Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gvFR7EJW3rRsVJU_K6kHeTtwlZY.roa
File: gvFR7EJW3rRsVJU_K6kHeTtwlZY.roa (raw, json)
Hash identifier: GHqTsySFwrcuhYSvhPj8fRc374zKT3MaMKGD8EQdhdU=
Subject key identifier: 82:F1:51:EC:42:56:DE:B4:6C:54:95:3F:2B:A9:07:79:3B:70:95:96
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018557C7AE8080DECED42A16D0D9CB72AFDD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gvFR7EJW3rRsVJU_K6kHeTtwlZY.roa
Signing time: Wed 28 Dec 2022 08:09:41 +0000
ROA not before: Wed 28 Dec 2022 08:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:57:c7:ae:80:80:de:ce:d4:2a:16:d0:d9:cb:72:af:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 28 08:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82f151ec4256deb46c54953f2ba907793b709596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:58:8d:f8:bc:27:9a:78:e0:50:94:9e:95:7d:
c1:79:19:e3:c0:bd:4a:ea:69:e9:13:53:e7:24:01:
19:ed:25:c3:8c:40:42:ce:af:8f:7b:b5:6e:5d:49:
1d:4a:e3:fb:3c:35:c2:b4:3c:6f:60:48:a9:e5:c6:
11:7e:e9:9e:57:94:ec:f8:e0:fa:61:b1:99:74:8b:
c4:5f:8c:9e:b0:eb:bd:83:6e:ec:65:5d:79:e7:b9:
e3:5e:6c:89:f5:cf:54:a6:2d:0d:af:83:46:cf:c0:
57:15:33:3a:63:d3:14:1e:d9:ca:4f:cd:02:32:58:
b2:21:41:82:e4:1a:e4:52:8a:6e:3e:ad:30:79:47:
e1:02:1c:83:2f:c8:7e:d5:fc:34:7d:d6:d4:9f:43:
37:f5:14:3c:fe:1e:b8:87:1d:72:e0:a0:86:b9:67:
f1:35:52:5d:c9:17:19:e4:fa:4a:af:8f:03:e5:c0:
a6:ef:e5:7a:b9:3d:45:27:5c:e3:36:44:af:85:0c:
46:77:69:17:52:83:fc:21:14:9b:ab:2d:0a:7f:71:
72:b0:56:87:bd:42:2a:1b:29:93:5b:3a:66:8a:f3:
e0:59:4a:d7:62:d5:64:45:90:bb:44:9c:20:fb:e3:
88:13:04:a6:1c:d9:d5:3c:13:02:55:75:a6:d7:10:
94:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:F1:51:EC:42:56:DE:B4:6C:54:95:3F:2B:A9:07:79:3B:70:95:96
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/gvFR7EJW3rRsVJU_K6kHeTtwlZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:06:e1:1f:1c:39:2a:93:b3:20:fb:79:b2:98:23:35:d0:14:
5e:75:88:5d:f6:70:17:e2:2b:69:e9:ff:5d:f8:d8:de:5d:ad:
cd:be:d5:f5:bc:4b:fc:01:f2:12:b2:5d:ea:c3:52:cd:7b:2e:
9b:4d:b8:87:26:f4:65:21:25:a5:be:b3:fd:65:ed:88:eb:bf:
ea:af:7d:9e:9c:ff:51:3c:a0:71:d7:51:a7:0a:a7:ba:04:b3:
44:42:32:51:a0:70:83:fc:93:41:cd:99:b3:df:fa:ef:07:f7:
8c:7b:10:f9:63:d6:14:60:0d:76:c3:65:b5:65:9d:59:9b:f3:
5a:09:03:57:88:fc:02:d0:ea:4c:cc:4d:de:ba:c8:82:ae:76:
76:a3:e6:18:b4:d5:fa:90:a8:fd:3c:00:25:ea:78:46:58:8a:
a3:71:6f:97:64:34:84:9a:d6:ad:f5:de:90:73:91:52:ee:24:
f8:f7:05:14:1a:1a:02:58:d9:76:2e:56:6e:4f:2e:4e:06:dc:
64:84:2f:d1:8f:5a:7c:70:b6:71:30:22:3b:8e:d6:0c:f6:8c:
67:d0:7a:7c:6c:be:c5:35:e3:f3:dd:a0:d4:56:89:2e:a8:54:
ed:5f:82:84:98:2e:f9:84:6a:60:49:ec:e7:a8:36:58:76:6b:
c1:96:d7:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVXx66AgN7O1CoW0NnLcq/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI4MDgwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmYxNTFlYzQyNTZkZWI0NmM1NDk1M2YyYmE5MDc3OTNiNzA5NTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFiN+LwnmnjgUJSelX3BeRnjwL1K
6mnpE1PnJAEZ7SXDjEBCzq+Pe7VuXUkdSuP7PDXCtDxvYEip5cYRfumeV5Ts+OD6
YbGZdIvEX4yesOu9g27sZV1557njXmyJ9c9Upi0Nr4NGz8BXFTM6Y9MUHtnKT80C
MliyIUGC5BrkUopuPq0weUfhAhyDL8h+1fw0fdbUn0M39RQ8/h64hx1y4KCGuWfx
NVJdyRcZ5PpKr48D5cCm7+V6uT1FJ1zjNkSvhQxGd2kXUoP8IRSbqy0Kf3FysFaH
vUIqGymTWzpmivPgWUrXYtVkRZC7RJwg++OIEwSmHNnVPBMCVXWm1xCUqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFILxUexCVt60bFSVPyupB3k7cJWWMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZ3ZGUjdFSlczclJzVkpVX0s2a0hlVHR3bFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHQG4R8cOSqTsyD7ebKY
IzXQFF51iF32cBfiK2np/1342N5drc2+1fW8S/wB8hKyXerDUs17LptNuIcm9GUh
JaW+s/1l7Yjrv+qvfZ6c/1E8oHHXUacKp7oEs0RCMlGgcIP8k0HNmbPf+u8H94x7
EPlj1hRgDXbDZbVlnVmb81oJA1eI/ALQ6kzMTd66yIKudnaj5hi01fqQqP08ACXq
eEZYiqNxb5dkNISa1q313pBzkVLuJPj3BRQaGgJY2XYuVm5PLk4G3GSEL9GPWnxw
tnEwIjuO1gz2jGfQenxsvsU14/PdoNRWiS6oVO1fgoSYLvmEamBJ7OeoNlh2a8GW
1z0=
-----END CERTIFICATE-----
Generated at Sat May 3 01:55:13 2025 by rpki-client