Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/thFq9oPHTTdu0C-dNuxCKeyLWU8.roa
File: thFq9oPHTTdu0C-dNuxCKeyLWU8.roa (raw, json)
Hash identifier: 0d2+h2VCu2NRyy91Qm6iW6EKpLFSNGS0FCqgWzKQPhE=
Subject key identifier: B6:11:6A:F6:83:C7:4D:37:6E:D0:2F:9D:36:EC:42:29:EC:8B:59:4F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01854D7BE0CEA15CDF0108A63EB0F4DF283D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/thFq9oPHTTdu0C-dNuxCKeyLWU8.roa
Signing time: Mon 26 Dec 2022 08:10:41 +0000
ROA not before: Mon 26 Dec 2022 08:10:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4d:7b:e0:ce:a1:5c:df:01:08:a6:3e:b0:f4:df:28:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 26 08:10:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6116af683c74d376ed02f9d36ec4229ec8b594f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:22:ef:c5:8e:2e:85:85:22:df:75:1d:9f:78:
1c:14:de:64:1a:0a:45:fe:6a:76:53:f9:88:b3:3e:
36:8f:6c:f0:80:91:c3:70:57:9e:4d:e8:81:14:61:
52:ca:fb:a1:ac:bb:0f:4a:57:59:30:4a:82:46:f4:
62:6f:34:9b:00:ce:5a:b8:28:22:56:73:41:46:5d:
c7:9b:f1:fb:fc:10:ce:5b:c7:96:1b:aa:0b:1c:76:
4b:92:bf:e4:59:4c:ea:30:24:a1:a4:68:02:0d:2e:
ce:5e:01:bb:b7:ae:e2:d3:59:e8:e5:2f:4e:2e:55:
9a:bb:31:59:38:a7:a0:3b:fb:57:68:c7:c9:f5:a1:
94:55:16:56:98:37:42:d5:af:ce:f5:33:b8:a0:ce:
f7:d9:ac:33:79:c2:56:93:d6:0e:00:04:f9:c5:8f:
ba:95:9d:80:0a:3a:e6:b6:75:0c:5c:79:9e:31:62:
bf:96:b1:99:19:92:38:c9:aa:06:d8:32:39:75:f4:
35:db:31:dd:6b:f6:93:f8:00:bc:97:8f:9d:e0:ae:
cd:05:35:63:7d:4d:11:21:32:d2:a6:62:06:db:76:
17:2d:c1:10:a8:50:11:61:44:ea:48:ac:fb:ae:c9:
d7:46:32:be:a8:dc:f6:2a:1b:3d:5c:60:44:2a:78:
cf:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:11:6A:F6:83:C7:4D:37:6E:D0:2F:9D:36:EC:42:29:EC:8B:59:4F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/thFq9oPHTTdu0C-dNuxCKeyLWU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:0b:07:52:5c:70:e3:bd:21:c8:fd:0f:55:c7:e5:00:93:6b:
21:3d:36:d9:f5:21:02:0f:c5:cd:f9:63:c5:c8:e9:05:39:75:
ab:47:d2:c6:42:7d:9a:23:d9:d8:67:d7:9d:be:cb:40:d7:02:
52:9c:21:c0:fc:90:ed:dd:61:10:3b:3a:36:3d:99:05:c8:f6:
13:a3:7d:92:34:61:94:2e:4e:5c:af:a0:c9:71:bd:cb:25:31:
43:f6:69:01:4d:5c:77:c9:93:f5:67:5f:27:7a:be:bd:db:35:
b7:9c:b9:77:1f:3f:55:d5:e3:20:0a:57:1c:5f:ba:f0:d7:50:
54:06:c7:65:32:52:27:28:5e:25:34:45:31:39:bd:5b:c9:80:
83:c8:77:0c:a6:97:01:a9:4b:df:fb:b6:8f:a6:ae:ad:1d:14:
a9:86:ce:5d:e8:f5:85:e3:da:6b:60:0a:38:cf:b8:73:7e:08:
f1:c2:f7:96:a7:d0:bd:b6:13:68:12:0a:43:fa:6b:0b:26:ac:
33:e3:63:17:0d:c8:b3:06:87:61:70:6f:9f:76:40:ab:db:fb:
bd:03:40:33:10:1f:16:73:4a:29:07:f9:6b:91:47:a9:53:44:
7e:c5:a6:a7:48:4f:5f:ad:78:ba:f6:9f:c9:a7:49:af:5a:df:
c5:02:5f:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVNe+DOoVzfAQimPrD03yg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI2MDgxMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjExNmFmNjgzYzc0ZDM3NmVkMDJmOWQzNmVjNDIyOWVjOGI1OTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyLvxY4uhYUi33Udn3gcFN5kGgpF
/mp2U/mIsz42j2zwgJHDcFeeTeiBFGFSyvuhrLsPSldZMEqCRvRibzSbAM5auCgi
VnNBRl3Hm/H7/BDOW8eWG6oLHHZLkr/kWUzqMCShpGgCDS7OXgG7t67i01no5S9O
LlWauzFZOKegO/tXaMfJ9aGUVRZWmDdC1a/O9TO4oM732awzecJWk9YOAAT5xY+6
lZ2ACjrmtnUMXHmeMWK/lrGZGZI4yaoG2DI5dfQ12zHda/aT+AC8l4+d4K7NBTVj
fU0RITLSpmIG23YXLcEQqFARYUTqSKz7rsnXRjK+qNz2Khs9XGBEKnjPoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLYRavaDx003btAvnTbsQinsi1lPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdGhGcTlvUEhUVGR1MEMtZE51eENLZXlMV1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJcLB1JccOO9Icj9D1XH
5QCTayE9Ntn1IQIPxc35Y8XI6QU5datH0sZCfZoj2dhn152+y0DXAlKcIcD8kO3d
YRA7OjY9mQXI9hOjfZI0YZQuTlyvoMlxvcslMUP2aQFNXHfJk/VnXyd6vr3bNbec
uXcfP1XV4yAKVxxfuvDXUFQGx2UyUicoXiU0RTE5vVvJgIPIdwymlwGpS9/7to+m
rq0dFKmGzl3o9YXj2mtgCjjPuHN+CPHC95an0L22E2gSCkP6awsmrDPjYxcNyLMG
h2Fwb592QKvb+70DQDMQHxZzSikH+WuRR6lTRH7FpqdIT1+teLr2n8mnSa9a38UC
Xxk=
-----END CERTIFICATE-----
Generated at Wed Apr 30 19:58:32 2025 by rpki-client