Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d5oy90TbHe1UFIhxJZiebS94il8.roa
File: d5oy90TbHe1UFIhxJZiebS94il8.roa (raw, json)
Hash identifier: GyS8D2rgYhqI2c4qY+8Wtdn2cgy3iU5dBsGfww6shhA=
Subject key identifier: 77:9A:32:F7:44:DB:1D:ED:54:14:88:71:25:98:9E:6D:2F:78:8A:5F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185FB4A9790393339AF5FB4A6C3144D604B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d5oy90TbHe1UFIhxJZiebS94il8.roa
Signing time: Sun 29 Jan 2023 02:10:47 +0000
ROA not before: Sun 29 Jan 2023 02:10:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:fb:4a:97:90:39:33:39:af:5f:b4:a6:c3:14:4d:60:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 29 02:10:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=779a32f744db1ded5414887125989e6d2f788a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:36:ff:d2:1f:e7:4b:c4:17:e4:40:30:83:54:
2c:f1:60:09:6d:37:14:05:7c:5a:2d:22:5e:2b:4c:
5a:01:e4:ae:96:29:15:a1:6c:a3:80:95:40:3e:19:
e6:1c:4c:82:65:53:73:83:c0:e0:cc:62:72:6d:28:
41:fd:f2:15:81:2e:1e:8f:9f:88:2d:2f:f1:bd:a5:
46:61:e1:00:14:4f:d4:c3:09:bb:0d:87:b7:9e:41:
32:6c:3a:d1:76:b4:2d:d7:c3:18:8e:96:9e:ba:8b:
4a:a0:c2:24:e8:f5:e6:30:d4:02:1f:ff:23:c6:2d:
af:84:fa:3c:0f:44:3d:f0:94:a8:d8:10:e1:4c:61:
dc:ea:77:d4:a2:c8:a3:bd:8a:b7:b8:d0:b9:bc:33:
a4:4d:63:3e:3a:68:b3:c0:d3:50:26:4e:62:1e:db:
d2:76:b5:87:df:cc:ff:1d:e0:53:25:3f:94:56:a8:
73:3a:f9:c6:9d:e8:19:34:07:ee:f2:bc:36:de:eb:
c2:f7:4a:6b:b4:40:69:31:30:54:4b:a4:4c:14:99:
84:be:c5:2a:1d:28:5a:a2:5a:38:25:0d:e6:ef:92:
15:f0:9e:09:11:74:a9:e1:6f:a9:61:1e:da:8e:d4:
cb:f0:09:de:38:e9:39:a2:34:44:0f:28:15:74:37:
4b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:9A:32:F7:44:DB:1D:ED:54:14:88:71:25:98:9E:6D:2F:78:8A:5F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d5oy90TbHe1UFIhxJZiebS94il8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a9:47:e2:fc:a6:83:82:e9:1a:39:99:2b:7e:e3:c8:d1:7a:c7:
74:21:26:37:9b:49:f3:64:3f:6c:24:ca:98:59:48:44:6c:97:
8d:5e:75:9f:ce:2a:54:71:d6:62:e3:96:f4:1a:31:5e:6d:55:
72:6b:d1:d2:e1:98:51:c6:15:4a:ee:b8:06:09:56:d0:36:5d:
f6:6d:66:d0:25:78:cf:dc:73:85:27:59:f1:d5:40:37:88:79:
77:d2:30:06:a2:df:19:c3:8b:08:95:75:24:37:95:11:2b:08:
4e:d1:cb:ba:29:37:fa:4c:9c:31:28:1c:05:1b:ad:c7:89:3d:
51:a5:dd:45:ff:6b:bc:48:b2:1d:35:f7:63:f0:8c:49:a8:2c:
08:9f:34:cd:b3:07:31:8f:be:00:f5:d6:c8:41:4a:a6:63:38:
45:36:13:fe:04:e7:f7:40:14:18:76:20:09:80:83:46:f5:41:
29:96:b0:7c:95:e0:c0:c8:c4:01:84:df:84:62:0f:86:06:92:
dc:8f:65:72:33:c2:3f:d1:c0:0b:da:6f:e1:12:90:b6:90:8d:
6e:5a:42:8a:1f:4f:63:f7:b6:86:e8:d3:f6:68:2a:d8:cb:2b:
f2:4a:f9:ed:b7:2c:c7:4c:1b:d2:7f:98:3b:3d:e5:41:93:ac:
3f:07:5e:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYX7SpeQOTM5r1+0psMUTWBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI5MDIxMDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzlhMzJmNzQ0ZGIxZGVkNTQxNDg4NzEyNTk4OWU2ZDJmNzg4YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjb/0h/nS8QX5EAwg1Qs8WAJbTcU
BXxaLSJeK0xaAeSulikVoWyjgJVAPhnmHEyCZVNzg8DgzGJybShB/fIVgS4ej5+I
LS/xvaVGYeEAFE/Uwwm7DYe3nkEybDrRdrQt18MYjpaeuotKoMIk6PXmMNQCH/8j
xi2vhPo8D0Q98JSo2BDhTGHc6nfUosijvYq3uNC5vDOkTWM+OmizwNNQJk5iHtvS
drWH38z/HeBTJT+UVqhzOvnGnegZNAfu8rw23uvC90prtEBpMTBUS6RMFJmEvsUq
HShaolo4JQ3m75IV8J4JEXSp4W+pYR7ajtTL8AneOOk5ojREDygVdDdLPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHeaMvdE2x3tVBSIcSWYnm0veIpfMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZDVveTkwVGJIZTFVRkloeEpaaWViUzk0aWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKlH4vymg4LpGjmZK37j
yNF6x3QhJjebSfNkP2wkyphZSERsl41edZ/OKlRx1mLjlvQaMV5tVXJr0dLhmFHG
FUruuAYJVtA2XfZtZtAleM/cc4UnWfHVQDeIeXfSMAai3xnDiwiVdSQ3lRErCE7R
y7opN/pMnDEoHAUbrceJPVGl3UX/a7xIsh0192PwjEmoLAifNM2zBzGPvgD11shB
SqZjOEU2E/4E5/dAFBh2IAmAg0b1QSmWsHyV4MDIxAGE34RiD4YGktyPZXIzwj/R
wAvab+ESkLaQjW5aQoofT2P3tobo0/ZoKtjLK/JK+e23LMdMG9J/mDs95UGTrD8H
XsY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:50:35 2025 by rpki-client