Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vwbGkfPJ0tdmy7-oAzjn1ewX4NM.roa
File: vwbGkfPJ0tdmy7-oAzjn1ewX4NM.roa (raw, json)
Hash identifier: 2knvL0ogHxTL2XYap2q4qBAG7SBMTa/o1CvRiAZmymc=
Subject key identifier: BF:06:C6:91:F3:C9:D2:D7:66:CB:BF:A8:03:38:E7:D5:EC:17:E0:D3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01868B81A64E4BE0EB64939945F8B0285A8E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vwbGkfPJ0tdmy7-oAzjn1ewX4NM.roa
Signing time: Sun 26 Feb 2023 02:16:15 +0000
ROA not before: Sun 26 Feb 2023 02:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8b:81:a6:4e:4b:e0:eb:64:93:99:45:f8:b0:28:5a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 26 02:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf06c691f3c9d2d766cbbfa80338e7d5ec17e0d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:52:f8:5f:5e:c8:31:1f:51:94:5f:8a:31:3b:
9e:48:38:54:25:3c:12:f1:fa:5f:5f:cc:e4:a3:b3:
a0:c9:17:4b:f6:a8:a2:dd:4d:15:47:92:a2:88:d3:
05:76:ed:56:d8:21:7c:86:47:db:86:66:3c:42:28:
4f:cf:5a:5c:12:93:80:60:0c:6a:a4:4f:c8:ed:4e:
0e:b1:fc:2b:67:27:57:65:a4:3e:57:cb:81:d7:94:
5e:56:eb:72:af:2b:b4:c2:46:c2:0b:49:df:fe:d9:
59:a1:d1:e7:a7:71:bf:2d:33:cf:7b:6e:60:2a:a4:
56:cf:08:c2:a9:d8:4d:3c:c7:7f:a7:c0:ca:e7:9b:
56:3e:3c:e9:06:72:6c:5d:b1:1a:da:12:3c:6e:66:
85:86:81:b7:16:91:3f:7e:f6:e5:11:03:45:2e:c9:
33:b3:29:33:35:94:0b:37:fd:28:48:a2:aa:3c:e2:
ee:79:f1:0c:5d:20:80:98:80:3c:c0:1f:9c:15:67:
a5:ec:db:60:57:03:5c:28:55:ba:4f:d6:75:f7:42:
54:f2:08:43:21:40:91:bb:82:ed:93:a2:c0:a5:7a:
29:b6:be:d5:45:35:ae:1a:ad:e6:ac:a0:02:66:b8:
9e:74:f5:fa:d3:95:3f:40:4a:18:5f:7b:21:56:e9:
57:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:06:C6:91:F3:C9:D2:D7:66:CB:BF:A8:03:38:E7:D5:EC:17:E0:D3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/vwbGkfPJ0tdmy7-oAzjn1ewX4NM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:cf:8b:b8:94:7b:db:79:1a:b2:cd:8a:96:2c:f1:34:2a:f1:
6c:89:46:3b:5c:a2:e1:41:fa:b5:98:01:d4:7e:b6:97:22:61:
c1:6d:6e:93:85:f7:e0:c3:33:8a:b6:a0:e6:e9:d5:3c:b8:a5:
1f:44:57:00:eb:8f:98:27:bf:55:88:19:5d:fd:b6:15:14:b8:
28:1b:37:02:b7:d7:1c:52:93:20:9c:3b:9e:6d:8b:86:85:86:
22:a4:52:68:0f:7c:87:ec:a1:72:6c:b5:6c:8a:61:d3:0f:2d:
39:ba:8c:f9:ff:2d:25:40:58:69:16:74:47:2f:aa:e2:3d:97:
f9:8e:7f:2e:89:89:be:bb:8f:53:6d:1f:0f:4a:c3:50:34:9f:
c3:81:3a:db:bb:44:b2:12:bb:e5:24:c5:8b:13:ad:fe:8f:05:
52:7d:38:34:c8:ab:0e:06:2c:8c:ac:e4:c2:e6:56:50:0a:62:
d1:8e:4d:fd:88:b2:c7:9a:e9:52:68:68:28:e9:24:55:8a:f1:
69:08:a8:49:c4:7d:ce:01:ea:76:25:58:ea:5f:20:5e:dc:23:
a6:7f:8d:66:0d:cb:05:c5:58:35:b8:03:bf:7b:92:20:f9:ec:
65:4f:47:83:e3:40:2a:e0:1b:03:d9:91:c4:1d:26:9e:e1:e0:
bd:a9:33:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaLgaZOS+DrZJOZRfiwKFqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI2MDIxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjA2YzY5MWYzYzlkMmQ3NjZjYmJmYTgwMzM4ZTdkNWVjMTdlMGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFL4X17IMR9RlF+KMTueSDhUJTwS
8fpfX8zko7OgyRdL9qii3U0VR5KiiNMFdu1W2CF8hkfbhmY8QihPz1pcEpOAYAxq
pE/I7U4OsfwrZydXZaQ+V8uB15ReVutyryu0wkbCC0nf/tlZodHnp3G/LTPPe25g
KqRWzwjCqdhNPMd/p8DK55tWPjzpBnJsXbEa2hI8bmaFhoG3FpE/fvblEQNFLskz
sykzNZQLN/0oSKKqPOLuefEMXSCAmIA8wB+cFWel7NtgVwNcKFW6T9Z190JU8ghD
IUCRu4Ltk6LApXoptr7VRTWuGq3mrKACZriedPX605U/QEoYX3shVulX0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL8GxpHzydLXZsu/qAM459XsF+DTMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdndiR2tmUEowdGRteTctb0F6am4xZXdYNE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA/Pi7iUe9t5GrLNipYs
8TQq8WyJRjtcouFB+rWYAdR+tpciYcFtbpOF9+DDM4q2oObp1Ty4pR9EVwDrj5gn
v1WIGV39thUUuCgbNwK31xxSkyCcO55ti4aFhiKkUmgPfIfsoXJstWyKYdMPLTm6
jPn/LSVAWGkWdEcvquI9l/mOfy6Jib67j1NtHw9Kw1A0n8OBOtu7RLISu+UkxYsT
rf6PBVJ9ODTIqw4GLIys5MLmVlAKYtGOTf2Issea6VJoaCjpJFWK8WkIqEnEfc4B
6nYlWOpfIF7cI6Z/jWYNywXFWDW4A797kiD57GVPR4PjQCrgGwPZkcQdJp7h4L2p
M/8=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:39:37 2025 by rpki-client