Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sIFaZ5D55rAFwD3EGAMyD8RvvHI.roa
File: sIFaZ5D55rAFwD3EGAMyD8RvvHI.roa (raw, json)
Hash identifier: ZEoAgTkZKtAA4dEs/5uFSDR3cOcDzPz4SYIO254jkmE=
Subject key identifier: B0:81:5A:67:90:F9:E6:B0:05:C0:3D:C4:18:03:32:0F:C4:6F:BC:72
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189C22DA55E69B9B15A71DB97570FE15DC3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sIFaZ5D55rAFwD3EGAMyD8RvvHI.roa
Signing time: Fri 04 Aug 2023 20:11:58 +0000
ROA not before: Fri 04 Aug 2023 20:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c2:2d:a5:5e:69:b9:b1:5a:71:db:97:57:0f:e1:5d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 4 20:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0815a6790f9e6b005c03dc41803320fc46fbc72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4e:82:af:0d:1f:3d:4f:cb:56:7b:43:77:90:
90:95:c4:2f:d9:87:7b:aa:b9:2e:4b:76:4d:82:94:
42:0b:2c:ec:2c:d0:94:9c:c7:9d:8d:38:2c:0b:75:
95:0e:2d:69:cc:85:d3:6b:cf:f7:e5:ce:f5:08:ab:
1c:30:77:63:45:79:cd:38:16:22:1f:b5:a9:9e:73:
f4:b4:c6:a9:32:69:62:4d:65:92:c1:5c:fa:40:ff:
75:54:e3:7b:76:3e:99:91:d0:c2:ef:65:48:3c:6f:
d4:c2:38:47:03:fd:20:a7:67:24:e8:8d:b1:31:9a:
eb:40:30:04:f4:bb:fe:61:87:c5:e1:ea:06:fd:2e:
08:02:27:dc:f5:7e:f5:ec:db:ce:13:84:be:6b:47:
0d:5e:fb:ed:fc:64:e9:22:60:4f:2d:ea:f4:d6:67:
ba:58:e2:b8:ac:09:d5:a3:ee:6d:62:74:ef:62:f5:
51:9a:5f:fa:a3:f1:5b:cd:45:e7:84:30:c5:15:c8:
f1:e3:1d:6c:6a:1c:81:85:c5:66:1b:dc:b3:17:88:
a5:cd:dc:02:5e:4a:ee:0f:17:93:83:80:29:e1:be:
2a:c2:c3:51:bc:86:46:0d:3a:93:d1:b2:84:22:cf:
c6:d9:08:fe:d0:7c:2d:ac:8f:59:a0:30:c7:93:99:
ea:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:81:5A:67:90:F9:E6:B0:05:C0:3D:C4:18:03:32:0F:C4:6F:BC:72
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/sIFaZ5D55rAFwD3EGAMyD8RvvHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b1:db:71:97:66:e1:99:30:b6:e4:68:15:6d:62:09:44:79:83:
44:48:8d:b4:44:e4:75:b1:45:41:f3:a9:17:3d:0f:2f:0c:a9:
13:f9:3e:b3:ad:70:36:84:e4:75:c3:dd:59:52:a1:e8:b5:68:
3d:08:36:0b:a3:22:9e:b7:c1:59:88:9c:77:1c:59:dc:35:66:
bb:8b:f4:d8:04:5f:14:a8:7c:71:7f:b4:0c:d5:f1:d0:ec:a1:
d8:31:8c:08:01:d2:85:ea:b8:ce:31:b8:16:5d:e1:c4:c2:af:
ed:28:1f:db:2e:d2:05:34:24:3d:40:99:ff:26:2e:e2:75:69:
28:69:f1:79:12:62:6b:b5:94:e9:f6:dc:96:df:c2:46:ab:45:
f7:38:4b:94:a9:54:5d:4f:d2:96:de:ef:82:56:a1:5f:79:ce:
26:a8:6a:86:38:00:3f:e0:a7:33:5f:78:f8:fb:cf:1e:a9:cd:
4d:8a:3c:35:21:88:0b:fc:52:7b:4c:a6:2c:35:fc:e4:37:8f:
4f:ea:c1:8c:cf:30:a6:f6:e4:c8:9f:e1:27:b3:1c:88:58:ec:
7f:d7:aa:9e:d9:a0:0b:03:fb:46:2b:63:26:9b:7d:5a:b9:b0:
d3:8d:49:62:ad:13:d4:02:08:f5:e0:2b:7e:35:a7:c2:5b:a1:
b9:e4:07:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnCLaVeabmxWnHbl1cP4V3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA0MjAxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDgxNWE2NzkwZjllNmIwMDVjMDNkYzQxODAzMzIwZmM0NmZiYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxk6Crw0fPU/LVntDd5CQlcQv2Yd7
qrkuS3ZNgpRCCyzsLNCUnMedjTgsC3WVDi1pzIXTa8/35c71CKscMHdjRXnNOBYi
H7WpnnP0tMapMmliTWWSwVz6QP91VON7dj6ZkdDC72VIPG/UwjhHA/0gp2ck6I2x
MZrrQDAE9Lv+YYfF4eoG/S4IAifc9X717NvOE4S+a0cNXvvt/GTpImBPLer01me6
WOK4rAnVo+5tYnTvYvVRml/6o/FbzUXnhDDFFcjx4x1sahyBhcVmG9yzF4ilzdwC
XkruDxeTg4Ap4b4qwsNRvIZGDTqT0bKEIs/G2Qj+0HwtrI9ZoDDHk5nqrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLCBWmeQ+eawBcA9xBgDMg/Eb7xyMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvc0lGYVo1RDU1ckFGd0QzRUdBTXlEOFJ2dkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALHbcZdm4ZkwtuRoFW1i
CUR5g0RIjbRE5HWxRUHzqRc9Dy8MqRP5PrOtcDaE5HXD3VlSoei1aD0INgujIp63
wVmInHccWdw1ZruL9NgEXxSofHF/tAzV8dDsodgxjAgB0oXquM4xuBZd4cTCr+0o
H9su0gU0JD1Amf8mLuJ1aShp8XkSYmu1lOn23JbfwkarRfc4S5SpVF1P0pbe74JW
oV95ziaoaoY4AD/gpzNfePj7zx6pzU2KPDUhiAv8UntMpiw1/OQ3j0/qwYzPMKb2
5Mif4SezHIhY7H/Xqp7ZoAsD+0YrYyabfVq5sNONSWKtE9QCCPXgK341p8Jbobnk
B4Y=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:33:14 2025 by rpki-client