Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vLjT1twzSctjB-V9d8lXaMMuzp0.roa
File: vLjT1twzSctjB-V9d8lXaMMuzp0.roa (raw, json)
Hash identifier: wuXWnB1K/rhPdSjZetgJYl46QNXqrttfoF0pZyTu9WI=
Subject key identifier: BC:B8:D3:D6:DC:33:49:CB:63:07:E5:7D:77:C9:57:68:C3:2E:CE:9D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2289A38275220C5C20678A122ACB3C34
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vLjT1twzSctjB-V9d8lXaMMuzp0.roa
Signing time: Wed 23 Aug 2023 13:16:00 +0000
ROA not before: Wed 23 Aug 2023 13:16:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:22:89:a3:82:75:22:0c:5c:20:67:8a:12:2a:cb:3c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 23 13:16:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcb8d3d6dc3349cb6307e57d77c95768c32ece9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e6:d1:05:e2:47:7c:36:ed:01:03:ba:71:00:
4b:e8:e9:04:6c:2f:53:5b:5c:6f:2b:3a:2d:79:2e:
b5:ca:50:8e:8c:ff:5d:54:e9:db:b3:de:ec:48:d7:
7f:8b:8b:64:98:6d:01:7b:c9:94:1b:3f:b2:40:51:
9c:91:25:96:de:9a:66:5c:90:3c:c3:3b:70:84:fa:
1f:d6:ff:12:7f:8c:54:fa:d0:67:7c:13:a9:0b:b4:
9a:11:eb:6a:92:6c:52:07:a7:cb:76:81:9a:ce:47:
74:55:fb:ac:8f:58:ab:a0:99:fe:23:e3:80:b9:36:
d7:9a:0e:bb:87:35:f7:db:4b:a3:dc:e9:c3:63:12:
9a:ba:7d:22:3c:f4:d4:3d:37:cd:ae:cc:f7:a0:0b:
a3:45:46:44:d9:a7:82:fa:59:f3:ae:f0:39:43:48:
a4:f1:8b:99:f0:96:5b:b6:35:c5:c6:19:54:f2:c6:
e9:08:7d:2f:5f:c5:52:fe:e0:1e:9f:e2:26:04:50:
76:20:f6:cc:3b:9e:e6:5d:b2:30:fc:01:63:b6:a7:
a0:55:c1:27:78:07:05:62:9a:b7:ea:a2:af:db:6b:
c4:f4:ca:2a:f0:49:a4:34:e6:02:2b:01:f0:ac:57:
d8:ac:37:40:90:21:69:de:6e:4b:cf:1f:86:2f:06:
ff:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:B8:D3:D6:DC:33:49:CB:63:07:E5:7D:77:C9:57:68:C3:2E:CE:9D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vLjT1twzSctjB-V9d8lXaMMuzp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:b5:68:8a:0a:ec:c4:7b:97:85:db:fa:a4:6c:a2:eb:f2:5b:
78:4c:04:9e:66:30:41:94:bc:0c:54:3d:fb:20:1d:2a:f9:b3:
1c:6e:03:80:a9:74:97:ae:51:9c:15:9f:7a:68:67:0c:d2:e2:
66:88:a9:b5:f7:5c:d0:a1:13:e0:8c:dc:02:aa:3e:8a:cb:c5:
c0:9c:aa:8a:70:e2:5c:1c:7a:88:fa:c9:86:b5:ff:4c:2d:11:
8d:87:1c:83:ff:19:97:17:8c:fa:2b:81:35:a2:cc:f9:1b:b3:
19:a5:0a:5b:3b:63:75:3f:ff:d3:e7:18:04:6a:4b:f1:8c:49:
11:da:34:42:9b:84:c3:35:51:0e:e6:7a:44:aa:c0:82:09:af:
85:53:28:f9:a3:45:b4:11:a7:56:5d:a4:c3:f8:e3:df:9f:6c:
11:4e:14:ad:27:96:01:25:3a:21:3f:58:41:89:61:d5:aa:cd:
af:c4:1c:c6:98:fb:c9:77:a8:66:b3:c3:2b:81:38:67:47:d3:
20:4a:b1:0a:45:b5:63:95:01:aa:68:b4:78:31:a1:b3:64:4f:
86:45:c5:48:89:ef:64:22:dd:40:4a:77:7c:ca:29:35:89:19:
64:3a:24:60:44:67:93:2a:7f:c1:be:39:06:8c:70:58:0e:a7:
f9:8d:d6:06
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoiiaOCdSIMXCBnihIqyzw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIzMTMxNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2I4ZDNkNmRjMzM0OWNiNjMwN2U1N2Q3N2M5NTc2OGMzMmVjZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ubRBeJHfDbtAQO6cQBL6OkEbC9T
W1xvKzoteS61ylCOjP9dVOnbs97sSNd/i4tkmG0Be8mUGz+yQFGckSWW3ppmXJA8
wztwhPof1v8Sf4xU+tBnfBOpC7SaEetqkmxSB6fLdoGazkd0Vfusj1iroJn+I+OA
uTbXmg67hzX320uj3OnDYxKaun0iPPTUPTfNrsz3oAujRUZE2aeC+lnzrvA5Q0ik
8YuZ8JZbtjXFxhlU8sbpCH0vX8VS/uAen+ImBFB2IPbMO57mXbIw/AFjtqegVcEn
eAcFYpq36qKv22vE9Moq8EmkNOYCKwHwrFfYrDdAkCFp3m5Lzx+GLwb/zwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLy409bcM0nLYwflfXfJV2jDLs6dMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdkxqVDF0d3pTY3RqQi1WOWQ4bFhhTU11enAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACi1aIoK7MR7l4Xb+qRs
ouvyW3hMBJ5mMEGUvAxUPfsgHSr5sxxuA4CpdJeuUZwVn3poZwzS4maIqbX3XNCh
E+CM3AKqPorLxcCcqopw4lwceoj6yYa1/0wtEY2HHIP/GZcXjPorgTWizPkbsxml
Cls7Y3U//9PnGARqS/GMSRHaNEKbhMM1UQ7mekSqwIIJr4VTKPmjRbQRp1ZdpMP4
49+fbBFOFK0nlgElOiE/WEGJYdWqza/EHMaY+8l3qGazwyuBOGdH0yBKsQpFtWOV
AapotHgxobNkT4ZFxUiJ72Qi3UBKd3zKKTWJGWQ6JGBEZ5Mqf8G+OQaMcFgOp/mN
1gY=
-----END CERTIFICATE-----
Generated at Thu May 1 17:06:44 2025 by rpki-client