Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/m56V77S7Chx6hVhZ_SIOApma_WA.roa
File: m56V77S7Chx6hVhZ_SIOApma_WA.roa (raw, json)
Hash identifier: 4JyI+sLDErlP3y0xS4rNubVnehGvKUeJJWzXUvh2McU=
Subject key identifier: 9B:9E:95:EF:B4:BB:0A:1C:7A:85:58:59:FD:22:0E:02:99:9A:FD:60
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186A94ADAE4D531FC8E35F9502292C1B344
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/m56V77S7Chx6hVhZ_SIOApma_WA.roa
Signing time: Fri 03 Mar 2023 21:05:00 +0000
ROA not before: Fri 03 Mar 2023 21:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:a94a:2146/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a9:4a:da:e4:d5:31:fc:8e:35:f9:50:22:92:c1:b3:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 3 21:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b9e95efb4bb0a1c7a855859fd220e02999afd60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fc:dd:bc:9c:af:98:6e:e0:53:c0:7b:64:ba:
06:8f:da:25:19:82:23:cc:38:ef:18:f2:a3:84:c7:
93:ab:81:2f:7d:61:95:7d:ff:7f:d7:69:dc:e7:3d:
ee:00:33:64:5b:50:e2:ab:cc:35:ca:4e:96:14:29:
b9:dd:f9:1b:b8:00:68:31:70:82:4f:9d:9e:53:f4:
ad:65:dd:88:5c:93:d3:3a:a3:57:1c:40:89:86:82:
d4:08:e8:6a:3f:ff:48:e4:a9:32:85:90:9d:cb:57:
98:d0:5a:a5:18:a5:c9:53:02:56:31:f3:8a:e5:fe:
bd:56:07:60:1f:43:85:a1:5f:19:d9:3b:ec:00:bf:
2b:eb:54:34:6b:2e:ef:ba:1a:e6:50:6b:89:d6:95:
b1:f8:d1:2a:4b:2f:dd:b2:b0:3a:38:11:33:51:7a:
8c:a5:f3:94:8f:9e:16:81:a8:c9:bb:77:61:35:87:
44:25:ec:f9:9d:fc:60:13:b5:df:ba:0d:cb:a6:54:
be:4e:6b:67:d5:3f:a7:ba:76:03:84:c2:59:00:7a:
e6:57:ad:59:e2:e8:21:c3:fe:33:04:66:25:fa:46:
04:ac:f7:f3:e8:a2:67:2b:5c:cd:0c:f8:c5:19:14:
33:f6:61:98:02:74:0b:38:fa:41:cb:bf:03:a2:7b:
ce:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:9E:95:EF:B4:BB:0A:1C:7A:85:58:59:FD:22:0E:02:99:9A:FD:60
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/m56V77S7Chx6hVhZ_SIOApma_WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:25:b9:75:e7:20:52:e4:81:d4:87:8d:0f:5c:a9:81:60:4b:
84:7f:53:32:75:44:34:35:ec:07:23:9e:09:2e:86:31:1c:ea:
20:aa:66:f2:a9:b1:10:11:c8:67:36:58:51:84:a8:67:e9:41:
47:95:3a:de:66:0d:47:ec:22:33:01:2c:45:34:a9:e2:a6:c7:
35:82:54:0c:ac:8c:b4:94:b2:23:16:f5:5b:70:80:27:d5:72:
26:e4:5c:cf:3b:22:7d:87:59:f4:1d:8c:89:9f:5f:ba:8d:18:
5c:83:51:98:08:72:95:9e:65:7c:22:de:62:82:1e:59:15:1b:
52:54:45:a0:94:84:9c:8f:b8:72:bc:79:45:8c:10:b5:ca:57:
92:41:66:34:31:f3:80:54:99:84:8d:75:07:94:02:f8:e2:34:
47:60:34:f2:3e:79:14:1e:f6:63:1b:14:7a:00:5a:d4:ae:e0:
60:f5:75:3c:3e:7f:c4:ed:74:59:98:25:53:43:d7:2d:d8:98:
c3:35:43:fc:c8:34:6f:d0:89:0d:c3:60:36:7d:e3:78:74:67:
bc:51:b8:e8:10:45:26:e8:7c:30:27:03:ef:59:27:58:8a:36:
54:e3:fe:35:4b:ce:5e:52:7e:76:c6:8c:9a:4a:2c:ef:be:9f:
b8:15:1d:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYapStrk1TH8jjX5UCKSwbNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAzMjEwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjllOTVlZmI0YmIwYTFjN2E4NTU4NTlmZDIyMGUwMjk5OWFmZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/zdvJyvmG7gU8B7ZLoGj9olGYIj
zDjvGPKjhMeTq4EvfWGVff9/12nc5z3uADNkW1Diq8w1yk6WFCm53fkbuABoMXCC
T52eU/StZd2IXJPTOqNXHECJhoLUCOhqP/9I5KkyhZCdy1eY0FqlGKXJUwJWMfOK
5f69VgdgH0OFoV8Z2TvsAL8r61Q0ay7vuhrmUGuJ1pWx+NEqSy/dsrA6OBEzUXqM
pfOUj54WgajJu3dhNYdEJez5nfxgE7Xfug3LplS+Tmtn1T+nunYDhMJZAHrmV61Z
4ughw/4zBGYl+kYErPfz6KJnK1zNDPjFGRQz9mGYAnQLOPpBy78DonvOjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJuele+0uwoceoVYWf0iDgKZmv1gMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbTU2Vjc3UzdDaHg2aFZoWl9TSU9BcG1hX1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH0luXXnIFLkgdSHjQ9c
qYFgS4R/UzJ1RDQ17AcjngkuhjEc6iCqZvKpsRARyGc2WFGEqGfpQUeVOt5mDUfs
IjMBLEU0qeKmxzWCVAysjLSUsiMW9VtwgCfVcibkXM87In2HWfQdjImfX7qNGFyD
UZgIcpWeZXwi3mKCHlkVG1JURaCUhJyPuHK8eUWMELXKV5JBZjQx84BUmYSNdQeU
AvjiNEdgNPI+eRQe9mMbFHoAWtSu4GD1dTw+f8TtdFmYJVND1y3YmMM1Q/zING/Q
iQ3DYDZ943h0Z7xRuOgQRSbofDAnA+9ZJ1iKNlTj/jVLzl5SfnbGjJpKLO++n7gV
HaQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:14:19 2025 by rpki-client