Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/v_lSl7bJgr0as6eawpNAo5RpVy8.roa
File: v_lSl7bJgr0as6eawpNAo5RpVy8.roa (raw, json)
Hash identifier: JkfPnVM1Q7WWeIdqPHhVJAOUdk42fgSB42Bnvh7uCb8=
Subject key identifier: BF:F9:52:97:B6:C9:82:BD:1A:B3:A7:9A:C2:93:40:A3:94:69:57:2F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01866F9BA825E7A6C9013DFEDF60972265CD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/v_lSl7bJgr0as6eawpNAo5RpVy8.roa
Signing time: Mon 20 Feb 2023 16:15:17 +0000
ROA not before: Mon 20 Feb 2023 16:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6f:9b:a8:25:e7:a6:c9:01:3d:fe:df:60:97:22:65:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 20 16:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bff95297b6c982bd1ab3a79ac29340a39469572f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:43:53:5b:0b:60:c7:18:e5:cf:b1:26:a7:72:
33:9e:f1:f7:3e:17:30:59:03:76:31:55:05:29:1f:
14:c3:ec:ae:ae:88:6a:a8:00:67:34:f9:ba:ee:3a:
9e:2d:97:78:00:77:8e:ec:cd:96:d8:98:03:68:78:
11:b3:e2:93:80:92:a3:ac:c0:e3:bd:67:26:8c:77:
c7:b0:ae:81:fb:e4:9a:18:0c:0d:e3:5e:47:db:9b:
9c:5c:bf:fa:a8:fb:f8:d2:d6:dc:f6:e8:2e:69:3b:
b3:4b:7d:0a:9e:e9:11:fc:fa:3f:dd:b1:54:ab:69:
30:3f:e7:73:56:cf:9c:20:be:70:6d:9c:2f:b4:91:
96:89:11:2b:ce:a0:e1:44:bc:ac:52:6c:a4:a9:7b:
ac:34:29:c2:84:68:41:cb:66:06:43:96:c4:97:68:
40:58:23:59:3e:e6:d6:fb:1b:15:16:a8:f2:7a:0c:
dc:f3:6f:98:9c:85:f4:b5:1f:d6:a1:83:9f:f2:76:
13:3f:8d:d8:d2:17:0a:a3:06:f3:b5:96:42:cf:8e:
48:37:08:e3:82:cd:e0:f2:da:bf:17:07:99:40:f6:
4f:8f:f4:35:b0:ef:f5:2c:c1:03:f2:c9:68:23:99:
a2:28:09:25:7f:45:71:59:2c:2a:0b:41:98:25:43:
67:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F9:52:97:B6:C9:82:BD:1A:B3:A7:9A:C2:93:40:A3:94:69:57:2F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/v_lSl7bJgr0as6eawpNAo5RpVy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:9e:9b:9e:2d:5f:b5:04:2d:00:66:0f:e4:eb:38:4f:4f:1f:
a8:30:97:90:89:da:b4:ac:8d:13:92:9e:e9:5e:ba:a1:2b:81:
2a:dd:56:40:c6:3a:72:3a:9b:63:7e:16:70:f9:a6:bd:ac:3d:
6a:b0:2f:9d:a3:45:33:3b:48:df:b0:dd:dc:b2:54:f0:4e:72:
11:0b:9b:d8:e7:a6:9b:d0:f7:d3:4f:d9:38:a8:d5:65:2c:bd:
d8:2d:3f:41:d8:f0:17:7e:1a:d5:4f:04:b9:61:cc:ec:55:a0:
cd:67:89:29:f3:65:09:86:a4:81:a5:49:7d:d6:4d:f5:1e:dc:
ee:77:6f:8f:8d:f1:30:39:f8:bb:bc:67:7c:7e:bd:7c:1f:94:
70:60:68:32:4d:46:9a:26:3a:16:e6:7f:34:87:50:f9:22:0c:
8e:57:10:c4:0d:f1:75:dd:6d:bd:38:84:ae:14:73:b8:35:86:
c7:96:57:d2:c9:0c:7f:73:04:6d:c4:34:22:11:47:ef:fd:54:
09:a1:46:5a:aa:59:56:bc:da:9c:cc:e9:6b:5a:68:57:b6:52:
42:c9:f1:cd:b5:7d:34:c1:e9:ed:2e:dd:92:bc:69:dc:62:b2:
48:ba:81:b1:50:6b:a5:1f:74:56:38:b3:7b:e5:10:f0:4a:a6:
a2:02:87:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZvm6gl56bJAT3+32CXImXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIwMTYxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmY5NTI5N2I2Yzk4MmJkMWFiM2E3OWFjMjkzNDBhMzk0Njk1NzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUNTWwtgxxjlz7Emp3IznvH3Phcw
WQN2MVUFKR8Uw+yurohqqABnNPm67jqeLZd4AHeO7M2W2JgDaHgRs+KTgJKjrMDj
vWcmjHfHsK6B++SaGAwN415H25ucXL/6qPv40tbc9uguaTuzS30KnukR/Po/3bFU
q2kwP+dzVs+cIL5wbZwvtJGWiRErzqDhRLysUmykqXusNCnChGhBy2YGQ5bEl2hA
WCNZPubW+xsVFqjyegzc82+YnIX0tR/WoYOf8nYTP43Y0hcKowbztZZCz45INwjj
gs3g8tq/FweZQPZPj/Q1sO/1LMED8sloI5miKAklf0VxWSwqC0GYJUNn4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL/5Upe2yYK9GrOnmsKTQKOUaVcvMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdl9sU2w3YkpncjBhczZlYXdwTkFvNVJwVnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAqem54tX7UELQBmD+Tr
OE9PH6gwl5CJ2rSsjROSnuleuqErgSrdVkDGOnI6m2N+FnD5pr2sPWqwL52jRTM7
SN+w3dyyVPBOchELm9jnppvQ99NP2Tio1WUsvdgtP0HY8Bd+GtVPBLlhzOxVoM1n
iSnzZQmGpIGlSX3WTfUe3O53b4+N8TA5+Lu8Z3x+vXwflHBgaDJNRpomOhbmfzSH
UPkiDI5XEMQN8XXdbb04hK4Uc7g1hseWV9LJDH9zBG3ENCIRR+/9VAmhRlqqWVa8
2pzM6WtaaFe2UkLJ8c21fTTB6e0u3ZK8adxiski6gbFQa6UfdFY4s3vlEPBKpqIC
h8A=
-----END CERTIFICATE-----
Generated at Thu May 1 00:34:06 2025 by rpki-client