Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/wBBBDBsPX-xn_cEQ4inp3VTT25A.roa
File: wBBBDBsPX-xn_cEQ4inp3VTT25A.roa (raw, json)
Hash identifier: 4xtZCT9ePeG+8PIYetve96hCYmjp5Ebgwfb/tqqjmCc=
Subject key identifier: C0:10:41:0C:1B:0F:5F:EC:67:FD:C1:10:E2:29:E9:DD:54:D3:DB:90
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856A3BCCE4D7705BF8FCB72B02D18FF89C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/wBBBDBsPX-xn_cEQ4inp3VTT25A.roa
Signing time: Sat 31 Dec 2022 22:09:41 +0000
ROA not before: Sat 31 Dec 2022 22:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:3b:cc:e4:d7:70:5b:f8:fc:b7:2b:02:d1:8f:f8:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 31 22:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c010410c1b0f5fec67fdc110e229e9dd54d3db90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e6:66:9a:a4:67:e5:e4:02:e3:c4:5a:ea:b9:
55:c5:20:c1:64:a4:49:b4:42:14:d5:16:95:27:41:
83:ba:39:b8:66:28:f0:7e:c3:71:13:3e:2e:cd:1a:
c0:26:7d:bf:b2:04:90:c0:80:d5:24:ee:40:a3:cd:
59:9f:0b:81:79:4b:1c:26:55:26:29:f9:c4:8d:84:
6a:0e:89:c7:35:25:85:ba:98:cf:32:ae:ca:59:2b:
e3:89:73:31:f8:04:28:15:10:b3:e2:c2:36:1a:f4:
ce:df:12:38:20:a1:c2:f4:07:28:16:8d:4d:da:21:
a6:0d:fc:f0:11:e6:b9:26:db:6f:a7:4e:45:49:7c:
47:1f:39:f9:af:9e:c7:05:23:c0:0d:c1:ed:5a:39:
72:64:64:59:6f:25:e3:c6:f5:21:06:03:37:26:34:
8a:8c:80:18:eb:fd:95:c9:a6:02:fa:a5:d4:d1:3d:
af:24:df:0a:32:6b:c9:f1:7d:fd:e2:91:85:06:7b:
99:d0:00:f4:16:f0:6a:d8:22:00:56:9a:b3:d9:d2:
d1:f9:0c:8b:d3:5b:4a:35:d3:0f:a0:c0:29:4d:1d:
d8:8d:f8:b7:76:98:e9:c6:fa:91:6e:cc:db:76:f2:
65:b4:c4:ed:d9:6b:31:9d:11:69:ae:45:85:c0:66:
b2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:10:41:0C:1B:0F:5F:EC:67:FD:C1:10:E2:29:E9:DD:54:D3:DB:90
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/wBBBDBsPX-xn_cEQ4inp3VTT25A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:1c:7a:f4:87:c5:04:02:42:15:3f:65:79:bf:19:36:1b:36:
14:ff:50:6a:9d:84:23:25:aa:bc:0c:34:5c:2f:3b:26:d1:37:
2b:41:8c:67:31:9f:f8:30:cd:a9:16:f7:bc:df:f2:c0:f2:ef:
74:ea:32:16:68:65:66:6a:99:e3:e6:d6:81:fc:e4:70:92:22:
fe:85:b1:23:14:31:9c:8e:0e:dd:08:8a:17:61:57:e0:76:67:
1d:23:43:aa:3a:17:fd:e2:a2:a8:bf:96:6f:22:25:bf:d6:e3:
20:50:cb:3c:8c:1a:a6:1c:88:f3:76:75:44:31:ae:94:94:a3:
80:ce:ca:3b:04:32:48:1e:f4:97:97:9c:6d:d6:63:a2:77:9d:
ce:c6:ba:b0:d3:2c:e9:39:1d:26:38:9a:6f:b6:c1:62:81:7b:
ad:4d:1f:2e:e5:20:7b:ec:7f:42:6f:79:ee:ae:55:26:26:c9:
b8:9c:fd:0b:83:ed:8a:ab:9a:c8:4c:af:1d:49:4c:97:7a:0f:
39:5d:23:f3:20:4e:65:17:cf:e7:21:03:62:0a:32:2a:07:d5:
5d:50:9c:17:b2:91:54:44:3a:b4:78:f9:06:5c:6e:d6:de:0a:
b1:e7:97:90:1c:e8:d2:29:5a:c7:51:bf:88:5d:8d:22:18:bb:
bd:a6:64:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVqO8zk13Bb+Py3KwLRj/icMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMxMjIwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDEwNDEwYzFiMGY1ZmVjNjdmZGMxMTBlMjI5ZTlkZDU0ZDNkYjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+ZmmqRn5eQC48Ra6rlVxSDBZKRJ
tEIU1RaVJ0GDujm4ZijwfsNxEz4uzRrAJn2/sgSQwIDVJO5Ao81ZnwuBeUscJlUm
KfnEjYRqDonHNSWFupjPMq7KWSvjiXMx+AQoFRCz4sI2GvTO3xI4IKHC9AcoFo1N
2iGmDfzwEea5Jttvp05FSXxHHzn5r57HBSPADcHtWjlyZGRZbyXjxvUhBgM3JjSK
jIAY6/2VyaYC+qXU0T2vJN8KMmvJ8X394pGFBnuZ0AD0FvBq2CIAVpqz2dLR+QyL
01tKNdMPoMApTR3Yjfi3dpjpxvqRbszbdvJltMTt2WsxnRFprkWFwGay0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMAQQQwbD1/sZ/3BEOIp6d1U09uQMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvd0JCQkRCc1BYLXhuX2NFUTRpbnAzVlRUMjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI4cevSHxQQCQhU/ZXm/
GTYbNhT/UGqdhCMlqrwMNFwvOybRNytBjGcxn/gwzakW97zf8sDy73TqMhZoZWZq
mePm1oH85HCSIv6FsSMUMZyODt0IihdhV+B2Zx0jQ6o6F/3ioqi/lm8iJb/W4yBQ
yzyMGqYciPN2dUQxrpSUo4DOyjsEMkge9JeXnG3WY6J3nc7GurDTLOk5HSY4mm+2
wWKBe61NHy7lIHvsf0Jvee6uVSYmybic/QuD7YqrmshMrx1JTJd6DzldI/MgTmUX
z+chA2IKMioH1V1QnBeykVREOrR4+QZcbtbeCrHnl5Ac6NIpWsdRv4hdjSIYu72m
ZEQ=
-----END CERTIFICATE-----
Generated at Thu May 1 12:30:02 2025 by rpki-client