Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dsmFc1wmgYyqPauoHZTDUrk3MSo.roa
File: dsmFc1wmgYyqPauoHZTDUrk3MSo.roa (raw, json)
Hash identifier: /f150adFDMLHmJIqihnoT5L8FbFtntJsIOuyKHzEmok=
Subject key identifier: 76:C9:85:73:5C:26:81:8C:AA:3D:AB:A8:1D:94:C3:52:B9:37:31:2A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 714BF938
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dsmFc1wmgYyqPauoHZTDUrk3MSo.roa
Signing time: Thu 10 Mar 2022 12:09:48 +0000
ROA not before: Thu 10 Mar 2022 12:09:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1900804408 (0x714bf938)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 10 12:09:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76c985735c26818caa3daba81d94c352b937312a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8d:0f:df:84:c4:95:db:7a:95:42:a9:bf:bb:
a8:63:fb:81:b9:dc:80:0a:ff:c6:9e:be:72:ba:2a:
cd:14:f1:ae:5f:5c:09:7b:4a:db:4d:b9:3a:81:89:
da:67:16:f0:f5:76:e8:f5:ca:82:6c:b0:1f:02:86:
8b:51:e1:ea:77:ca:9c:c0:04:d6:12:93:52:38:dd:
72:b5:85:86:3e:0c:be:03:39:d4:7a:29:2a:fe:68:
34:9b:88:d0:bf:b4:dc:64:e4:ea:b7:d3:bc:37:af:
76:26:32:a3:3f:a9:ca:20:58:19:05:da:af:4d:7a:
68:c2:e5:08:6a:13:a4:a9:4d:54:2e:19:4f:53:d2:
68:c9:94:32:3b:3b:39:ba:39:68:ff:21:ad:da:78:
f2:c6:a0:69:05:5d:00:2c:3b:ef:4f:4d:cc:99:31:
55:47:9d:e8:b2:f8:d8:cf:e6:23:cf:d0:7c:bc:d8:
da:af:f4:2a:53:64:99:03:1f:b2:9b:d3:33:cd:48:
1a:7a:21:ff:bb:b1:3e:a3:af:53:51:b7:0e:93:34:
48:6a:c2:5f:ec:7e:de:ba:f4:b2:cd:de:98:d1:5e:
99:3a:ec:aa:3c:e2:bf:c0:74:88:41:a8:a4:4d:f4:
77:21:63:bb:cb:aa:c9:f0:fb:83:f9:08:a3:62:6c:
34:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:C9:85:73:5C:26:81:8C:AA:3D:AB:A8:1D:94:C3:52:B9:37:31:2A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dsmFc1wmgYyqPauoHZTDUrk3MSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:05:2a:b2:54:a8:39:47:db:d0:c5:d9:86:c5:b6:64:26:0a:
dc:16:ca:24:d1:67:8b:d9:a0:52:34:95:1f:0d:e3:c0:41:32:
69:a9:cd:9c:db:6a:ff:1f:2f:7d:73:0a:fa:c0:d1:88:8c:72:
15:7e:73:f3:12:f6:a5:60:bb:3a:8f:c4:95:0e:c8:65:35:94:
14:1b:d5:ec:ef:74:f4:e6:35:c7:38:2f:ba:ae:6c:32:df:11:
d4:d0:d6:9e:da:91:97:17:84:90:4a:f3:85:05:74:91:59:d2:
cc:0e:de:82:dc:9e:3c:75:d7:0a:e1:29:d6:18:65:f2:8e:4d:
8d:5b:6a:ae:bc:69:db:e8:0d:a8:52:ec:0f:dd:50:b9:7e:52:
50:9b:7e:32:e5:64:41:ae:76:76:8f:3b:c1:91:da:a0:64:bc:
f7:63:bb:5d:79:11:1a:e7:b8:b2:c9:32:15:8f:3e:5c:98:c1:
99:d1:db:1a:da:a4:10:51:bf:f6:18:9e:b0:c0:6d:f4:19:4d:
78:26:94:d7:2f:10:08:f0:43:8b:79:fa:71:3b:da:ae:7d:c7:
2f:1a:31:20:6d:55:8b:0f:4d:d1:52:f9:f0:27:7a:3a:cd:1b:
81:03:ea:e7:a9:6b:83:88:43:7c:65:36:8c:c3:f1:c3:d0:10:
56:57:81:f2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEcUv5ODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMx
MDEyMDk0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZjOTg1NzM1YzI2
ODE4Y2FhM2RhYmE4MWQ5NGMzNTJiOTM3MzEyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWND9+ExJXbepVCqb+7qGP7gbncgAr/xp6+croqzRTxrl9c
CXtK2025OoGJ2mcW8PV26PXKgmywHwKGi1Hh6nfKnMAE1hKTUjjdcrWFhj4MvgM5
1HopKv5oNJuI0L+03GTk6rfTvDevdiYyoz+pyiBYGQXar016aMLlCGoTpKlNVC4Z
T1PSaMmUMjs7Obo5aP8hrdp48sagaQVdACw7709NzJkxVUed6LL42M/mI8/QfLzY
2q/0KlNkmQMfspvTM81IGnoh/7uxPqOvU1G3DpM0SGrCX+x+3rr0ss3emNFemTrs
qjziv8B0iEGopE30dyFju8uqyfD7g/kIo2JsNBcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBR2yYVzXCaBjKo9q6gdlMNSuTcxKjAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L2RzbUZjMXdtZ1l5cVBhdW9IWlREVXJrM01Tby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQCDBSqyVKg5R9vQxdmGxbZkJgrcFsok0WeL2aBS
NJUfDePAQTJpqc2c22r/Hy99cwr6wNGIjHIVfnPzEvalYLs6j8SVDshlNZQUG9Xs
73T05jXHOC+6rmwy3xHU0Nae2pGXF4SQSvOFBXSRWdLMDt6C3J48ddcK4SnWGGXy
jk2NW2quvGnb6A2oUuwP3VC5flJQm34y5WRBrnZ2jzvBkdqgZLz3Y7tdeREa57iy
yTIVjz5cmMGZ0dsa2qQQUb/2GJ6wwG30GU14JpTXLxAI8EOLefpxO9qufccvGjEg
bVWLD03RUvnwJ3o6zRuBA+rnqWuDiEN8ZTaMw/HD0BBWV4Hy
-----END CERTIFICATE-----
Generated at Thu May 1 10:03:36 2025 by rpki-client