Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vfSJ1fyosJK-qcsdLIJDDCG9848.roa
File: vfSJ1fyosJK-qcsdLIJDDCG9848.roa (raw, json)
Hash identifier: 6P6erXm6i4b1436Z0tP7NKoFDpc+rrCcrA68Mo3urPE=
Subject key identifier: BD:F4:89:D5:FC:A8:B0:92:BE:A9:CB:1D:2C:82:43:0C:21:BD:F3:8F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184EE3775990152EF439C3B27D94D23E758
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vfSJ1fyosJK-qcsdLIJDDCG9848.roa
Signing time: Wed 07 Dec 2022 20:12:02 +0000
ROA not before: Wed 07 Dec 2022 20:12:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ee:37:75:99:01:52:ef:43:9c:3b:27:d9:4d:23:e7:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 7 20:12:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bdf489d5fca8b092bea9cb1d2c82430c21bdf38f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ee:27:6a:83:a4:cd:5d:bc:55:ce:00:e9:81:
3e:42:00:39:44:4e:ff:2b:dd:c7:1f:4a:b3:0b:48:
4d:8d:1b:57:89:c9:6d:23:f1:fc:1a:d0:9e:ca:a1:
4e:cb:30:f3:5c:3f:38:56:b6:f0:47:04:d9:2a:87:
9c:a4:19:f6:45:b2:81:0a:f8:9f:ac:23:ba:60:90:
d6:f9:a5:93:57:43:2b:f4:f1:09:7a:ae:74:5a:83:
0e:ad:66:dc:25:5f:73:74:ae:87:67:56:bb:60:cc:
48:53:c4:bb:aa:d3:14:1d:d4:cf:bf:93:32:28:3f:
76:11:5b:2c:e2:ed:bb:dd:66:29:ac:b1:6d:db:94:
4d:1e:af:a5:ef:be:21:72:3a:80:67:d1:ce:3f:71:
a5:56:cf:22:a7:3d:52:f9:c0:1e:5d:77:7e:13:c0:
1f:f9:a1:3b:4b:e9:5e:09:5b:a0:5d:ff:1d:e3:26:
f7:cc:04:6d:ee:97:61:19:8b:11:43:15:ec:08:f0:
04:b6:b1:ed:b7:fd:f0:79:5c:c2:1e:72:01:11:e3:
cc:d6:35:20:4e:f8:20:2c:47:d3:10:07:59:0b:10:
bf:0d:41:8b:6d:e2:9e:ca:68:a7:83:7e:9b:50:1d:
50:89:e1:95:a0:0c:2d:8b:e3:db:7a:bc:6a:46:2e:
2f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F4:89:D5:FC:A8:B0:92:BE:A9:CB:1D:2C:82:43:0C:21:BD:F3:8F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vfSJ1fyosJK-qcsdLIJDDCG9848.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:33:34:5f:5e:7f:6b:f5:64:cb:9f:75:3e:d8:39:cc:48:65:
8d:e0:4d:c5:1a:70:84:ab:b2:27:47:81:2c:01:4f:44:2d:51:
38:b4:00:c5:77:50:f2:28:43:37:de:15:8a:f2:4b:ee:6d:9a:
cb:4e:a0:33:5e:26:f1:5f:39:97:cc:8d:c8:df:26:07:1a:2e:
e1:ed:2e:6f:69:ce:60:ca:4e:2e:74:b8:60:4d:dc:16:85:9a:
8a:06:ce:f4:34:ed:12:48:8c:78:b1:9a:22:7d:45:8e:cc:14:
c1:87:34:ef:7d:77:02:f9:b5:f5:f2:b9:e2:a1:aa:ea:be:fd:
c9:95:ee:b1:7d:4c:ca:28:c4:b5:0e:32:da:5a:fa:76:fc:da:
ea:24:76:31:75:f4:8e:6c:9d:55:a2:ba:7c:df:5a:d8:74:ba:
16:ad:3d:a5:20:51:d9:b1:20:0a:2c:87:3f:64:32:f3:bd:9b:
22:8e:b1:12:71:4f:4d:73:d6:03:2d:e4:fe:8d:5d:7e:5b:8b:
ea:7b:59:5c:ad:43:88:84:b2:52:01:9a:8e:b9:ad:12:e6:46:
69:87:bc:14:e9:11:f2:02:7e:4f:cc:a5:ee:55:09:48:71:38:
91:f6:d5:ce:9e:b3:b4:bc:fd:60:0f:68:9a:34:34:d4:22:31:
f0:a8:b8:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTuN3WZAVLvQ5w7J9lNI+dYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA3MjAxMjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGY0ODlkNWZjYThiMDkyYmVhOWNiMWQyYzgyNDMwYzIxYmRmMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAke4naoOkzV28Vc4A6YE+QgA5RE7/
K93HH0qzC0hNjRtXicltI/H8GtCeyqFOyzDzXD84VrbwRwTZKoecpBn2RbKBCvif
rCO6YJDW+aWTV0Mr9PEJeq50WoMOrWbcJV9zdK6HZ1a7YMxIU8S7qtMUHdTPv5My
KD92EVss4u273WYprLFt25RNHq+l774hcjqAZ9HOP3GlVs8ipz1S+cAeXXd+E8Af
+aE7S+leCVugXf8d4yb3zARt7pdhGYsRQxXsCPAEtrHtt/3weVzCHnIBEePM1jUg
TvggLEfTEAdZCxC/DUGLbeKeyming36bUB1QieGVoAwti+PberxqRi4vyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL30idX8qLCSvqnLHSyCQwwhvfOPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdmZTSjFmeW9zSkstcWNzZExJSkREQ0c5ODQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGczNF9ef2v1ZMufdT7Y
OcxIZY3gTcUacISrsidHgSwBT0QtUTi0AMV3UPIoQzfeFYryS+5tmstOoDNeJvFf
OZfMjcjfJgcaLuHtLm9pzmDKTi50uGBN3BaFmooGzvQ07RJIjHixmiJ9RY7MFMGH
NO99dwL5tfXyueKhquq+/cmV7rF9TMooxLUOMtpa+nb82uokdjF19I5snVWiunzf
Wth0uhatPaUgUdmxIAoshz9kMvO9myKOsRJxT01z1gMt5P6NXX5bi+p7WVytQ4iE
slIBmo65rRLmRmmHvBTpEfICfk/Mpe5VCUhxOJH21c6es7S8/WAPaJo0NNQiMfCo
uJc=
-----END CERTIFICATE-----
Generated at Sun May 4 13:38:45 2025 by rpki-client