Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d8m6kaUYTvI8bPSDYdC3tdtJt8M.roa
File: d8m6kaUYTvI8bPSDYdC3tdtJt8M.roa (raw, json)
Hash identifier: J3xq5hR7imqlf8Ngkm9+uQGLm8R9eHDuV6IOsuPZKhM=
Subject key identifier: 77:C9:BA:91:A5:18:4E:F2:3C:6C:F4:83:61:D0:B7:B5:DB:49:B7:C3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A26323B59699F733BC62975F3BA912FCD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d8m6kaUYTvI8bPSDYdC3tdtJt8M.roa
Signing time: Thu 24 Aug 2023 06:19:00 +0000
ROA not before: Thu 24 Aug 2023 06:19:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:32:3b:59:69:9f:73:3b:c6:29:75:f3:ba:91:2f:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 24 06:19:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77c9ba91a5184ef23c6cf48361d0b7b5db49b7c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:14:7a:f8:26:75:c5:9d:21:78:43:ae:36:49:
24:18:a7:f7:24:34:33:f4:76:cb:c6:7b:51:90:30:
c1:9f:9a:c1:7e:f9:3e:fc:58:27:2e:b3:2b:af:bc:
ed:21:04:79:4f:f4:2d:4b:26:4f:4a:5b:36:29:21:
c9:eb:6c:1e:75:a3:59:32:08:4e:5a:a7:14:6d:d6:
68:d8:74:c3:96:e6:2d:25:f2:a7:db:1f:25:7e:79:
84:c1:da:c0:28:af:de:11:98:0d:92:13:03:f9:de:
fd:cb:ec:cd:8f:22:2f:d5:85:6d:0c:b0:4b:5a:c3:
fc:de:ef:10:3d:c7:37:8b:d0:71:9e:a8:0c:22:7d:
9c:b7:e9:e5:bd:71:87:10:e3:f1:17:65:d1:49:79:
e3:79:df:c9:bc:01:ba:1d:db:67:cb:d5:3d:aa:6a:
d3:7f:46:48:8a:fd:a5:3a:19:62:b8:da:6d:df:87:
43:ca:24:84:a6:a9:87:7d:0d:ee:05:86:06:7e:fd:
9d:0f:a3:d1:c7:12:4c:27:f0:da:0a:8b:cb:d2:52:
bd:df:92:86:1a:58:cd:5e:00:a9:51:88:34:bc:3f:
9f:69:3b:53:14:ea:5a:51:1d:98:50:bd:4e:32:2f:
af:55:ef:a1:b1:06:f4:a3:40:95:75:0c:b1:68:a2:
6b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:C9:BA:91:A5:18:4E:F2:3C:6C:F4:83:61:D0:B7:B5:DB:49:B7:C3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/d8m6kaUYTvI8bPSDYdC3tdtJt8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:0f:25:e9:1e:fb:74:40:b4:40:76:da:46:67:ca:c5:af:7e:
5c:ef:95:de:55:93:fd:54:9f:f9:43:54:86:08:e6:50:16:a6:
23:9b:e0:4b:6a:ca:af:1f:60:95:3c:1b:d9:03:95:da:25:dd:
7e:ad:60:00:1d:07:64:ce:d5:41:f2:3b:fc:ad:2f:65:2a:6b:
3a:4f:fa:c4:21:bd:5c:cb:91:31:9a:27:66:11:c9:5d:cf:2c:
9b:b4:a4:be:e1:b7:c3:8d:e6:c7:f5:96:7b:6c:2a:1b:f8:d4:
d1:e5:51:31:33:aa:a0:ce:be:1c:bd:4e:1a:57:0c:f8:6d:f7:
a1:63:a3:fe:80:3a:00:fe:8e:d6:a8:2b:64:27:f0:90:6a:1b:
70:68:a3:46:a8:0a:d7:be:28:fd:d2:41:a8:1c:17:49:1d:8e:
f7:26:0f:0c:ab:0e:cb:ae:a8:d7:81:03:6b:bc:ef:39:bf:89:
6e:6d:76:30:7a:34:0b:07:38:80:2c:d4:1b:7f:5f:b6:ec:9f:
7e:4e:c0:a4:31:12:d5:fa:f2:83:a7:fe:e8:5a:b1:04:5b:61:
f6:6d:24:d3:37:58:8f:52:d2:8c:86:8a:a3:ba:10:c7:2f:30:
66:32:ff:8a:45:1d:26:c2:cc:e6:6f:9a:a9:a5:b8:15:b0:4a:
cb:2d:60:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYomMjtZaZ9zO8YpdfO6kS/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI0MDYxOTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2M5YmE5MWE1MTg0ZWYyM2M2Y2Y0ODM2MWQwYjdiNWRiNDliN2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBR6+CZ1xZ0heEOuNkkkGKf3JDQz
9HbLxntRkDDBn5rBfvk+/FgnLrMrr7ztIQR5T/QtSyZPSls2KSHJ62wedaNZMghO
WqcUbdZo2HTDluYtJfKn2x8lfnmEwdrAKK/eEZgNkhMD+d79y+zNjyIv1YVtDLBL
WsP83u8QPcc3i9BxnqgMIn2ct+nlvXGHEOPxF2XRSXnjed/JvAG6Hdtny9U9qmrT
f0ZIiv2lOhliuNpt34dDyiSEpqmHfQ3uBYYGfv2dD6PRxxJMJ/DaCovL0lK935KG
GljNXgCpUYg0vD+faTtTFOpaUR2YUL1OMi+vVe+hsQb0o0CVdQyxaKJrcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHfJupGlGE7yPGz0g2HQt7XbSbfDMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZDhtNmthVVlUdkk4YlBTRFlkQzN0ZHRKdDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAkPJeke+3RAtEB22kZn
ysWvflzvld5Vk/1Un/lDVIYI5lAWpiOb4Etqyq8fYJU8G9kDldol3X6tYAAdB2TO
1UHyO/ytL2UqazpP+sQhvVzLkTGaJ2YRyV3PLJu0pL7ht8ON5sf1lntsKhv41NHl
UTEzqqDOvhy9ThpXDPht96Fjo/6AOgD+jtaoK2Qn8JBqG3Boo0aoCte+KP3SQagc
F0kdjvcmDwyrDsuuqNeBA2u87zm/iW5tdjB6NAsHOIAs1Bt/X7bsn35OwKQxEtX6
8oOn/uhasQRbYfZtJNM3WI9S0oyGiqO6EMcvMGYy/4pFHSbCzOZvmqmluBWwSsst
YHA=
-----END CERTIFICATE-----
Generated at Sat May 3 21:37:52 2025 by rpki-client