Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tEtxS1w7nEStpcaRdgmzd0h2U-Y.roa
File: tEtxS1w7nEStpcaRdgmzd0h2U-Y.roa (raw, json)
Hash identifier: AVPWnV+F3pSgkvLcrgM9/UREoVw7aR2tF9U+EherBkw=
Subject key identifier: B4:4B:71:4B:5C:3B:9C:44:AD:A5:C6:91:76:09:B3:77:48:76:53:E6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185F690452A2D6A85644592BBDE719D4934
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tEtxS1w7nEStpcaRdgmzd0h2U-Y.roa
Signing time: Sat 28 Jan 2023 04:08:48 +0000
ROA not before: Sat 28 Jan 2023 04:08:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f6:90:45:2a:2d:6a:85:64:45:92:bb:de:71:9d:49:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 28 04:08:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b44b714b5c3b9c44ada5c6917609b377487653e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7a:e2:1c:dc:11:5a:e0:25:80:b1:2f:96:76:
b0:c0:90:36:90:b3:1e:3c:52:d5:80:73:19:73:dc:
fc:ae:45:43:56:56:29:b4:45:de:06:f7:95:c9:dd:
dc:5a:5f:fa:c5:05:2b:4a:8f:d1:3a:d8:de:15:22:
e6:ac:2d:60:55:00:eb:79:6f:95:83:a0:21:e9:17:
25:5f:26:a7:85:bc:3e:e4:13:0c:97:4f:81:a1:0b:
44:c7:97:94:cb:75:44:ab:6d:89:4d:4f:dc:14:a6:
f5:91:9c:35:e9:87:12:25:72:06:b7:a0:02:7f:40:
9a:dc:c8:ab:a7:f0:cd:63:75:3a:7c:4f:4f:34:d8:
46:3b:63:b8:22:48:43:d2:98:36:9f:c0:60:e9:8f:
53:ac:0b:30:b5:58:00:4c:5f:1c:18:08:bf:07:9a:
58:46:a8:63:63:8a:e5:d0:aa:8d:84:87:c3:42:29:
85:49:e0:0a:58:f2:3f:0e:84:1c:3c:e7:aa:37:2c:
a7:8e:b1:ba:75:54:7f:5f:b5:d5:7f:32:af:85:ae:
b2:c1:05:22:01:e8:da:8e:f2:a8:35:c9:0e:64:47:
92:50:c9:ce:0a:2e:89:a3:f2:b8:b9:4a:6c:55:85:
a3:87:41:ff:98:f4:01:e2:87:12:0b:0a:17:1f:6e:
5d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:4B:71:4B:5C:3B:9C:44:AD:A5:C6:91:76:09:B3:77:48:76:53:E6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tEtxS1w7nEStpcaRdgmzd0h2U-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:3f:3b:50:9b:c7:e0:c7:b2:46:40:92:f8:83:dc:c8:5f:57:
61:af:d3:24:ce:a6:e1:79:c5:cf:0b:88:90:54:28:b0:5f:50:
2e:72:e1:69:b8:3d:3e:89:a9:41:9c:69:82:82:7b:0f:a0:ec:
52:5a:06:37:55:74:f9:6a:96:17:d7:27:41:d0:f1:8f:c3:09:
54:5a:15:2b:c0:05:1c:00:3f:ce:78:15:1d:e7:52:ab:89:6e:
e8:57:96:99:20:f2:f8:0a:0a:f4:b5:a6:f8:0d:d5:d4:87:17:
8b:75:c2:a5:0a:b6:3c:74:a8:83:4b:bb:55:41:5b:60:b6:a7:
ab:a7:7c:95:19:48:98:8d:85:14:ba:fc:01:20:4c:32:f2:b5:
fe:2b:cd:af:97:8c:c5:7e:7c:dd:ac:09:75:76:33:93:e7:66:
4f:2a:1f:18:25:39:62:ff:ab:58:ad:71:24:19:81:a6:c7:82:
53:45:a4:88:6d:e6:a0:59:fc:dd:29:06:95:67:02:af:82:df:
2b:12:8a:05:e6:02:e6:e3:41:c1:50:b4:c9:32:05:bd:6b:7c:
d9:36:4a:79:85:70:12:53:2e:37:63:16:07:e9:03:82:ca:5c:
d5:e6:ee:11:a4:14:d3:0e:ca:91:7b:5d:3e:d9:f5:2a:84:0e:
f3:f6:dd:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYX2kEUqLWqFZEWSu95xnUk0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI4MDQwODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDRiNzE0YjVjM2I5YzQ0YWRhNWM2OTE3NjA5YjM3NzQ4NzY1M2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXriHNwRWuAlgLEvlnawwJA2kLMe
PFLVgHMZc9z8rkVDVlYptEXeBveVyd3cWl/6xQUrSo/ROtjeFSLmrC1gVQDreW+V
g6Ah6RclXyanhbw+5BMMl0+BoQtEx5eUy3VEq22JTU/cFKb1kZw16YcSJXIGt6AC
f0Ca3Mirp/DNY3U6fE9PNNhGO2O4IkhD0pg2n8Bg6Y9TrAswtVgATF8cGAi/B5pY
RqhjY4rl0KqNhIfDQimFSeAKWPI/DoQcPOeqNyynjrG6dVR/X7XVfzKvha6ywQUi
AejajvKoNckOZEeSUMnOCi6Jo/K4uUpsVYWjh0H/mPQB4ocSCwoXH25d8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLRLcUtcO5xEraXGkXYJs3dIdlPmMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdEV0eFMxdzduRVN0cGNhUmRnbXpkMGgyVS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABo/O1Cbx+DHskZAkviD
3MhfV2Gv0yTOpuF5xc8LiJBUKLBfUC5y4Wm4PT6JqUGcaYKCew+g7FJaBjdVdPlq
lhfXJ0HQ8Y/DCVRaFSvABRwAP854FR3nUquJbuhXlpkg8vgKCvS1pvgN1dSHF4t1
wqUKtjx0qINLu1VBW2C2p6unfJUZSJiNhRS6/AEgTDLytf4rza+XjMV+fN2sCXV2
M5PnZk8qHxglOWL/q1itcSQZgabHglNFpIht5qBZ/N0pBpVnAq+C3ysSigXmAubj
QcFQtMkyBb1rfNk2SnmFcBJTLjdjFgfpA4LKXNXm7hGkFNMOypF7XT7Z9SqEDvP2
3eM=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:02:08 2025 by rpki-client