Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/t09cn0bK7Pwf7JyoZEcgG5mAlkQ.roa
File: t09cn0bK7Pwf7JyoZEcgG5mAlkQ.roa (raw, json)
Hash identifier: JYgwXeu9ICpgZnQRoRRFz7aduxx8D5Q6vuDhPRb5Y6A=
Subject key identifier: B7:4F:5C:9F:46:CA:EC:FC:1F:EC:9C:A8:64:47:20:1B:99:80:96:44
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184DEC2F1304FA56EB146D05F9BDC1E1FB2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/t09cn0bK7Pwf7JyoZEcgG5mAlkQ.roa
Signing time: Sun 04 Dec 2022 20:10:28 +0000
ROA not before: Sun 04 Dec 2022 20:10:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:de:c2:f1:30:4f:a5:6e:b1:46:d0:5f:9b:dc:1e:1f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 4 20:10:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b74f5c9f46caecfc1fec9ca86447201b99809644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:4c:cf:38:d8:0a:7e:20:95:05:94:e1:ec:57:
6d:f6:95:bd:99:95:16:1d:53:d4:4c:49:a9:cd:4d:
64:05:e9:89:95:39:f4:8a:d2:25:1c:04:41:59:08:
0c:b4:89:be:19:f0:dd:7b:6e:5c:70:0d:2d:07:79:
a0:3e:d8:f2:ba:c3:4c:2d:5e:b3:da:c2:1e:73:95:
7f:8e:15:81:cd:91:50:26:9a:55:78:a4:3a:9e:c0:
fc:f6:8d:96:50:08:96:8a:f7:8d:e6:39:f6:2e:d8:
9f:8f:d9:24:c2:2e:50:a4:54:22:68:49:51:45:d4:
54:26:fc:e2:13:c5:5e:37:22:93:c7:f8:db:66:2f:
9c:2f:2b:ee:cc:5d:44:d4:25:ed:b6:28:67:d0:88:
00:71:6e:76:44:1a:73:c8:b9:c7:b0:cc:ec:e8:fb:
76:bf:74:af:f1:73:d9:25:ae:3f:d1:7d:a8:d2:39:
1e:e9:bc:5c:5e:ac:2c:b8:80:f5:ce:be:64:a7:3e:
c2:8e:90:f3:15:5f:7b:b6:ee:55:a8:7e:7c:13:87:
e4:7a:52:07:31:4b:e6:54:56:6d:41:46:65:8c:34:
40:1d:f2:3e:5a:44:c6:91:4e:68:f1:55:37:fd:be:
36:e8:ab:de:a9:ca:71:9c:99:34:82:6c:3c:f3:bb:
de:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:4F:5C:9F:46:CA:EC:FC:1F:EC:9C:A8:64:47:20:1B:99:80:96:44
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/t09cn0bK7Pwf7JyoZEcgG5mAlkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:06:d5:3a:0d:0d:f2:20:13:67:17:dd:ea:66:23:e9:54:5f:
49:78:d7:36:b0:12:be:7d:f7:20:6a:af:0f:35:8c:bb:df:28:
7e:eb:e0:19:7e:0c:e1:08:57:ef:8d:ea:b3:32:f7:6c:93:62:
ff:64:70:47:54:3c:d8:ea:6c:80:9c:01:48:e8:48:35:ca:5d:
b1:d5:4e:1b:c7:a4:84:b7:01:28:0c:8b:73:45:ac:45:5e:0d:
2f:a1:ac:4c:52:43:f2:a9:f9:01:f1:42:f3:01:88:4f:e5:48:
4b:62:05:9b:61:ae:3e:b2:94:1d:75:dc:f6:4a:d5:3f:10:bc:
12:40:d4:6e:9a:35:f3:63:71:56:95:03:95:00:96:84:9d:6c:
3c:16:5a:9b:78:11:63:49:77:61:19:51:2f:58:79:17:0b:4a:
fd:69:bd:5e:44:53:64:fe:3d:e9:1f:5d:2a:f7:19:4b:df:00:
60:94:52:d8:4b:69:9a:f7:28:04:96:36:aa:e0:cd:ae:82:e2:
4a:83:e0:23:60:52:0b:e2:a1:3f:f9:05:e7:f1:d7:8a:1a:ca:
6a:5c:ff:42:db:fb:ac:2f:8d:08:e2:65:53:e0:fe:67:6b:75:
f9:05:4c:17:2a:96:de:6b:bb:88:46:2f:7b:b4:13:ea:9e:e1:
7c:69:a5:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTewvEwT6VusUbQX5vcHh+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA0MjAxMDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzRmNWM5ZjQ2Y2FlY2ZjMWZlYzljYTg2NDQ3MjAxYjk5ODA5NjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EzPONgKfiCVBZTh7Fdt9pW9mZUW
HVPUTEmpzU1kBemJlTn0itIlHARBWQgMtIm+GfDde25ccA0tB3mgPtjyusNMLV6z
2sIec5V/jhWBzZFQJppVeKQ6nsD89o2WUAiWiveN5jn2Ltifj9kkwi5QpFQiaElR
RdRUJvziE8VeNyKTx/jbZi+cLyvuzF1E1CXttihn0IgAcW52RBpzyLnHsMzs6Pt2
v3Sv8XPZJa4/0X2o0jke6bxcXqwsuID1zr5kpz7CjpDzFV97tu5VqH58E4fkelIH
MUvmVFZtQUZljDRAHfI+WkTGkU5o8VU3/b426KveqcpxnJk0gmw887veUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLdPXJ9Gyuz8H+ycqGRHIBuZgJZEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdDA5Y24wYks3UHdmN0p5b1pFY2dHNW1BbGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABIG1ToNDfIgE2cX3epm
I+lUX0l41zawEr599yBqrw81jLvfKH7r4Bl+DOEIV++N6rMy92yTYv9kcEdUPNjq
bICcAUjoSDXKXbHVThvHpIS3ASgMi3NFrEVeDS+hrExSQ/Kp+QHxQvMBiE/lSEti
BZthrj6ylB113PZK1T8QvBJA1G6aNfNjcVaVA5UAloSdbDwWWpt4EWNJd2EZUS9Y
eRcLSv1pvV5EU2T+PekfXSr3GUvfAGCUUthLaZr3KASWNqrgza6C4kqD4CNgUgvi
oT/5Befx14oaympc/0Lb+6wvjQjiZVPg/mdrdfkFTBcqlt5ru4hGL3u0E+qe4Xxp
pXk=
-----END CERTIFICATE-----
Generated at Fri May 2 11:51:54 2025 by rpki-client