Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fdlfZ5gFmWrtEqK5SH-Yssx1wyg.roa
File: fdlfZ5gFmWrtEqK5SH-Yssx1wyg.roa (raw, json)
Hash identifier: nFmwQaClrN0j1ByA0bZeXlfkT7/2Drwp3dXBAi7OPAI=
Subject key identifier: 7D:D9:5F:67:98:05:99:6A:ED:12:A2:B9:48:7F:98:B2:CC:75:C3:28
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A41DE889F908049B4096B7D1BAD8A39E6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fdlfZ5gFmWrtEqK5SH-Yssx1wyg.roa
Signing time: Tue 29 Aug 2023 15:16:57 +0000
ROA not before: Tue 29 Aug 2023 15:16:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:41:de:88:9f:90:80:49:b4:09:6b:7d:1b:ad:8a:39:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 29 15:16:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dd95f679805996aed12a2b9487f98b2cc75c328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:67:c4:41:3f:01:56:75:41:f0:d7:13:60:30:
1a:e9:8d:23:31:8f:16:86:9c:16:93:5e:1f:c0:4a:
8f:5f:a4:79:db:89:59:de:b7:55:ab:f9:41:5d:34:
1f:0c:c9:5b:4b:03:d0:58:a8:fe:78:69:cf:11:ae:
39:8e:95:17:80:80:09:b9:33:78:a5:f1:22:32:62:
10:d7:28:d4:e0:13:68:36:66:a8:84:b2:81:f7:ab:
6c:b5:99:63:13:73:fc:ca:05:3c:6d:3c:f7:63:1c:
1d:2f:7e:57:3e:7f:83:fc:4f:db:55:49:93:e2:98:
e5:04:d3:54:86:db:e6:9e:c7:b4:b2:9f:f6:45:ed:
3c:87:7b:35:7d:e7:4b:f0:92:28:84:85:08:48:56:
db:ae:6c:83:af:46:7f:43:8b:5c:80:5b:20:3c:08:
b3:24:90:85:40:87:6e:06:50:d8:45:cd:b5:06:65:
1a:5d:f7:36:8f:a8:19:63:48:17:83:90:8b:2f:65:
f2:6b:85:db:6a:cb:c7:70:f4:2c:4a:ed:af:6a:42:
1e:99:ea:3a:f6:38:16:a5:66:d0:80:62:51:22:bd:
04:a2:f2:df:42:8d:11:a6:78:1c:da:97:80:9d:5c:
de:92:bf:c2:73:df:ad:49:3b:a4:bd:78:d5:a2:52:
02:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D9:5F:67:98:05:99:6A:ED:12:A2:B9:48:7F:98:B2:CC:75:C3:28
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fdlfZ5gFmWrtEqK5SH-Yssx1wyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:75:79:12:8b:07:f5:9a:58:44:5b:e1:05:52:7a:2a:bc:38:
28:b6:60:00:86:37:9a:8f:b0:dd:06:d8:35:2a:f1:d7:87:70:
be:96:9c:8e:bf:45:fe:1f:58:81:a4:23:cd:ee:c8:57:5b:10:
b7:37:f2:2f:94:e6:89:4e:4d:d0:88:3f:4d:bd:f2:34:99:ec:
9a:62:e0:89:92:e9:b0:d5:cc:d2:fe:8b:1f:d5:41:20:d4:4b:
c4:a3:74:54:45:ec:69:a9:b7:f9:2a:55:f0:1e:f8:35:78:d4:
87:42:40:ab:dd:c4:06:0a:f6:5a:28:61:ac:56:01:d0:ff:34:
a8:69:3c:f0:32:1b:95:06:b2:dc:98:a7:35:93:3a:a1:0c:19:
ad:2d:5f:94:5d:c1:ce:b9:ab:fc:6e:27:81:c7:81:3a:15:cf:
da:f3:a1:40:ce:2c:cd:5c:04:b8:21:5c:d7:84:fa:81:8a:c6:
13:a1:9b:59:72:15:b7:84:9f:e2:cb:c4:d6:5b:63:92:c9:a6:
a4:e7:24:ae:14:3a:1a:74:f2:05:16:f5:7a:85:f0:62:0d:fb:
b6:9d:ca:29:c2:08:14:72:83:8c:61:59:48:6e:73:68:bc:bc:
2e:a5:90:35:28:6a:06:b6:3f:dc:35:9f:f4:67:20:18:66:1f:
d1:06:a1:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpB3oifkIBJtAlrfRutijnmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI5MTUxNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGQ5NWY2Nzk4MDU5OTZhZWQxMmEyYjk0ODdmOThiMmNjNzVjMzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2fEQT8BVnVB8NcTYDAa6Y0jMY8W
hpwWk14fwEqPX6R524lZ3rdVq/lBXTQfDMlbSwPQWKj+eGnPEa45jpUXgIAJuTN4
pfEiMmIQ1yjU4BNoNmaohLKB96tstZljE3P8ygU8bTz3YxwdL35XPn+D/E/bVUmT
4pjlBNNUhtvmnse0sp/2Re08h3s1fedL8JIohIUISFbbrmyDr0Z/Q4tcgFsgPAiz
JJCFQIduBlDYRc21BmUaXfc2j6gZY0gXg5CLL2Xya4XbasvHcPQsSu2vakIemeo6
9jgWpWbQgGJRIr0EovLfQo0Rpngc2peAnVzekr/Cc9+tSTukvXjVolICRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH3ZX2eYBZlq7RKiuUh/mLLMdcMoMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZmRsZlo1Z0ZtV3J0RXFLNVNILVlzc3gxd3lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJt1eRKLB/WaWERb4QVS
eiq8OCi2YACGN5qPsN0G2DUq8deHcL6WnI6/Rf4fWIGkI83uyFdbELc38i+U5olO
TdCIP0298jSZ7Jpi4ImS6bDVzNL+ix/VQSDUS8SjdFRF7Gmpt/kqVfAe+DV41IdC
QKvdxAYK9looYaxWAdD/NKhpPPAyG5UGstyYpzWTOqEMGa0tX5Rdwc65q/xuJ4HH
gToVz9rzoUDOLM1cBLghXNeE+oGKxhOhm1lyFbeEn+LLxNZbY5LJpqTnJK4UOhp0
8gUW9XqF8GIN+7adyinCCBRyg4xhWUhuc2i8vC6lkDUoaga2P9w1n/RnIBhmH9EG
oZM=
-----END CERTIFICATE-----
Generated at Thu May 1 06:48:54 2025 by rpki-client