Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nVawtEAu0_lSnlSbrG-XSHReXYo.roa
File: nVawtEAu0_lSnlSbrG-XSHReXYo.roa (raw, json)
Hash identifier: rsH42gbTo3f+0eTivUsz1ZUUsHf3u4GEu3AMsj0FH3g=
Subject key identifier: 9D:56:B0:B4:40:2E:D3:F9:52:9E:54:9B:AC:6F:97:48:74:5E:5D:8A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018549673FCA394ABC370A1293137486E15A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nVawtEAu0_lSnlSbrG-XSHReXYo.roa
Signing time: Sun 25 Dec 2022 13:09:41 +0000
ROA not before: Sun 25 Dec 2022 13:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:49:67:3f:ca:39:4a:bc:37:0a:12:93:13:74:86:e1:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 25 13:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d56b0b4402ed3f9529e549bac6f9748745e5d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:57:e2:c9:5a:32:2e:c2:b6:09:48:56:09:79:
91:06:cf:34:90:31:0e:ec:f1:e9:56:6b:b3:f7:14:
49:03:ca:b1:90:5f:4d:b8:95:69:4f:4b:08:24:30:
11:94:13:ea:f6:e5:59:f2:98:39:4f:da:f9:07:55:
9d:1f:c7:c2:64:80:c7:62:b5:f0:4a:f4:8f:4e:16:
e0:d1:35:36:8e:06:5b:bb:18:da:9c:6a:99:54:50:
f1:52:8c:b5:9f:3f:d0:33:70:37:a3:42:a9:e2:29:
60:f3:b8:4e:6d:f2:30:4d:85:78:c3:1e:4c:7f:3a:
33:95:e1:34:fe:b3:ed:2f:21:a0:8c:8e:35:0f:22:
fb:25:e1:c0:19:5a:fe:2b:b6:90:d4:d9:12:12:c7:
9f:92:7f:1d:be:99:30:86:09:e7:40:98:49:0c:1a:
bc:9f:2d:4c:91:4e:dd:a9:1e:b1:91:47:4a:fa:7b:
02:35:cb:fc:b8:42:01:af:7f:90:e7:f8:a4:34:28:
1a:e4:8c:ac:ef:23:3a:cf:f6:8d:50:eb:3e:63:bc:
4d:1a:17:6c:f4:ae:9c:94:82:af:dd:22:45:6f:92:
d2:dc:bb:c4:4c:9d:ef:fc:ef:9a:b9:72:79:5f:96:
b9:19:81:17:5e:40:fb:e1:39:1d:89:18:e6:20:c3:
57:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:56:B0:B4:40:2E:D3:F9:52:9E:54:9B:AC:6F:97:48:74:5E:5D:8A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nVawtEAu0_lSnlSbrG-XSHReXYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:9e:dd:38:ee:c7:f1:eb:3d:86:df:09:78:71:41:32:18:95:
3f:db:c3:20:7b:b6:77:96:39:a5:20:e9:80:ab:04:56:f7:f1:
a2:a0:26:46:f3:f4:bb:a0:47:79:3d:a7:8e:bc:89:01:92:15:
bb:7a:e0:a6:3f:2d:20:4c:c6:8a:9d:ac:13:fc:4b:e9:4a:25:
3e:60:42:c9:4f:24:84:32:cc:dc:88:6b:01:a2:e0:48:e7:5c:
7a:a2:1e:4d:2d:b9:ff:b3:7f:cb:1b:79:23:8f:df:62:03:81:
6e:ff:3c:b9:64:86:9e:73:a9:f6:3f:83:92:c0:c8:2a:d4:d3:
2d:25:b2:d6:bd:7d:58:62:1a:a0:ca:fa:0f:0a:88:2b:e4:fc:
a6:cb:75:72:07:b3:94:51:2f:4f:78:5c:f2:34:4e:fa:85:2b:
f9:5b:c5:6a:b7:99:f1:32:97:0e:31:11:0d:b0:7c:df:86:a1:
cd:28:a8:79:02:70:fa:32:8b:eb:53:f9:46:70:64:f1:04:81:
4a:54:2d:94:ef:78:1a:55:18:1c:bc:16:cd:81:c3:46:d8:ed:
c2:36:52:60:68:90:a4:e0:5e:f9:a6:45:e1:51:f6:49:9e:8d:
99:79:b3:35:47:bb:4f:e9:33:41:1e:a9:42:95:6e:a6:00:cf:
25:e1:ff:f7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVJZz/KOUq8NwoSkxN0huFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI1MTMwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDU2YjBiNDQwMmVkM2Y5NTI5ZTU0OWJhYzZmOTc0ODc0NWU1ZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulfiyVoyLsK2CUhWCXmRBs80kDEO
7PHpVmuz9xRJA8qxkF9NuJVpT0sIJDARlBPq9uVZ8pg5T9r5B1WdH8fCZIDHYrXw
SvSPThbg0TU2jgZbuxjanGqZVFDxUoy1nz/QM3A3o0Kp4ilg87hObfIwTYV4wx5M
fzozleE0/rPtLyGgjI41DyL7JeHAGVr+K7aQ1NkSEsefkn8dvpkwhgnnQJhJDBq8
ny1MkU7dqR6xkUdK+nsCNcv8uEIBr3+Q5/ikNCga5Iys7yM6z/aNUOs+Y7xNGhds
9K6clIKv3SJFb5LS3LvETJ3v/O+auXJ5X5a5GYEXXkD74TkdiRjmIMNXrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ1WsLRALtP5Up5Um6xvl0h0Xl2KMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvblZhd3RFQXUwX2xTbmxTYnJHLVhTSFJlWFlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFCe3Tjux/HrPYbfCXhx
QTIYlT/bwyB7tneWOaUg6YCrBFb38aKgJkbz9LugR3k9p468iQGSFbt64KY/LSBM
xoqdrBP8S+lKJT5gQslPJIQyzNyIawGi4EjnXHqiHk0tuf+zf8sbeSOP32IDgW7/
PLlkhp5zqfY/g5LAyCrU0y0lsta9fVhiGqDK+g8KiCvk/KbLdXIHs5RRL094XPI0
TvqFK/lbxWq3mfEylw4xEQ2wfN+Goc0oqHkCcPoyi+tT+UZwZPEEgUpULZTveBpV
GBy8Fs2Bw0bY7cI2UmBokKTgXvmmReFR9kmejZl5szVHu0/pM0EeqUKVbqYAzyXh
//c=
-----END CERTIFICATE-----
Generated at Fri May 2 15:42:18 2025 by rpki-client