Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fkDW0tFstx7VbPPoBDc1BRKwYi0.roa
File: fkDW0tFstx7VbPPoBDc1BRKwYi0.roa (raw, json)
Hash identifier: DWzzVcqT8jw9iNIltZWrS8YrViMnzCxdz2nRv8381rI=
Subject key identifier: 7E:40:D6:D2:D1:6C:B7:1E:D5:6C:F3:E8:04:37:35:05:12:B0:62:2D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184722A05C40AB58BA5687906B317BC5F99
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fkDW0tFstx7VbPPoBDc1BRKwYi0.roa
Signing time: Sun 13 Nov 2022 18:04:27 +0000
ROA not before: Sun 13 Nov 2022 18:04:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:184:7229:eb62/128 maxlen: 128
2001:67c:64:ffff:0:184:51c3:ad7c/128 maxlen: 128
2001:67c:64:ffff:0:184:3fbd:71f7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:4250:a4df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:72:2a:05:c4:0a:b5:8b:a5:68:79:06:b3:17:bc:5f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 13 18:04:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e40d6d2d16cb71ed56cf3e80437350512b0622d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:df:2c:83:43:46:d0:4d:7b:87:1e:0f:f0:5e:
99:c5:30:14:71:bc:2e:b5:ef:a4:03:e0:91:6a:26:
85:af:e2:e1:96:0d:4e:0f:80:26:ff:19:7c:ac:6b:
f1:3c:88:f4:93:3d:ff:36:e2:2b:4a:dd:11:98:b2:
28:c3:d0:28:86:84:7e:58:e3:81:78:e6:b2:89:c4:
01:c3:41:f3:45:50:c5:30:ed:f2:0a:51:2c:b1:cc:
9b:5e:93:14:44:bd:5c:b1:7c:53:fe:60:52:ec:67:
da:7b:f7:38:f7:dc:93:7d:d4:05:54:d0:cc:3a:dc:
5a:9e:df:fa:45:63:e6:77:8a:8d:ff:fe:7f:8d:76:
be:4b:24:74:b2:17:a1:ca:85:b4:23:03:d3:92:b6:
2e:33:20:0f:77:1e:57:db:43:78:c5:e1:f6:4a:d1:
ad:47:2d:04:6a:da:4e:78:55:1f:09:16:05:e2:dd:
50:ca:c4:d0:6c:64:53:36:5f:67:0c:c3:c0:60:b4:
03:d6:a8:9b:37:27:e0:50:37:f5:29:ac:58:86:69:
15:61:49:4c:49:5a:12:a7:9c:10:a3:9e:7a:ff:d9:
b0:0e:3d:e6:0b:2d:ea:4e:61:0e:1b:a5:92:92:a2:
82:e8:96:76:1f:ef:23:85:8e:65:6e:d6:04:95:84:
5a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:40:D6:D2:D1:6C:B7:1E:D5:6C:F3:E8:04:37:35:05:12:B0:62:2D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fkDW0tFstx7VbPPoBDc1BRKwYi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:85:79:19:de:ca:9f:83:16:a4:b2:80:b5:05:03:32:f3:0b:
a2:aa:76:ce:c1:7e:da:3e:b3:c3:d5:e5:89:01:60:74:8f:a4:
2e:36:99:4b:38:d4:e6:ee:bc:ea:14:5a:fe:6c:57:fd:e7:a8:
7e:78:09:ee:91:98:87:f0:05:c9:6c:e5:85:cf:5a:7c:1b:80:
12:75:57:e9:64:56:66:c8:ab:3a:9b:2f:10:e2:a7:bc:10:d3:
09:86:15:b7:2a:0a:5a:a7:b8:12:59:2e:cb:d1:93:9f:ca:1d:
8a:42:56:99:d1:bd:9c:3e:47:ca:66:77:1c:46:ec:93:76:0b:
25:d5:a8:2f:37:c6:7e:3f:06:21:2b:e4:7e:aa:22:b1:86:7a:
8c:cc:42:88:9e:f4:5e:c3:16:c1:cb:b6:aa:f2:ac:fa:f9:18:
a5:5d:7c:ca:0e:e8:e0:d9:1e:d8:de:0f:11:ba:94:de:f1:7f:
82:a3:a0:1b:ac:21:d0:41:57:0b:2e:18:60:66:02:f5:21:7c:
b3:32:65:81:a3:a4:30:44:1d:40:e3:87:32:b1:b6:eb:ac:01:
eb:e6:fb:cc:7c:47:50:1d:c7:3f:ae:30:d3:99:e4:75:e4:96:
ec:f8:46:4b:73:34:ec:c3:89:62:81:cf:b4:f5:16:50:41:9b:
2a:c4:e0:b7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYRyKgXECrWLpWh5BrMXvF+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTEzMTgwNDI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTQwZDZkMmQxNmNiNzFlZDU2Y2YzZTgwNDM3MzUwNTEyYjA2MjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjt8sg0NG0E17hx4P8F6ZxTAUcbwu
te+kA+CRaiaFr+Lhlg1OD4Am/xl8rGvxPIj0kz3/NuIrSt0RmLIow9AohoR+WOOB
eOayicQBw0HzRVDFMO3yClEsscybXpMURL1csXxT/mBS7Gfae/c499yTfdQFVNDM
Otxant/6RWPmd4qN//5/jXa+SyR0shehyoW0IwPTkrYuMyAPdx5X20N4xeH2StGt
Ry0EatpOeFUfCRYF4t1QysTQbGRTNl9nDMPAYLQD1qibNyfgUDf1KaxYhmkVYUlM
SVoSp5wQo556/9mwDj3mCy3qTmEOG6WSkqKC6JZ2H+8jhY5lbtYElYRa+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH5A1tLRbLce1Wzz6AQ3NQUSsGItMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZmtEVzB0RnN0eDdWYlBQb0JEYzFCUkt3WWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGGFeRneyp+DFqSygLUF
AzLzC6Kqds7Bfto+s8PV5YkBYHSPpC42mUs41ObuvOoUWv5sV/3nqH54Ce6RmIfw
Bcls5YXPWnwbgBJ1V+lkVmbIqzqbLxDip7wQ0wmGFbcqClqnuBJZLsvRk5/KHYpC
VpnRvZw+R8pmdxxG7JN2CyXVqC83xn4/BiEr5H6qIrGGeozMQoie9F7DFsHLtqry
rPr5GKVdfMoO6ODZHtjeDxG6lN7xf4KjoBusIdBBVwsuGGBmAvUhfLMyZYGjpDBE
HUDjhzKxtuusAevm+8x8R1Adxz+uMNOZ5HXkluz4RktzNOzDiWKBz7T1FlBBmyrE
4Lc=
-----END CERTIFICATE-----
Generated at Thu May 1 17:41:56 2025 by rpki-client