Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d3FdQHhUKV1DJvDkpsILttUSW6E.roa
File: d3FdQHhUKV1DJvDkpsILttUSW6E.roa (raw, json)
Hash identifier: fx/09wblquePe6VCgZ5oFkArtiD/yZgXgtNTGoqFRFo=
Subject key identifier: 77:71:5D:40:78:54:29:5D:43:26:F0:E4:A6:C2:0B:B6:D5:12:5B:A1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A36739652503518ACEC42E96199DFD4CA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d3FdQHhUKV1DJvDkpsILttUSW6E.roa
Signing time: Sun 27 Aug 2023 10:04:19 +0000
ROA not before: Sun 27 Aug 2023 10:04:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:3673:85bc/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:36:73:96:52:50:35:18:ac:ec:42:e9:61:99:df:d4:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 27 10:04:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77715d407854295d4326f0e4a6c20bb6d5125ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:00:a9:ef:37:d1:39:9f:11:06:8d:fd:dc:3a:
ac:d7:9f:d6:e9:8e:dc:28:56:81:ed:e6:97:45:7d:
59:08:ca:3e:c3:b9:72:97:cd:55:17:58:15:30:31:
89:73:88:d3:00:36:a8:95:b5:9b:e8:5b:d4:0a:b5:
66:c2:03:f9:57:36:52:54:4b:44:04:74:8d:aa:39:
47:c9:b5:2b:7d:96:2e:e8:86:80:0d:ac:07:43:2f:
36:68:39:07:1b:fc:cd:64:2b:0d:89:2e:d1:f4:f9:
e3:f0:20:ae:0e:70:7a:fd:f0:02:3a:cc:34:1a:47:
24:a7:3f:b9:8c:1c:1c:87:fc:b1:f3:27:89:94:dd:
2f:55:95:ce:2a:bf:69:2c:52:cc:d4:6c:f2:e4:9e:
50:38:1e:74:3c:a7:24:f4:6c:5d:3a:b8:48:52:af:
1d:46:c0:56:dc:4f:63:45:b5:f2:32:1c:39:18:88:
df:85:b5:8e:16:4e:27:99:70:37:9b:4d:1f:44:38:
cf:bc:00:c7:ca:a1:d0:48:c5:2e:71:82:51:a7:1e:
98:ce:f2:50:21:9a:04:9a:34:a2:16:2c:72:c1:49:
ae:af:72:49:69:48:f0:28:f5:85:62:56:c3:f1:93:
52:de:7c:c4:01:62:b3:0f:20:ee:46:cc:66:8a:7f:
1b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:71:5D:40:78:54:29:5D:43:26:F0:E4:A6:C2:0B:B6:D5:12:5B:A1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d3FdQHhUKV1DJvDkpsILttUSW6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:f5:44:34:20:ab:bc:01:8f:c1:aa:80:4b:c4:f3:ff:68:d8:
ae:0a:6a:ee:a6:2c:6e:05:75:5a:a6:62:3f:01:31:8b:2d:cd:
98:72:7e:11:1e:3c:bb:53:7e:1e:23:c6:65:a3:01:99:92:d0:
f5:a0:99:05:48:0d:4d:13:bc:8a:f5:bd:16:29:2d:f0:06:75:
51:e7:9d:73:9a:63:eb:8b:2d:39:f0:91:32:1d:a5:49:82:08:
cd:c4:f3:d6:da:b1:84:17:01:a7:65:c0:83:5d:23:87:13:85:
a9:f0:ed:b9:35:97:98:e7:cc:ce:44:30:42:6e:cc:9e:6f:22:
ef:6b:46:6f:53:99:08:22:13:91:c1:b5:ad:04:2d:4c:26:94:
26:eb:e2:53:f5:bf:a0:b6:16:b1:c1:86:6d:41:e7:72:6c:6b:
68:40:3f:b7:eb:be:b2:77:a3:1e:1b:20:4f:62:31:6e:43:01:
1c:dc:70:49:5a:a9:42:75:72:26:62:3d:ac:0a:f8:7a:0e:09:
09:39:0d:d7:eb:83:41:b0:5e:0d:c3:9f:b7:0d:65:71:c3:74:
a4:55:ec:2f:7c:30:e0:25:09:1c:ac:9b:3c:fc:66:51:94:b2:
9a:02:83:df:4c:9f:30:9f:36:75:99:e1:89:48:6e:20:08:4a:
55:c0:19:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo2c5ZSUDUYrOxC6WGZ39TKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI3MTAwNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzcxNWQ0MDc4NTQyOTVkNDMyNmYwZTRhNmMyMGJiNmQ1MTI1YmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQCp7zfROZ8RBo393Dqs15/W6Y7c
KFaB7eaXRX1ZCMo+w7lyl81VF1gVMDGJc4jTADaolbWb6FvUCrVmwgP5VzZSVEtE
BHSNqjlHybUrfZYu6IaADawHQy82aDkHG/zNZCsNiS7R9Pnj8CCuDnB6/fACOsw0
Gkckpz+5jBwch/yx8yeJlN0vVZXOKr9pLFLM1Gzy5J5QOB50PKck9GxdOrhIUq8d
RsBW3E9jRbXyMhw5GIjfhbWOFk4nmXA3m00fRDjPvADHyqHQSMUucYJRpx6YzvJQ
IZoEmjSiFixywUmur3JJaUjwKPWFYlbD8ZNS3nzEAWKzDyDuRsxmin8bkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHdxXUB4VCldQybw5KbCC7bVEluhMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZDNGZFFIaFVLVjFESnZEa3BzSUx0dFVTVzZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGX1RDQgq7wBj8GqgEvE
8/9o2K4Kau6mLG4FdVqmYj8BMYstzZhyfhEePLtTfh4jxmWjAZmS0PWgmQVIDU0T
vIr1vRYpLfAGdVHnnXOaY+uLLTnwkTIdpUmCCM3E89basYQXAadlwINdI4cThanw
7bk1l5jnzM5EMEJuzJ5vIu9rRm9TmQgiE5HBta0ELUwmlCbr4lP1v6C2FrHBhm1B
53Jsa2hAP7frvrJ3ox4bIE9iMW5DARzccElaqUJ1ciZiPawK+HoOCQk5Ddfrg0Gw
Xg3Dn7cNZXHDdKRV7C98MOAlCRysmzz8ZlGUspoCg99MnzCfNnWZ4YlIbiAISlXA
GRQ=
-----END CERTIFICATE-----
Generated at Thu May 1 18:44:55 2025 by rpki-client