Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vFyaX62vf7PxHxzMXHCHxgXs0sI.roa
File: vFyaX62vf7PxHxzMXHCHxgXs0sI.roa (raw, json)
Hash identifier: CyFvlkG/QTtR+TmIDEtellUmC1f9rK+ulBEIX2gEBGs=
Subject key identifier: BC:5C:9A:5F:AD:AF:7F:B3:F1:1F:1C:CC:5C:70:87:C6:05:EC:D2:C2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2926BF3EEFFB02639AC22E086A1E434B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vFyaX62vf7PxHxzMXHCHxgXs0sI.roa
Signing time: Thu 24 Aug 2023 20:05:19 +0000
ROA not before: Thu 24 Aug 2023 20:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:2925:da4e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:29:26:bf:3e:ef:fb:02:63:9a:c2:2e:08:6a:1e:43:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 24 20:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc5c9a5fadaf7fb3f11f1ccc5c7087c605ecd2c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bb:d5:2e:74:0e:38:8e:22:ab:e8:d5:66:a1:
6a:71:ab:85:71:5b:01:9a:b6:1f:68:49:51:24:6e:
e7:ec:48:10:e6:b2:54:35:f5:23:c5:d0:3f:64:fc:
77:b8:39:ef:0f:bb:50:9c:e6:7d:7f:1d:f9:dd:db:
25:a7:39:f6:1f:dc:9a:d2:00:43:df:b5:d6:c0:bf:
71:83:7c:9d:2a:97:61:ef:2a:9d:33:f5:cd:2a:0b:
fd:28:c8:dd:ea:23:ea:fe:0c:8a:0d:eb:4f:6b:98:
f6:9d:c7:4a:98:f6:f7:94:92:dc:f6:cd:91:03:80:
6e:b1:89:27:a8:05:73:f9:27:83:fe:6b:2b:6c:11:
da:eb:51:a1:0b:1e:d3:1d:6a:83:95:89:39:0e:61:
04:b8:22:fd:a9:bb:29:1a:d8:e2:d5:45:4b:42:a2:
a5:dd:5c:eb:b6:a6:fd:fb:6d:42:6b:1e:9d:af:69:
b2:4d:63:d8:c6:50:33:ee:30:2b:ba:13:23:53:2e:
33:c6:92:07:05:fa:70:cf:12:77:0a:d5:84:f1:89:
7d:1d:34:15:5f:8c:0c:08:4b:67:ee:31:e8:be:c2:
94:3c:da:e9:36:76:3f:80:f6:1b:d1:a1:11:03:fa:
1e:fa:8d:9f:6d:f7:a5:c0:a9:e8:26:c4:3b:7e:a3:
15:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:5C:9A:5F:AD:AF:7F:B3:F1:1F:1C:CC:5C:70:87:C6:05:EC:D2:C2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vFyaX62vf7PxHxzMXHCHxgXs0sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:24:61:cb:3a:ba:6f:4b:03:b2:58:b9:d0:0e:1f:a5:e1:e6:
36:48:dc:1d:ac:ed:12:f2:28:cc:3f:ab:2f:e4:2e:07:a6:04:
98:4e:32:67:81:cb:3d:45:c5:12:4e:87:44:ea:14:d6:29:50:
32:d1:fc:8c:dc:5d:f0:85:ee:ee:52:cf:df:7e:6a:c3:4c:32:
35:19:d5:cc:d9:2c:a7:47:25:02:8f:af:7f:d3:64:d6:cb:af:
54:46:7b:f1:32:5c:98:5e:1c:b6:2b:d9:2f:d2:ff:51:a7:49:
e3:b5:d9:69:4e:e4:86:c7:76:4c:48:4d:81:81:cf:94:7b:e4:
61:49:83:86:e4:3c:0e:43:f5:d9:c3:9e:f0:7c:83:31:2f:ef:
04:ef:02:8a:95:0c:9b:95:04:ed:d5:ab:bc:48:cb:96:4a:52:
a7:18:9c:c1:92:1c:6a:fc:14:c2:d3:9d:56:59:8c:3a:bd:ff:
57:20:da:5b:38:5b:f8:1e:2c:8d:3f:a7:5c:77:53:3b:84:d5:
42:3a:d0:25:35:90:2a:2c:b7:65:0c:ec:8d:ff:20:24:00:3c:
d7:0a:18:68:d8:d5:64:56:4c:f6:9e:ae:fd:95:85:4a:98:d4:
2e:03:fb:35:e6:5b:f7:c8:8e:08:36:67:a4:2e:09:6d:d3:3a:
a7:8b:07:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYopJr8+7/sCY5rCLghqHkNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI0MjAwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzVjOWE1ZmFkYWY3ZmIzZjExZjFjY2M1YzcwODdjNjA1ZWNkMmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrvVLnQOOI4iq+jVZqFqcauFcVsB
mrYfaElRJG7n7EgQ5rJUNfUjxdA/ZPx3uDnvD7tQnOZ9fx353dslpzn2H9ya0gBD
37XWwL9xg3ydKpdh7yqdM/XNKgv9KMjd6iPq/gyKDetPa5j2ncdKmPb3lJLc9s2R
A4BusYknqAVz+SeD/msrbBHa61GhCx7THWqDlYk5DmEEuCL9qbspGtji1UVLQqKl
3Vzrtqb9+21Cax6dr2myTWPYxlAz7jAruhMjUy4zxpIHBfpwzxJ3CtWE8Yl9HTQV
X4wMCEtn7jHovsKUPNrpNnY/gPYb0aERA/oe+o2fbfelwKnoJsQ7fqMVZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLxcml+tr3+z8R8czFxwh8YF7NLCMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdkZ5YVg2MnZmN1B4SHh6TVhIQ0h4Z1hzMHNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHIkYcs6um9LA7JYudAO
H6Xh5jZI3B2s7RLyKMw/qy/kLgemBJhOMmeByz1FxRJOh0TqFNYpUDLR/IzcXfCF
7u5Sz99+asNMMjUZ1czZLKdHJQKPr3/TZNbLr1RGe/EyXJheHLYr2S/S/1GnSeO1
2WlO5IbHdkxITYGBz5R75GFJg4bkPA5D9dnDnvB8gzEv7wTvAoqVDJuVBO3Vq7xI
y5ZKUqcYnMGSHGr8FMLTnVZZjDq9/1cg2ls4W/geLI0/p1x3UzuE1UI60CU1kCos
t2UM7I3/ICQAPNcKGGjY1WRWTPaerv2VhUqY1C4D+zXmW/fIjgg2Z6QuCW3TOqeL
B9o=
-----END CERTIFICATE-----
Generated at Thu May 1 11:13:48 2025 by rpki-client