Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nDsnFbayDOmi3KnPSLcQtaYb90s.roa
File: nDsnFbayDOmi3KnPSLcQtaYb90s.roa (raw, json)
Hash identifier: uMuga8beo3+Wl2lEYDRjGFd4daTTM/E123y67aTrB7Q=
Subject key identifier: 9C:3B:27:15:B6:B2:0C:E9:A2:DC:A9:CF:48:B7:10:B5:A6:1B:F7:4B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 86E9E732
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nDsnFbayDOmi3KnPSLcQtaYb90s.roa
Signing time: Tue 24 May 2022 20:11:13 +0000
ROA not before: Tue 24 May 2022 20:11:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:ddb5:bc5/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:e0ec:efe1/128 maxlen: 128
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:f73d:bab5/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2263476018 (0x86e9e732)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 24 20:11:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c3b2715b6b20ce9a2dca9cf48b710b5a61bf74b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c8:50:10:d7:ee:83:6b:a4:65:fa:d7:fc:38:
e3:66:0d:2e:6f:25:7a:56:44:72:98:3e:b0:73:e7:
69:ac:5e:79:6f:64:f9:c5:c5:f8:4b:31:39:73:25:
c6:12:dc:ef:c2:05:3c:db:32:ed:33:67:48:96:70:
3c:83:3b:94:81:ac:df:4c:47:2c:36:87:db:63:47:
3b:43:31:93:fd:42:2b:ce:f0:0a:dc:f3:17:13:99:
70:4e:8a:02:8e:39:f5:8e:e9:4e:03:74:7b:0a:94:
6b:15:ab:85:59:db:80:85:fe:97:03:71:c5:8f:3a:
d1:07:6d:04:bd:b3:ca:9b:11:36:9d:c3:51:eb:ea:
bb:09:3c:f6:22:c8:a5:89:d7:b5:fd:90:d7:6f:17:
43:82:0d:0a:5e:b7:4d:80:be:ec:e6:50:ec:b1:d0:
f8:96:0d:03:99:91:11:01:31:43:c6:00:e3:ad:76:
a9:58:9c:2d:4c:c1:bb:84:df:dd:8a:ee:79:33:08:
a7:d2:50:34:4d:a6:ca:d4:60:13:c3:c2:76:59:ff:
c1:01:0e:6a:da:78:ed:30:1f:28:c0:a3:16:5a:b4:
2e:df:ef:01:6c:ac:7a:f9:da:3a:86:35:2a:0d:79:
cf:ea:6e:ae:0c:8e:01:c4:41:33:ae:24:32:9c:c6:
cc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3B:27:15:B6:B2:0C:E9:A2:DC:A9:CF:48:B7:10:B5:A6:1B:F7:4B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nDsnFbayDOmi3KnPSLcQtaYb90s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:7f:2d:b6:74:11:c5:f3:2f:d5:6f:c4:ee:0e:5f:0a:5f:30:
fd:ec:78:a3:ef:dc:83:5c:a9:83:b2:48:a7:dc:af:25:36:46:
13:c5:15:c9:bf:dc:e5:45:e1:c8:e1:28:21:d3:f4:1b:84:0c:
0d:ef:b0:34:7e:e3:bf:60:b7:19:7b:4e:7e:28:74:99:38:de:
12:de:d4:ee:ea:90:a8:e9:a1:7e:10:8e:25:ef:66:a5:07:0e:
7e:6c:ff:ed:84:69:fa:b8:88:f4:36:89:6c:c9:76:e3:12:b1:
d8:64:f0:74:6b:87:92:9a:1f:a3:0c:0f:d9:b2:ed:85:b3:c8:
30:2e:d3:36:d8:3f:9c:de:91:cd:03:73:cc:da:ec:84:b9:1c:
6f:16:e2:80:52:f7:fe:cd:4f:9e:1c:42:5c:26:5b:f1:c6:8d:
54:b9:9b:50:37:21:5c:99:c6:2b:bc:eb:76:22:fc:b7:08:dc:
c4:14:7e:e7:a4:4c:6b:30:fa:88:98:9a:54:05:ca:99:bb:5f:
6b:54:9c:22:ad:9c:a2:2f:5d:87:fd:4a:bc:a8:d5:50:2a:82:
01:e3:00:1d:4d:ac:09:e7:f6:3f:c3:cc:01:11:0f:06:01:2d:
00:45:2e:a8:d9:2f:3a:f1:7e:d9:c9:34:b3:c6:be:44:30:58:
8d:d2:38:26
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIbp5zIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjQyMDExMTNaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDljM2IyNzE1YjZi
MjBjZTlhMmRjYTljZjQ4YjcxMGI1YTYxYmY3NGIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/yFAQ1+6Da6Rl+tf8OONmDS5vJXpWRHKYPrBz52msXnlv
ZPnFxfhLMTlzJcYS3O/CBTzbMu0zZ0iWcDyDO5SBrN9MRyw2h9tjRztDMZP9QivO
8Arc8xcTmXBOigKOOfWO6U4DdHsKlGsVq4VZ24CF/pcDccWPOtEHbQS9s8qbETad
w1Hr6rsJPPYiyKWJ17X9kNdvF0OCDQpet02AvuzmUOyx0PiWDQOZkREBMUPGAOOt
dqlYnC1MwbuE392K7nkzCKfSUDRNpsrUYBPDwnZZ/8EBDmraeO0wHyjAoxZatC7f
7wFsrHr52jqGNSoNec/qbq4MjgHEQTOuJDKcxsylAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUnDsnFbayDOmi3KnPSLcQtaYb90swHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9uRHNuRmJheURPbWkzS25QU0xjUXRhWWI5MHMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAP38ttnQRxfMv1W/E7g5fCl8w/ex4o+/cg1yp
g7JIp9yvJTZGE8UVyb/c5UXhyOEoIdP0G4QMDe+wNH7jv2C3GXtOfih0mTjeEt7U
7uqQqOmhfhCOJe9mpQcOfmz/7YRp+riI9DaJbMl24xKx2GTwdGuHkpofowwP2bLt
hbPIMC7TNtg/nN6RzQNzzNrshLkcbxbigFL3/s1PnhxCXCZb8caNVLmbUDchXJnG
K7zrdiL8twjcxBR+56RMazD6iJiaVAXKmbtfa1ScIq2coi9dh/1KvKjVUCqCAeMA
HU2sCef2P8PMAREPBgEtAEUuqNkvOvF+2ck0s8a+RDBYjdI4Jg==
-----END CERTIFICATE-----
Generated at Thu May 1 03:24:17 2025 by rpki-client