Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vXI6Cs6HLiY9lYs5uPD00fWFi-I.roa
File: vXI6Cs6HLiY9lYs5uPD00fWFi-I.roa (raw, json)
Hash identifier: TPJvdIXbFKFkYd87ZMQI5PRddV15AmzjM4ngTzrG3tw=
Subject key identifier: BD:72:3A:0A:CE:87:2E:26:3D:95:8B:39:B8:F0:F4:D1:F5:85:8B:E2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A38E4A6CBBFF031F92B20D29B7FD0BA4B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vXI6Cs6HLiY9lYs5uPD00fWFi-I.roa
Signing time: Sun 27 Aug 2023 21:27:03 +0000
ROA not before: Sun 27 Aug 2023 21:27:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:38:e4:a6:cb:bf:f0:31:f9:2b:20:d2:9b:7f:d0:ba:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 27 21:27:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd723a0ace872e263d958b39b8f0f4d1f5858be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:5a:80:3d:0a:36:a7:9f:e9:90:14:5c:c5:b1:
51:f1:07:a6:44:dc:08:c4:d6:62:32:8b:1b:fd:f8:
41:d5:50:4b:3f:08:45:d6:0d:7c:7d:aa:94:75:a7:
a2:f1:ab:a8:af:fd:32:6c:b3:f4:8c:f1:44:75:85:
c9:82:c2:e8:33:c6:e5:e8:de:ff:e7:a0:ac:5b:a3:
34:0c:b9:f4:2d:75:b4:1e:3b:d5:4a:3e:e5:51:b0:
01:6b:d2:4c:38:5a:73:3f:8e:07:8f:df:30:f1:42:
08:85:56:5b:e4:c0:94:aa:e5:89:6f:ab:fe:22:0b:
dd:15:4c:4d:63:9b:b4:7c:08:56:eb:92:45:51:d8:
76:92:38:64:78:da:14:b7:bc:15:a9:84:82:f7:9f:
41:01:57:fb:93:a4:fc:87:75:1f:98:06:8e:1c:d6:
e8:5f:5b:8c:c6:dc:4c:da:2e:dc:46:90:71:6c:a1:
1a:19:ad:11:35:dc:4c:78:a9:02:14:c6:84:84:d1:
bb:0f:ea:34:48:8e:6d:b2:8c:e3:01:c9:68:38:94:
bb:71:b6:8c:74:95:77:b4:32:33:76:28:33:d9:a3:
c0:58:a9:76:42:5f:20:05:9b:e6:16:24:06:a6:3a:
69:8f:bc:d3:7e:1c:44:3e:65:cf:48:49:df:88:62:
fd:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:72:3A:0A:CE:87:2E:26:3D:95:8B:39:B8:F0:F4:D1:F5:85:8B:E2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vXI6Cs6HLiY9lYs5uPD00fWFi-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
81:20:f7:d5:ba:13:71:d1:ca:95:c3:20:89:39:14:35:34:ac:
32:48:9b:b9:e6:ee:1c:f5:d1:ee:95:8d:2b:4b:f5:a6:a6:4b:
d0:39:06:cb:e4:03:f2:3f:ac:25:1f:32:ed:df:78:9d:d3:b6:
1b:d7:11:36:b4:55:cb:ee:76:90:f5:d4:5d:e8:da:46:ae:95:
17:2d:da:47:88:5f:e7:2b:09:36:d7:cb:48:44:8e:3c:4e:04:
d5:f7:4f:3d:26:24:75:92:e8:50:b3:8d:d6:85:5c:0a:f5:5a:
4f:02:ed:7d:e2:5e:3d:81:af:5a:7e:79:16:3b:6b:52:5f:8c:
ba:8f:31:48:28:5b:84:60:76:0d:36:89:78:6b:1a:c1:bb:27:
03:6e:94:52:9c:69:48:d2:e2:3d:d0:cd:d2:3f:65:f5:53:26:
02:0d:a2:69:62:73:af:5c:6f:1d:a0:92:05:a7:95:32:fa:1e:
66:c6:c7:d0:d4:98:25:df:70:43:e8:b3:24:69:e4:d2:e3:c0:
d1:88:f8:01:6a:14:4c:cc:d7:a7:e0:15:aa:2e:57:2c:8c:59:
2f:ec:db:24:27:ef:a7:ad:2b:5b:a9:72:dc:d0:7b:5a:5d:39:
81:53:73:7c:03:e4:10:67:bb:a6:1a:06:e3:e4:37:78:5f:09:
a1:69:ff:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo45KbLv/Ax+Ssg0pt/0LpLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI3MjEyNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDcyM2EwYWNlODcyZTI2M2Q5NThiMzliOGYwZjRkMWY1ODU4YmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA81qAPQo2p5/pkBRcxbFR8QemRNwI
xNZiMosb/fhB1VBLPwhF1g18faqUdaei8auor/0ybLP0jPFEdYXJgsLoM8bl6N7/
56CsW6M0DLn0LXW0HjvVSj7lUbABa9JMOFpzP44Hj98w8UIIhVZb5MCUquWJb6v+
IgvdFUxNY5u0fAhW65JFUdh2kjhkeNoUt7wVqYSC959BAVf7k6T8h3UfmAaOHNbo
X1uMxtxM2i7cRpBxbKEaGa0RNdxMeKkCFMaEhNG7D+o0SI5tsozjAcloOJS7cbaM
dJV3tDIzdigz2aPAWKl2Ql8gBZvmFiQGpjppj7zTfhxEPmXPSEnfiGL9swIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL1yOgrOhy4mPZWLObjw9NH1hYviMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdlhJNkNzNkhMaVk5bFlzNXVQRDAwZldGaS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIEg99W6E3HRypXDIIk5
FDU0rDJIm7nm7hz10e6VjStL9aamS9A5BsvkA/I/rCUfMu3feJ3TthvXETa0Vcvu
dpD11F3o2kaulRct2keIX+crCTbXy0hEjjxOBNX3Tz0mJHWS6FCzjdaFXAr1Wk8C
7X3iXj2Br1p+eRY7a1JfjLqPMUgoW4Rgdg02iXhrGsG7JwNulFKcaUjS4j3QzdI/
ZfVTJgINomlic69cbx2gkgWnlTL6HmbGx9DUmCXfcEPosyRp5NLjwNGI+AFqFEzM
16fgFaouVyyMWS/s2yQn76etK1upctzQe1pdOYFTc3wD5BBnu6YaBuPkN3hfCaFp
/xE=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:34:23 2025 by rpki-client