Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dRYhwF2jCkST2GgGPP6gssc3t3M.roa
File: dRYhwF2jCkST2GgGPP6gssc3t3M.roa (raw, json)
Hash identifier: 5IVlWti21QAdyaVJxIgPJwq9iJeA1R2b8PZihMlY744=
Subject key identifier: 75:16:21:C0:5D:A3:0A:44:93:D8:68:06:3C:FE:A0:B2:C7:37:B7:73
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01865D554EE037D37CFB4E9682561DD1DA23
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dRYhwF2jCkST2GgGPP6gssc3t3M.roa
Signing time: Fri 17 Feb 2023 03:05:17 +0000
ROA not before: Fri 17 Feb 2023 03:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:5d54:cddc/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5d:55:4e:e0:37:d3:7c:fb:4e:96:82:56:1d:d1:da:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 17 03:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=751621c05da30a4493d868063cfea0b2c737b773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1d:09:fe:b6:37:4d:ce:30:e0:e1:0b:56:e6:
b3:cd:c4:13:64:d9:ee:e8:94:a4:9d:02:8f:54:d6:
4e:87:89:f2:33:fe:17:f2:3f:46:ff:94:cf:6e:a5:
1a:58:90:1b:a1:2e:1d:53:fd:19:b1:be:c5:90:56:
27:3c:77:d7:f0:5b:45:70:d8:f8:62:c7:cf:4b:3b:
ac:5d:73:f2:8e:a9:ed:2d:1c:3a:82:f3:7e:9e:d6:
9c:4f:69:ea:92:68:54:76:a5:22:83:ad:9b:af:b0:
b3:6c:92:09:74:b3:47:19:a3:e1:f7:81:67:57:05:
ac:83:5c:9d:02:92:61:65:8e:19:ac:56:57:59:3b:
24:94:67:84:98:c1:49:a1:8f:0c:55:63:3c:d0:f0:
93:1f:dc:11:b5:07:81:12:77:28:b1:e7:a6:1b:a2:
38:a4:71:26:6a:55:e3:c9:47:8e:83:8c:b8:cd:7f:
1a:ba:7a:e2:68:e5:6d:80:85:97:8f:21:76:9c:36:
65:cb:b0:b8:5e:de:5d:2d:b7:aa:09:2f:87:98:3b:
ec:ab:04:df:e3:c0:f9:db:25:1f:c5:34:70:a7:69:
5c:47:0b:79:fb:49:d6:34:ab:ac:d2:d5:11:0c:17:
70:71:26:f5:a6:11:02:a4:e8:33:7b:db:21:59:30:
cf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:16:21:C0:5D:A3:0A:44:93:D8:68:06:3C:FE:A0:B2:C7:37:B7:73
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dRYhwF2jCkST2GgGPP6gssc3t3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b3:c7:58:80:03:02:00:70:78:a7:05:d1:c0:0a:eb:c6:a4:9b:
dd:a3:bb:44:5b:aa:5e:f9:f0:6c:99:58:fb:ff:1b:11:e9:a8:
54:af:a4:50:f6:98:b7:13:73:50:01:f8:80:3c:76:fb:ae:4d:
8b:9d:e4:4f:60:31:d2:14:1a:3a:ca:4d:d6:2c:68:1c:30:12:
1c:2e:ef:f1:b1:75:e2:3a:c2:5c:14:97:af:ad:2b:a3:e1:17:
67:a6:f2:76:18:a8:c5:98:65:59:83:0a:20:13:af:c2:5a:6c:
ea:90:1b:d4:b0:a6:2a:51:49:b5:c4:1c:ca:2b:66:d8:f5:69:
d0:89:32:ea:e6:c4:a3:9a:d4:1b:8a:27:c7:4a:bd:30:8b:ee:
74:76:89:e2:8e:fc:15:2d:e1:ae:00:80:4b:54:ed:74:14:bb:
58:55:ed:60:51:63:c5:f3:14:bb:dc:82:5e:4e:b8:0c:55:5a:
db:c5:60:7d:c0:4d:b3:42:12:03:fe:90:91:b8:b1:6f:7f:38:
09:df:c2:80:3c:49:ab:1a:8c:42:63:be:da:89:7f:46:6e:de:
52:d4:c9:3e:95:f1:48:25:3a:21:5d:54:dc:db:cd:2b:a5:cb:
ca:f8:44:f4:c2:f7:cc:a7:04:12:13:f3:6b:0c:50:12:42:14:
0c:da:0c:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZdVU7gN9N8+06WglYd0dojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE3MDMwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTE2MjFjMDVkYTMwYTQ0OTNkODY4MDYzY2ZlYTBiMmM3MzdiNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmx0J/rY3Tc4w4OELVuazzcQTZNnu
6JSknQKPVNZOh4nyM/4X8j9G/5TPbqUaWJAboS4dU/0Zsb7FkFYnPHfX8FtFcNj4
YsfPSzusXXPyjqntLRw6gvN+ntacT2nqkmhUdqUig62br7CzbJIJdLNHGaPh94Fn
VwWsg1ydApJhZY4ZrFZXWTsklGeEmMFJoY8MVWM80PCTH9wRtQeBEncoseemG6I4
pHEmalXjyUeOg4y4zX8aunriaOVtgIWXjyF2nDZly7C4Xt5dLbeqCS+HmDvsqwTf
48D52yUfxTRwp2lcRwt5+0nWNKus0tURDBdwcSb1phECpOgze9shWTDPcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHUWIcBdowpEk9hoBjz+oLLHN7dzMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZFJZaHdGMmpDa1NUMkdnR1BQNmdzc2MzdDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALPHWIADAgBweKcF0cAK
68akm92ju0Rbql758GyZWPv/GxHpqFSvpFD2mLcTc1AB+IA8dvuuTYud5E9gMdIU
GjrKTdYsaBwwEhwu7/GxdeI6wlwUl6+tK6PhF2em8nYYqMWYZVmDCiATr8JabOqQ
G9SwpipRSbXEHMorZtj1adCJMurmxKOa1BuKJ8dKvTCL7nR2ieKO/BUt4a4AgEtU
7XQUu1hV7WBRY8XzFLvcgl5OuAxVWtvFYH3ATbNCEgP+kJG4sW9/OAnfwoA8Sasa
jEJjvtqJf0Zu3lLUyT6V8UglOiFdVNzbzSuly8r4RPTC98ynBBIT82sMUBJCFAza
DMI=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:24:24 2025 by rpki-client