Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/df-fth7hyf_YS4XgdLqQDEvu7eA.roa
File: df-fth7hyf_YS4XgdLqQDEvu7eA.roa (raw, json)
Hash identifier: i0WIXZ9R9BK7kps3P8T4S7jm7SpegBe5yRUS8SCZwbI=
Subject key identifier: 75:FF:9F:B6:1E:E1:C9:FF:D8:4B:85:E0:74:BA:90:0C:4B:EE:ED:E0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182086EB831F6A9AC8C0295E9B301DCB1F4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/df-fth7hyf_YS4XgdLqQDEvu7eA.roa
Signing time: Sat 16 Jul 2022 19:14:09 +0000
ROA not before: Sat 16 Jul 2022 19:14:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:08:6e:b8:31:f6:a9:ac:8c:02:95:e9:b3:01:dc:b1:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 16 19:14:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75ff9fb61ee1c9ffd84b85e074ba900c4beeede0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fb:2b:95:ea:30:ef:af:01:b1:43:25:08:93:
c3:3f:b1:10:20:0f:16:64:9e:0e:5e:d0:fa:d3:55:
40:53:1a:ab:58:5d:29:e3:58:1a:34:03:67:77:17:
27:c2:75:bc:13:02:36:46:14:64:6a:60:68:ed:3c:
ac:75:8b:b8:43:a8:0c:78:3c:23:7a:1d:10:06:98:
6f:5d:f1:4b:2c:8a:fb:be:17:95:f3:8a:8c:7d:1b:
44:2f:76:ae:9e:81:30:c3:f2:4d:0a:3f:5f:15:0b:
e1:c0:81:34:ce:ae:b2:4a:ac:66:94:3a:7c:b0:53:
23:78:10:c5:be:f9:ea:45:b0:aa:aa:d1:50:7d:db:
c5:24:9f:84:20:8c:50:56:fe:59:e0:ec:01:fa:09:
30:41:da:ea:51:aa:4b:d2:7c:7b:c1:6a:63:e0:76:
4e:fd:69:f9:77:11:1b:8e:27:cb:e9:ea:8a:b5:45:
1b:ff:44:6e:68:a7:c0:d8:e3:53:79:e3:3a:87:ae:
a7:23:91:c1:8b:6d:ba:34:d3:d1:fa:b5:ae:13:be:
e0:72:bb:89:91:39:a3:61:96:89:f4:b1:0b:ec:64:
19:d1:23:29:80:1c:f3:4f:12:e3:88:a0:d1:c2:0c:
d2:2a:8b:14:eb:31:34:b1:5e:f6:d0:25:16:5b:6d:
69:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:FF:9F:B6:1E:E1:C9:FF:D8:4B:85:E0:74:BA:90:0C:4B:EE:ED:E0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/df-fth7hyf_YS4XgdLqQDEvu7eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:a9:aa:e5:b9:3e:fc:20:0f:ad:17:86:d7:d4:78:8a:90:89:
11:1e:f2:cd:bc:df:8e:98:3d:2a:8d:40:d0:41:a9:32:45:09:
c4:e2:f2:e2:db:34:72:10:81:34:32:d4:c8:2f:3e:01:33:34:
b4:ab:84:be:4a:a0:96:41:f6:9f:a1:dd:3e:be:05:98:fe:78:
52:15:6e:91:2b:53:0e:cb:0e:b3:8d:eb:a3:dd:a6:16:b8:e4:
8b:5a:af:73:e2:3f:d2:cb:9b:10:3a:19:26:ee:25:fd:7f:ee:
f4:d6:51:0b:73:82:11:21:13:83:1e:d2:1d:ed:c3:33:fe:b5:
47:5d:c6:c9:49:cd:26:c4:57:42:6e:59:fd:07:46:94:b5:23:
d8:d2:28:0c:51:e2:a2:44:0d:a2:d5:15:22:bb:cb:63:8f:ea:
90:34:b3:d0:af:2b:f3:01:9e:90:5e:a4:5b:9e:09:f4:89:26:
98:9b:c2:d6:87:e4:9a:2a:8a:a7:b9:d9:67:7d:f1:ee:c1:b9:
b3:2f:d4:81:95:69:00:85:0e:f1:ca:7d:95:b9:00:12:e5:06:
0b:25:3b:7d:0a:e1:44:19:f7:6c:bc:84:33:b0:ce:d9:98:b9:
33:b1:a8:42:3f:a2:ee:f2:b1:e4:81:af:cf:96:44:d4:07:87:
c8:36:0f:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYIIbrgx9qmsjAKV6bMB3LH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzE2MTkxNDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWZmOWZiNjFlZTFjOWZmZDg0Yjg1ZTA3NGJhOTAwYzRiZWVlZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPsrleow768BsUMlCJPDP7EQIA8W
ZJ4OXtD601VAUxqrWF0p41gaNANndxcnwnW8EwI2RhRkamBo7TysdYu4Q6gMeDwj
eh0QBphvXfFLLIr7vheV84qMfRtEL3aunoEww/JNCj9fFQvhwIE0zq6ySqxmlDp8
sFMjeBDFvvnqRbCqqtFQfdvFJJ+EIIxQVv5Z4OwB+gkwQdrqUapL0nx7wWpj4HZO
/Wn5dxEbjifL6eqKtUUb/0RuaKfA2ONTeeM6h66nI5HBi226NNPR+rWuE77gcruJ
kTmjYZaJ9LEL7GQZ0SMpgBzzTxLjiKDRwgzSKosU6zE0sV720CUWW21pQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHX/n7Ye4cn/2EuF4HS6kAxL7u3gMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZGYtZnRoN2h5Zl9ZUzRYZ2RMcVFERXZ1N2VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABOpquW5PvwgD60XhtfU
eIqQiREe8s28346YPSqNQNBBqTJFCcTi8uLbNHIQgTQy1MgvPgEzNLSrhL5KoJZB
9p+h3T6+BZj+eFIVbpErUw7LDrON66Pdpha45Itar3PiP9LLmxA6GSbuJf1/7vTW
UQtzghEhE4Me0h3twzP+tUddxslJzSbEV0JuWf0HRpS1I9jSKAxR4qJEDaLVFSK7
y2OP6pA0s9CvK/MBnpBepFueCfSJJpibwtaH5Joqiqe52Wd98e7BubMv1IGVaQCF
DvHKfZW5ABLlBgslO30K4UQZ92y8hDOwztmYuTOxqEI/ou7yseSBr8+WRNQHh8g2
D4Q=
-----END CERTIFICATE-----
Generated at Thu May 1 11:08:42 2025 by rpki-client