Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vdbEIB89qnPtwIPTzqncjsgGS3E.roa
File: vdbEIB89qnPtwIPTzqncjsgGS3E.roa (raw, json)
Hash identifier: gqoP6UOwUI/Rb2hdcTDwIuxnbJcd0WD8Amnw4KRVrBU=
Subject key identifier: BD:D6:C4:20:1F:3D:AA:73:ED:C0:83:D3:CE:A9:DC:8E:C8:06:4B:71
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185DFCDB282563616FD5BFE5F66E24378EB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vdbEIB89qnPtwIPTzqncjsgGS3E.roa
Signing time: Mon 23 Jan 2023 18:04:37 +0000
ROA not before: Mon 23 Jan 2023 18:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:185:dfcd:4896/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:df:cd:b2:82:56:36:16:fd:5b:fe:5f:66:e2:43:78:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 23 18:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdd6c4201f3daa73edc083d3cea9dc8ec8064b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0e:48:25:b8:0d:b9:f8:da:37:d5:d2:34:69:
bd:50:c6:60:94:37:71:75:4d:d7:ea:da:d7:ca:25:
50:d5:c7:b2:2a:cf:cd:73:73:cf:d1:f5:5d:19:75:
49:fe:45:18:e1:17:44:d0:b5:ec:3c:65:27:90:a3:
af:ef:a1:6b:c2:4f:b1:1e:20:4c:85:6e:69:c0:e9:
d0:cd:18:be:7d:5f:95:df:fd:75:02:90:d4:e6:9f:
19:8d:ab:fe:d1:82:1c:4e:23:e2:0c:cd:be:c8:62:
5e:39:3f:e0:1b:11:44:b4:69:dc:de:fe:89:cd:de:
ee:be:46:90:05:90:0b:19:f4:e6:f0:73:23:c8:c1:
48:93:90:ea:c3:c2:0e:d1:ad:09:55:d2:e3:c7:5c:
cb:75:99:62:71:ed:62:d3:09:e5:1d:e4:4d:89:a5:
0d:c2:b8:5b:fe:28:12:9d:d7:40:c8:79:70:69:dc:
db:2d:df:b6:97:bd:9d:a6:aa:18:ea:b1:5f:29:1c:
3d:a5:ba:76:e1:fd:2b:53:10:70:74:25:60:94:45:
9a:62:ad:f9:21:1f:39:10:cf:05:5f:3f:c6:aa:aa:
b7:f7:60:c0:24:73:33:6f:d6:eb:7e:9d:36:04:7f:
db:19:bf:46:15:cc:f3:28:e7:95:90:7e:ff:04:38:
8d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D6:C4:20:1F:3D:AA:73:ED:C0:83:D3:CE:A9:DC:8E:C8:06:4B:71
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vdbEIB89qnPtwIPTzqncjsgGS3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:2a:be:a3:bc:67:29:30:d3:26:93:75:56:f2:74:25:bd:3a:
15:df:81:67:9f:47:10:f8:c2:30:de:e5:46:1f:f9:67:33:44:
a7:c1:7a:88:4e:b4:35:c7:8b:d9:19:e6:b8:11:ab:97:0d:78:
8e:34:aa:8a:88:40:bf:8b:d6:11:f7:d5:11:3e:84:df:2e:44:
83:01:34:b7:4f:91:9a:98:85:18:dd:52:40:98:71:b9:aa:aa:
ea:e0:1e:1e:01:b5:73:3d:1b:7b:53:80:1b:f2:8c:4b:40:f9:
9e:78:b5:e3:95:69:8b:0b:45:6f:10:4e:85:90:b2:cf:34:b8:
e9:a8:31:e0:7f:62:99:a6:de:ee:fe:40:ea:f8:23:f7:e6:af:
e5:ed:79:da:75:09:84:34:52:87:fa:26:bd:e9:1a:6f:1b:6f:
36:08:1e:70:2a:f9:49:32:3e:c0:1d:24:00:5f:5b:b6:e6:cb:
56:08:47:43:9c:14:cb:2c:21:8d:26:0e:ba:03:0c:a3:12:3c:
d4:e6:fa:67:40:8c:c0:0f:9b:92:6b:6a:bb:f4:55:45:52:16:
41:63:ef:7c:40:ae:90:b3:26:66:81:87:ee:ee:01:14:1d:a0:
cf:1f:a3:d2:94:a1:7e:fe:e9:48:e3:39:3d:ab:61:2c:da:be:
b8:6d:d2:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXfzbKCVjYW/Vv+X2biQ3jrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIzMTgwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGQ2YzQyMDFmM2RhYTczZWRjMDgzZDNjZWE5ZGM4ZWM4MDY0YjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQ5IJbgNufjaN9XSNGm9UMZglDdx
dU3X6trXyiVQ1ceyKs/Nc3PP0fVdGXVJ/kUY4RdE0LXsPGUnkKOv76Frwk+xHiBM
hW5pwOnQzRi+fV+V3/11ApDU5p8Zjav+0YIcTiPiDM2+yGJeOT/gGxFEtGnc3v6J
zd7uvkaQBZALGfTm8HMjyMFIk5Dqw8IO0a0JVdLjx1zLdZlice1i0wnlHeRNiaUN
wrhb/igSnddAyHlwadzbLd+2l72dpqoY6rFfKRw9pbp24f0rUxBwdCVglEWaYq35
IR85EM8FXz/Gqqq392DAJHMzb9brfp02BH/bGb9GFczzKOeVkH7/BDiN5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL3WxCAfPapz7cCD086p3I7IBktxMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdmRiRUlCODlxblB0d0lQVHpxbmNqc2dHUzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHkqvqO8Zykw0yaTdVby
dCW9OhXfgWefRxD4wjDe5UYf+WczRKfBeohOtDXHi9kZ5rgRq5cNeI40qoqIQL+L
1hH31RE+hN8uRIMBNLdPkZqYhRjdUkCYcbmqqurgHh4BtXM9G3tTgBvyjEtA+Z54
teOVaYsLRW8QToWQss80uOmoMeB/Ypmm3u7+QOr4I/fmr+Xtedp1CYQ0Uof6Jr3p
Gm8bbzYIHnAq+UkyPsAdJABfW7bmy1YIR0OcFMssIY0mDroDDKMSPNTm+mdAjMAP
m5Jrarv0VUVSFkFj73xArpCzJmaBh+7uARQdoM8fo9KUoX7+6UjjOT2rYSzavrht
0mc=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:23:35 2025 by rpki-client