Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dCutWbMYIVt_Y1qlYpifuiejTpo.roa
File: dCutWbMYIVt_Y1qlYpifuiejTpo.roa (raw, json)
Hash identifier: Ke8wE8397UTCvsIOYgNQoduBpWFNpaRoZWR9wHTMPNk=
Subject key identifier: 74:2B:AD:59:B3:18:21:5B:7F:63:5A:A5:62:98:9F:BA:27:A3:4E:9A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01854A420F24C95C6BA5BEB84A954B5B0333
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dCutWbMYIVt_Y1qlYpifuiejTpo.roa
Signing time: Sun 25 Dec 2022 17:08:41 +0000
ROA not before: Sun 25 Dec 2022 17:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4a:42:0f:24:c9:5c:6b:a5:be:b8:4a:95:4b:5b:03:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 25 17:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=742bad59b318215b7f635aa562989fba27a34e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3d:0a:3c:23:62:c5:b6:9b:26:b2:66:77:60:
f9:f1:e3:07:bc:ea:52:d1:b4:14:9f:3e:fe:e9:e2:
83:3b:54:c8:bc:bd:b6:f4:2c:98:50:e1:01:88:a8:
43:09:f4:0b:10:2f:61:87:86:36:23:41:ad:d1:fe:
1e:be:d7:75:30:ac:3d:71:5a:c9:0f:59:cb:24:50:
13:58:31:97:fa:a8:45:4a:1e:ab:1a:68:78:82:2d:
c8:ee:ee:37:b5:f8:71:1c:d8:4d:e7:8f:fb:3b:ee:
ad:9f:91:66:e5:20:c8:1b:88:03:82:2c:a9:ea:78:
8a:79:3f:32:f5:19:a9:c3:59:3e:c5:b9:f0:9e:24:
1f:7a:27:a3:92:50:a0:d5:bc:81:9f:52:5b:79:81:
b4:68:5e:32:3f:12:5b:15:73:2b:77:cd:2f:e6:72:
0e:fd:e0:b0:64:57:6d:75:54:e8:4d:b1:4a:8b:57:
61:84:d7:85:01:a0:78:25:6c:1c:e7:29:53:70:94:
e1:84:80:5d:07:be:66:f2:4c:2e:79:ac:fb:ae:be:
4f:58:0b:6a:e3:02:2c:45:dc:db:3d:cc:fa:99:97:
bb:be:0e:8b:68:33:a9:0f:7d:84:cc:55:4c:49:8e:
6a:5f:80:6c:b8:f5:76:d7:59:18:25:21:4d:0b:da:
81:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:2B:AD:59:B3:18:21:5B:7F:63:5A:A5:62:98:9F:BA:27:A3:4E:9A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dCutWbMYIVt_Y1qlYpifuiejTpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:e5:a3:9b:df:3f:38:ef:df:f4:a0:cc:c5:a4:5a:c7:d2:04:
1a:7e:58:51:39:eb:22:8b:ef:6a:c6:2a:ec:af:de:de:71:07:
61:6b:de:1e:60:80:bb:6d:d9:32:da:c4:c7:49:fa:de:bc:0a:
50:ed:63:ab:a9:af:81:6a:bf:7e:92:e7:e5:54:20:ae:15:77:
c9:22:62:b6:b5:51:9b:4b:16:a1:66:12:cd:c6:61:7c:f1:e0:
28:e1:62:ab:d2:17:77:d6:9a:7f:7b:35:a9:c9:de:1b:41:14:
c6:6f:d0:e8:a2:37:46:58:45:55:7e:d7:f7:72:2d:63:7e:26:
e2:5c:e2:14:18:d2:0d:51:89:56:5e:c7:f5:fd:ff:de:6a:a6:
13:86:ae:31:df:b3:6f:5d:1b:04:9b:46:5b:fa:c8:7d:8e:41:
2c:6a:18:72:9d:a4:ce:de:52:66:36:b6:8d:29:42:0d:57:80:
f6:93:5b:22:8a:b5:1e:ed:3d:cc:ce:85:3d:16:38:cb:ee:c9:
da:03:ea:56:09:71:f6:53:ba:6a:8e:2d:e4:34:b6:39:44:da:
c0:62:55:70:b2:9b:bc:2b:07:14:35:f1:bd:d8:fe:7b:33:93:
71:9d:c2:68:51:70:1b:aa:f2:9b:91:06:f1:e6:10:c1:ac:7b:
70:db:9e:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVKQg8kyVxrpb64SpVLWwMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI1MTcwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDJiYWQ1OWIzMTgyMTViN2Y2MzVhYTU2Mjk4OWZiYTI3YTM0ZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxj0KPCNixbabJrJmd2D58eMHvOpS
0bQUnz7+6eKDO1TIvL229CyYUOEBiKhDCfQLEC9hh4Y2I0Gt0f4evtd1MKw9cVrJ
D1nLJFATWDGX+qhFSh6rGmh4gi3I7u43tfhxHNhN54/7O+6tn5Fm5SDIG4gDgiyp
6niKeT8y9Rmpw1k+xbnwniQfeiejklCg1byBn1JbeYG0aF4yPxJbFXMrd80v5nIO
/eCwZFdtdVToTbFKi1dhhNeFAaB4JWwc5ylTcJThhIBdB75m8kwueaz7rr5PWAtq
4wIsRdzbPcz6mZe7vg6LaDOpD32EzFVMSY5qX4BsuPV211kYJSFNC9qBKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHQrrVmzGCFbf2NapWKYn7ono06aMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZEN1dFdiTVlJVnRfWTFxbFlwaWZ1aWVqVHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFHlo5vfPzjv3/SgzMWk
WsfSBBp+WFE56yKL72rGKuyv3t5xB2Fr3h5ggLtt2TLaxMdJ+t68ClDtY6upr4Fq
v36S5+VUIK4Vd8kiYra1UZtLFqFmEs3GYXzx4CjhYqvSF3fWmn97NanJ3htBFMZv
0OiiN0ZYRVV+1/dyLWN+JuJc4hQY0g1RiVZex/X9/95qphOGrjHfs29dGwSbRlv6
yH2OQSxqGHKdpM7eUmY2to0pQg1XgPaTWyKKtR7tPczOhT0WOMvuydoD6lYJcfZT
umqOLeQ0tjlE2sBiVXCym7wrBxQ18b3Y/nszk3GdwmhRcBuq8puRBvHmEMGse3Db
ni0=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:29:17 2025 by rpki-client