Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dU2D2sXY3rotSmZep7WQ_KlQ1c8.roa
File: dU2D2sXY3rotSmZep7WQ_KlQ1c8.roa (raw, json)
Hash identifier: yTC5w8oAUY+X7Q7L7MsuSfe8csml8mNoG899Zxc4jrU=
Subject key identifier: 75:4D:83:DA:C5:D8:DE:BA:2D:4A:66:5E:A7:B5:90:FC:A9:50:D5:CF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856DAB9DE6B60965AE557B499B15861D75
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dU2D2sXY3rotSmZep7WQ_KlQ1c8.roa
Signing time: Sun 01 Jan 2023 14:10:41 +0000
ROA not before: Sun 01 Jan 2023 14:10:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ab:9d:e6:b6:09:65:ae:55:7b:49:9b:15:86:1d:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 1 14:10:41 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=754d83dac5d8deba2d4a665ea7b590fca950d5cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:49:a9:89:82:6c:7a:af:be:81:38:c0:c8:f1:
78:4c:08:07:60:da:77:10:0d:8d:97:70:f8:df:8f:
be:0f:42:81:e5:24:6d:52:0d:99:05:ac:a3:f6:62:
75:93:52:8c:d8:00:0f:c7:d3:9e:43:36:ed:fc:c3:
ce:d8:62:18:7a:a1:2a:89:22:a5:67:fa:b5:09:e1:
7c:65:8a:cb:ca:a8:c4:45:1e:6d:ef:a4:53:58:5a:
35:e0:39:5b:aa:ea:f7:75:3d:14:f0:a5:46:e6:4e:
7d:20:1e:93:94:39:84:99:5d:b8:c0:97:39:e7:f4:
93:eb:ca:5b:6c:ca:32:d9:a6:aa:ed:70:fc:8d:cd:
72:e2:90:9b:f4:68:31:a5:ce:7d:98:65:5a:4a:95:
a6:2a:5b:c5:d8:f3:85:94:64:a2:3c:2d:21:d1:0b:
89:56:4d:0a:15:7e:49:2a:b7:64:91:d6:97:97:8e:
55:48:70:ac:92:5f:8d:ed:b2:3d:cc:82:48:83:00:
40:b7:a5:70:1f:d4:4a:49:65:b3:0a:12:8b:80:12:
56:2f:b1:92:ec:42:92:24:ca:01:fe:5f:8b:91:fa:
e2:48:65:b3:ca:2c:b3:a7:99:b0:31:f6:d3:f4:70:
be:cb:d3:be:3c:de:01:8e:06:b6:2c:6d:ae:e9:e5:
8f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:4D:83:DA:C5:D8:DE:BA:2D:4A:66:5E:A7:B5:90:FC:A9:50:D5:CF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dU2D2sXY3rotSmZep7WQ_KlQ1c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:8f:06:05:0e:6f:ae:7b:be:b9:e0:f0:31:40:86:cc:85:3d:
09:27:07:2e:09:c0:ac:c6:64:e5:37:2b:22:12:18:78:a0:d9:
a1:3f:e6:78:e4:3f:d9:ea:c5:07:1e:30:da:54:6f:0f:90:ba:
d9:db:44:7a:a4:66:db:fd:41:39:f0:15:8c:ec:29:db:be:52:
ea:77:bc:4a:b7:bf:93:42:e5:f4:ef:0f:2c:01:14:94:dd:c5:
13:3c:59:48:8f:90:9c:2d:38:bd:5f:24:cc:b0:2a:dc:bc:5a:
2a:d8:61:fa:c2:e8:1d:53:b0:ba:77:3c:20:de:0c:28:95:15:
ef:0f:b4:68:ec:37:08:4f:dd:72:58:6c:2e:62:a5:f3:36:8e:
ce:67:da:73:a4:00:c4:75:3d:ee:e3:03:b7:6d:0d:0a:ba:7e:
c6:64:1f:ef:41:f8:0f:4e:4f:61:67:00:17:46:46:c6:9b:4b:
8c:37:f4:bb:ff:f0:33:dd:ec:a4:5b:8d:5d:bb:cb:6d:c1:f7:
f2:1e:19:9f:71:e3:e5:2e:1b:9d:b7:0b:aa:bd:ec:8f:6a:27:
3b:25:1a:4a:11:b2:6b:26:c7:ec:81:0c:81:62:c5:a2:01:75:
46:9a:86:5d:3c:39:e8:00:9b:e3:1f:38:e8:81:ef:09:e0:f1:
2d:85:82:c1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtq53mtgllrlV7SZsVhh11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAxMTQxMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTRkODNkYWM1ZDhkZWJhMmQ0YTY2NWVhN2I1OTBmY2E5NTBkNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0mpiYJseq++gTjAyPF4TAgHYNp3
EA2Nl3D434++D0KB5SRtUg2ZBayj9mJ1k1KM2AAPx9OeQzbt/MPO2GIYeqEqiSKl
Z/q1CeF8ZYrLyqjERR5t76RTWFo14Dlbqur3dT0U8KVG5k59IB6TlDmEmV24wJc5
5/ST68pbbMoy2aaq7XD8jc1y4pCb9Ggxpc59mGVaSpWmKlvF2POFlGSiPC0h0QuJ
Vk0KFX5JKrdkkdaXl45VSHCskl+N7bI9zIJIgwBAt6VwH9RKSWWzChKLgBJWL7GS
7EKSJMoB/l+LkfriSGWzyiyzp5mwMfbT9HC+y9O+PN4Bjga2LG2u6eWPZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHVNg9rF2N66LUpmXqe1kPypUNXPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZFUyRDJzWFkzcm90U21aZXA3V1FfS2xRMWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACyPBgUOb657vrng8DFA
hsyFPQknBy4JwKzGZOU3KyISGHig2aE/5njkP9nqxQceMNpUbw+QutnbRHqkZtv9
QTnwFYzsKdu+Uup3vEq3v5NC5fTvDywBFJTdxRM8WUiPkJwtOL1fJMywKty8WirY
YfrC6B1TsLp3PCDeDCiVFe8PtGjsNwhP3XJYbC5ipfM2js5n2nOkAMR1Pe7jA7dt
DQq6fsZkH+9B+A9OT2FnABdGRsabS4w39Lv/8DPd7KRbjV27y23B9/IeGZ9x4+Uu
G523C6q97I9qJzslGkoRsmsmx+yBDIFixaIBdUaahl08OegAm+MfOOiB7wng8S2F
gsE=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:19 2025 by rpki-client