:fb:82:ee:6e:d6:9d:71:0f:e5:77:83:83:
bd:d3:d0:03:5f:fa:d1:11:1e:dc:3c:35:10:05:98:
78:44:ab:7a:c6:a0:7f:0e:d0:f1:51:13:76:f0:18:
64:69:b0:cb:b2:eb:fd:1c:f2:c3:d4:a6:81:50:06:
5b:65:ce:33:7f:c4:e7:21:09:3a:10:ac:62:8b:db:
33:9f:ef:9e:c8:fe:ea:ab:25:25:51:bf:b5:bf:9b:
6d:29:a4:3d:32:9d:d6:58:20:5c:ed:75:58:ea:66:
ba:2b:4b:d9:53:88:c5:9e:18:16:ba:0e:17:94:ad:
3a:1b:47:e2:d1:3e:df:3a:84:ff:0f:27:ea:83:9f:
32:e8:92:68:55:dd:32:51:c6:fb:ee:1f:ea:9d:26:
63:a1:42:b3:0f:a7:12:ef:ab:e8:98:2e:5e:69:3e:
ed:8b:3d:1f:47:0a:76:22:1e:f3:0b:13:7e:df:a9:
d3:e6:87:66:2b:f1:84:3e:f4:29:34:6f:74:6d:45:
58:92:df:a4:6e:d8:9b:fa:a9:c5:ae:99:1b:2d:b2:
2e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:09:7C:71:17:8B:C5:39:08:51:59:9D:F7:47:A1:36:1D:5B:A8:3F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cwl8cReLxTkIUVmd90ehNh1bqD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:f3:d4:9d:43:ec:cb:b8:78:35:c3:ae:af:80:76:95:ce:c2:
d3:bc:55:c7:51:20:30:b4:ee:b0:b0:6a:e4:58:55:f1:91:3e:
12:eb:fd:54:bd:05:d4:b9:38:5c:a1:a8:73:10:da:5a:60:3b:
8e:83:e2:9b:0b:15:8d:e3:54:1a:67:ed:8c:65:21:b7:6d:ce:
c9:9a:fb:78:10:9e:09:f9:2d:14:1d:0f:8f:9d:03:2d:e4:28:
78:2d:06:6c:53:3c:fe:d9:fc:cc:ae:47:41:75:20:8f:24:f0:
6e:91:20:8b:0d:9b:63:cd:cc:ce:3a:5d:ea:d0:91:c1:7d:96:
9e:b3:2e:f4:da:a7:a6:8f:bc:a5:3a:bd:21:af:fc:cc:92:54:
0f:1b:c2:f5:d4:e6:1f:37:22:a1:d9:d0:44:47:15:b3:bf:3a:
35:73:1d:89:17:0c:6e:43:7d:62:20:80:97:c5:ce:85:85:2f:
ba:bf:e3:eb:6e:c9:26:89:3b:a8:5a:81:a3:78:39:54:9f:f5:
5d:68:32:28:c0:ff:30:8a:b6:40:85:96:d1:4b:31:26:49:3d:
e0:21:d0:35:44:4f:43:01:7a:95:91:5a:3b:9f:87:cd:19:33:
5c:ec:fc:5a:87:38:2c:0d:2b:2d:6f:d6:f1:68:c1:15:8b:da:
ca:f4:e4:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWelxMZ+iOr0oHYIdjBLTNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTExMDIwOTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzA5N2M3MTE3OGJjNTM5MDg1MTU5OWRmNzQ3YTEzNjFkNWJhODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDlJxtLZfSI9wtXwXVes/YKunB+A
o8q2iP0Ob4YOqtLJcUjtZzBHke18KweYa7z7gu5u1p1xD+V3g4O909ADX/rRER7c
PDUQBZh4RKt6xqB/DtDxURN28BhkabDLsuv9HPLD1KaBUAZbZc4zf8TnIQk6EKxi
i9szn++eyP7qqyUlUb+1v5ttKaQ9Mp3WWCBc7XVY6ma6K0vZU4jFnhgWug4XlK06
G0fi0T7fOoT/Dyfqg58y6JJoVd0yUcb77h/qnSZjoUKzD6cS76vomC5eaT7tiz0f
Rwp2Ih7zCxN+36nT5odmK/GEPvQpNG90bUVYkt+kbtib+qnFrpkbLbIuuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHMJfHEXi8U5CFFZnfdHoTYdW6g/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvY3dsOGNSZUx4VGtJVVZtZDkwZWhOaDFicUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHTz1J1D7Mu4eDXDrq+A
dpXOwtO8VcdRIDC07rCwauRYVfGRPhLr/VS9BdS5OFyhqHMQ2lpgO46D4psLFY3j
VBpn7YxlIbdtzsma+3gQngn5LRQdD4+dAy3kKHgtBmxTPP7Z/MyuR0F1II8k8G6R
IIsNm2PNzM46XerQkcF9lp6zLvTap6aPvKU6vSGv/MySVA8bwvXU5h83IqHZ0ERH
FbO/OjVzHYkXDG5DfWIggJfFzoWFL7q/4+tuySaJO6hagaN4OVSf9V1oMijA/zCK
tkCFltFLMSZJPeAh0DVET0MBepWRWjufh80ZM1zs/FqHOCwNKy1v1vFowRWL2sr0
5FQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:52:15 2025 by rpki-client