Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dx4iX25GAur60YWSQgxqr5htVTU.roa
File: dx4iX25GAur60YWSQgxqr5htVTU.roa (raw, json)
Hash identifier: 2iCPUAKEhm9M2LGUKDYnKjT5KPgGDWRtLwg5BrSyKVA=
Subject key identifier: 77:1E:22:5F:6E:46:02:EA:FA:D1:85:92:42:0C:6A:AF:98:6D:55:35
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186778DF5388B436BB55AF94A35177B5DD1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dx4iX25GAur60YWSQgxqr5htVTU.roa
Signing time: Wed 22 Feb 2023 05:17:17 +0000
ROA not before: Wed 22 Feb 2023 05:17:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:77:8d:f5:38:8b:43:6b:b5:5a:f9:4a:35:17:7b:5d:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 05:17:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=771e225f6e4602eafad18592420c6aaf986d5535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f1:f7:0c:86:46:5f:eb:3e:42:28:dc:58:b6:
38:28:48:89:dd:68:a1:00:29:fc:9b:c9:02:72:92:
d6:ce:8e:27:f1:9b:ef:ca:32:31:3a:3b:77:d9:6d:
59:d4:98:1d:f6:35:34:1c:b6:0a:b5:dc:99:2c:f1:
1d:e7:9a:29:b8:35:d9:67:72:55:2b:98:79:37:f9:
e8:f5:f3:1f:00:da:0a:a6:02:b3:e5:c7:69:9b:1f:
c9:23:1b:ff:c5:94:99:c1:ce:5f:a5:ad:98:c5:41:
21:6d:3f:36:06:df:19:f9:54:01:ae:77:cb:a4:59:
ef:b3:33:19:ea:7d:a8:fd:3a:8b:2b:fe:82:23:0d:
8f:77:0d:45:d6:05:18:70:7d:d4:62:01:ff:ca:3b:
be:de:c4:55:5b:65:45:38:c0:dc:7a:72:07:20:e3:
7a:52:af:af:92:46:f0:e0:9c:c4:62:37:c0:f5:d0:
f7:f3:9d:db:9a:72:37:43:97:bf:23:af:6a:8a:f5:
69:62:0d:fc:13:65:ee:ae:62:27:7e:35:29:7a:b2:
b4:cb:1b:17:73:8c:53:db:42:43:0b:e9:98:72:af:
ab:e0:a7:3e:b6:12:cb:6f:a3:4e:75:63:32:80:35:
83:dc:89:85:7b:fa:74:d6:8e:8a:53:57:97:a5:30:
c6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:1E:22:5F:6E:46:02:EA:FA:D1:85:92:42:0C:6A:AF:98:6D:55:35
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dx4iX25GAur60YWSQgxqr5htVTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:7c:b3:9d:22:61:0a:78:33:9b:6b:98:80:34:5c:36:44:02:
3e:e4:f0:e4:5d:98:e1:87:69:ba:a4:9d:24:3d:79:8e:ce:e1:
d7:50:94:60:8c:20:f3:d3:10:01:9a:84:2c:ab:20:49:39:af:
0d:d0:51:a4:17:4e:dd:0a:f9:a1:88:85:d3:83:69:ac:9c:96:
e8:82:fa:f9:b2:30:7c:7b:35:8d:de:50:70:ed:24:b5:55:35:
4f:aa:f3:56:c0:24:9a:c9:76:80:36:fe:9b:cd:75:ca:e0:88:
8f:4b:68:db:fb:05:e6:66:e3:3f:4a:d5:76:e7:10:a0:94:ba:
d0:c0:82:3f:1f:4b:6d:28:5c:bb:d9:9c:41:c2:a2:4f:4d:0c:
21:de:7f:a5:18:eb:19:8d:6c:b9:df:07:14:05:47:b6:86:91:
ab:1a:9b:63:99:42:20:6f:e0:6e:a9:0d:62:a0:33:d8:d5:5b:
d5:58:e1:88:93:ea:32:fe:cb:15:ce:3c:55:1b:3e:86:cb:59:
81:64:54:1e:fb:75:8c:9b:e0:02:0e:a9:48:f5:98:76:e2:6f:
01:53:77:9e:dc:bc:cd:95:c0:18:69:04:84:20:1a:86:6e:90:
ed:ac:08:5e:be:84:74:39:f6:c9:2d:ae:a9:d8:a4:58:97:7d:
60:81:c6:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ3jfU4i0NrtVr5SjUXe13RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMDUxNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzFlMjI1ZjZlNDYwMmVhZmFkMTg1OTI0MjBjNmFhZjk4NmQ1NTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfH3DIZGX+s+QijcWLY4KEiJ3Wih
ACn8m8kCcpLWzo4n8ZvvyjIxOjt32W1Z1Jgd9jU0HLYKtdyZLPEd55opuDXZZ3JV
K5h5N/no9fMfANoKpgKz5cdpmx/JIxv/xZSZwc5fpa2YxUEhbT82Bt8Z+VQBrnfL
pFnvszMZ6n2o/TqLK/6CIw2Pdw1F1gUYcH3UYgH/yju+3sRVW2VFOMDcenIHION6
Uq+vkkbw4JzEYjfA9dD3853bmnI3Q5e/I69qivVpYg38E2XurmInfjUperK0yxsX
c4xT20JDC+mYcq+r4Kc+thLLb6NOdWMygDWD3ImFe/p01o6KU1eXpTDGrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHceIl9uRgLq+tGFkkIMaq+YbVU1MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZHg0aVgyNUdBdXI2MFlXU1FneHFyNWh0VlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADh8s50iYQp4M5trmIA0
XDZEAj7k8ORdmOGHabqknSQ9eY7O4ddQlGCMIPPTEAGahCyrIEk5rw3QUaQXTt0K
+aGIhdODaaycluiC+vmyMHx7NY3eUHDtJLVVNU+q81bAJJrJdoA2/pvNdcrgiI9L
aNv7BeZm4z9K1XbnEKCUutDAgj8fS20oXLvZnEHCok9NDCHef6UY6xmNbLnfBxQF
R7aGkasam2OZQiBv4G6pDWKgM9jVW9VY4YiT6jL+yxXOPFUbPobLWYFkVB77dYyb
4AIOqUj1mHbibwFTd57cvM2VwBhpBIQgGoZukO2sCF6+hHQ59sktrqnYpFiXfWCB
xlU=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:45:29 2025 by rpki-client