Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/wdn5SOcB410kbHzsGLqli4HJkoc.roa
File: wdn5SOcB410kbHzsGLqli4HJkoc.roa (raw, json)
Hash identifier: CQvRXRldEE3fiVEO7oHSze7UrQbvc6o5E83N8+CCdAM=
Subject key identifier: C1:D9:F9:48:E7:01:E3:5D:24:6C:7C:EC:18:BA:A5:8B:81:C9:92:87
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185466636537DF151E245084EA98C1CA488
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/wdn5SOcB410kbHzsGLqli4HJkoc.roa
Signing time: Sat 24 Dec 2022 23:09:41 +0000
ROA not before: Sat 24 Dec 2022 23:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:46:66:36:53:7d:f1:51:e2:45:08:4e:a9:8c:1c:a4:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 24 23:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c1d9f948e701e35d246c7cec18baa58b81c99287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b6:05:68:6f:5a:ac:9f:44:e7:e1:ea:7f:d8:
3d:3c:99:e5:33:29:d7:98:44:e7:bb:7e:89:4a:f1:
2b:de:ce:2f:08:aa:70:44:ec:ad:b8:a5:05:41:22:
11:cd:fe:73:fb:9d:0a:5b:98:3f:de:04:be:f5:8f:
92:8e:d8:aa:ca:2c:e4:ae:94:2a:57:d8:d5:6c:22:
a7:93:8d:6a:af:3f:23:27:5e:16:bf:08:86:75:f3:
c2:7e:09:24:5c:b7:4c:93:52:0c:02:c3:22:3f:2d:
81:e4:f6:09:52:14:5b:70:f4:27:2a:26:a9:34:2c:
59:d6:c7:8b:97:44:1b:b7:0c:3b:59:2c:b1:b6:ad:
4c:4d:eb:d6:7f:0d:e8:fe:92:68:56:fb:0c:99:f4:
f2:6f:f7:2f:b3:1f:42:21:12:f6:29:9e:26:43:4b:
a2:3b:9f:f5:e1:8e:fe:f9:11:65:8c:82:16:77:cd:
9b:b2:3f:ae:89:6d:44:e8:3d:b2:a9:cc:13:2c:c2:
fc:ec:a5:3d:e1:e4:e9:b7:b9:e6:ca:2c:97:b3:92:
ee:05:ac:93:98:3a:2e:99:21:97:f8:8a:3f:a7:74:
58:40:28:64:82:e4:05:4e:35:a1:69:d2:20:5a:06:
30:ea:5f:b2:c6:77:57:a4:bd:fa:2f:26:95:6d:7d:
ee:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:D9:F9:48:E7:01:E3:5D:24:6C:7C:EC:18:BA:A5:8B:81:C9:92:87
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/wdn5SOcB410kbHzsGLqli4HJkoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:10:22:20:52:ce:7f:e4:ca:7f:1c:92:ae:c1:d7:b0:ed:79:
0c:29:b4:7d:58:28:35:e2:f9:41:c5:c0:0d:31:df:7a:17:9b:
ca:88:1b:92:ba:69:f5:a3:6d:12:79:13:62:c1:d0:d7:25:2f:
42:89:5a:19:88:b7:c0:db:95:64:07:a9:8c:97:2b:1d:bc:53:
56:c7:e6:71:64:38:a6:1c:50:12:5e:d6:e5:5b:b9:12:c3:31:
fb:8b:29:8b:06:62:70:c1:db:a5:cd:50:00:20:cf:c4:58:30:
33:26:3b:09:72:d7:a6:74:e1:0e:51:cb:a6:17:d7:ef:eb:18:
ed:ac:f3:f4:94:de:e0:49:7b:a6:04:03:b7:8f:22:35:6c:cd:
95:fd:58:42:f2:5c:8d:ab:48:71:80:4b:cb:6b:45:3b:f3:34:
d4:f9:81:99:0a:ca:b3:95:3c:32:9f:12:f3:9e:32:47:97:f1:
7c:0a:9e:22:96:bb:0d:50:2a:76:4f:b3:c0:cd:30:4a:12:ea:
6d:c5:b8:14:cf:23:d7:b8:73:a5:0b:d3:7e:9e:7f:ef:da:f0:
1a:2a:a5:20:fa:fa:0b:f5:b3:83:f4:95:e3:b9:b8:78:0b:45:
23:d7:c3:40:cd:5d:e3:ee:ca:6c:f5:38:3f:28:88:4e:81:a1:
34:b0:be:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVGZjZTffFR4kUITqmMHKSIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI0MjMwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWQ5Zjk0OGU3MDFlMzVkMjQ2YzdjZWMxOGJhYTU4YjgxYzk5Mjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7YFaG9arJ9E5+Hqf9g9PJnlMynX
mETnu36JSvEr3s4vCKpwROytuKUFQSIRzf5z+50KW5g/3gS+9Y+SjtiqyizkrpQq
V9jVbCKnk41qrz8jJ14WvwiGdfPCfgkkXLdMk1IMAsMiPy2B5PYJUhRbcPQnKiap
NCxZ1seLl0Qbtww7WSyxtq1MTevWfw3o/pJoVvsMmfTyb/cvsx9CIRL2KZ4mQ0ui
O5/14Y7++RFljIIWd82bsj+uiW1E6D2yqcwTLML87KU94eTpt7nmyiyXs5LuBayT
mDoumSGX+Io/p3RYQChkguQFTjWhadIgWgYw6l+yxndXpL36LyaVbX3ucwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMHZ+UjnAeNdJGx87Bi6pYuByZKHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvd2RuNVNPY0I0MTBrYkh6c0dMcWxpNEhKa29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAEQIiBSzn/kyn8ckq7B
17DteQwptH1YKDXi+UHFwA0x33oXm8qIG5K6afWjbRJ5E2LB0NclL0KJWhmIt8Db
lWQHqYyXKx28U1bH5nFkOKYcUBJe1uVbuRLDMfuLKYsGYnDB26XNUAAgz8RYMDMm
Owly16Z04Q5Ry6YX1+/rGO2s8/SU3uBJe6YEA7ePIjVszZX9WELyXI2rSHGAS8tr
RTvzNNT5gZkKyrOVPDKfEvOeMkeX8XwKniKWuw1QKnZPs8DNMEoS6m3FuBTPI9e4
c6UL036ef+/a8BoqpSD6+gv1s4P0leO5uHgLRSPXw0DNXePuymz1OD8oiE6BoTSw
vrQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:27:32 2025 by rpki-client