Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/wdpm9fAhRomL2JI1kk00Op0BSK4.roa
File: wdpm9fAhRomL2JI1kk00Op0BSK4.roa (raw, json)
Hash identifier: ifvLU1pF2oWkqVxlYFnfyMT/GLmcUPd057Xfbs5B2CY=
Subject key identifier: C1:DA:66:F5:F0:21:46:89:8B:D8:92:35:92:4D:34:3A:9D:01:48:AE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3C7697A86095C114D7F85F69C949EC95
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/wdpm9fAhRomL2JI1kk00Op0BSK4.roa
Signing time: Mon 28 Aug 2023 14:05:19 +0000
ROA not before: Mon 28 Aug 2023 14:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:3c75:d2f2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:76:97:a8:60:95:c1:14:d7:f8:5f:69:c9:49:ec:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 14:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1da66f5f02146898bd89235924d343a9d0148ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d1:ec:0f:73:85:9c:9f:cb:31:c6:ba:c0:55:
b3:73:f0:41:12:cc:8f:4d:58:4a:79:6a:84:06:b3:
59:03:ab:09:be:85:a0:5b:e6:0f:b0:b8:81:88:ab:
b5:27:6a:1a:7e:24:a6:26:92:b1:3b:b0:ee:2d:80:
8c:08:5f:1a:ef:91:98:ae:fc:39:ee:5b:8d:ab:e6:
7f:b3:80:46:22:9e:c5:de:ab:ed:37:86:39:cf:c5:
68:da:8c:75:7f:ae:7a:d4:e3:13:b5:37:04:b9:40:
85:9d:30:3b:93:b7:61:2f:4b:1d:dc:a1:f9:ca:33:
a9:c2:d3:4e:68:f3:b0:f1:52:da:48:e5:58:7b:de:
11:f8:fe:37:8c:ab:62:3f:51:ef:bc:8f:5a:d6:e1:
c7:b2:c5:9e:5f:50:63:00:0f:4e:59:09:9c:90:50:
b8:52:7a:37:cb:ec:d8:d4:78:06:05:94:e8:f7:48:
06:48:94:cf:37:d2:5b:32:51:61:6c:7f:a4:26:40:
17:63:10:bd:b0:0d:96:7d:0c:56:26:03:46:61:f0:
68:89:ad:63:c4:12:d9:56:43:89:19:4d:e8:4b:da:
2f:4a:b1:6a:39:32:be:2c:1d:f8:2d:85:8f:24:ed:
95:3e:b3:26:42:2c:2d:0e:f2:31:a0:bb:c4:ec:d9:
7f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:DA:66:F5:F0:21:46:89:8B:D8:92:35:92:4D:34:3A:9D:01:48:AE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/wdpm9fAhRomL2JI1kk00Op0BSK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:3c:72:43:d9:a3:eb:1d:70:fc:da:4e:37:7a:8f:81:2d:20:
8f:dd:c6:c8:ed:48:6f:4a:5d:64:1d:50:c7:9d:7e:6d:8b:2a:
01:9a:a3:23:1d:56:fc:68:02:54:16:30:46:93:d7:b5:26:12:
fa:c2:41:21:5e:29:78:51:a2:67:34:48:81:07:8e:93:88:bc:
de:c9:89:42:81:c2:f8:24:28:95:39:c8:f9:7a:91:02:10:7c:
30:1a:8c:75:69:a4:dc:b5:f4:97:6d:98:aa:15:b6:53:91:dd:
c6:8f:b0:b3:28:34:88:f7:07:cb:aa:d4:22:da:d3:23:48:3f:
34:51:42:e5:a9:85:27:93:27:48:f9:ce:e0:55:c0:56:21:78:
56:07:a8:1c:bc:0c:c7:25:3d:fc:82:60:51:7f:0e:98:6f:29:
24:52:66:30:5f:04:ff:d1:04:51:ee:d4:06:6b:f4:c5:26:8f:
db:e0:81:5b:ee:97:6c:a1:a3:3c:6e:71:23:24:92:f5:9f:50:
18:07:f8:8c:52:99:24:9f:96:e6:83:99:2a:d4:86:85:87:51:
49:9f:85:c6:44:0f:88:29:6c:60:d5:f7:fc:f8:a5:e8:25:d6:
ed:6d:5a:ab:23:c5:72:02:48:89:aa:75:f4:56:9b:2c:3c:77:
c1:6a:72:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo8dpeoYJXBFNf4X2nJSeyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI4MTQwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWRhNjZmNWYwMjE0Njg5OGJkODkyMzU5MjRkMzQzYTlkMDE0OGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNHsD3OFnJ/LMca6wFWzc/BBEsyP
TVhKeWqEBrNZA6sJvoWgW+YPsLiBiKu1J2oafiSmJpKxO7DuLYCMCF8a75GYrvw5
7luNq+Z/s4BGIp7F3qvtN4Y5z8Vo2ox1f6561OMTtTcEuUCFnTA7k7dhL0sd3KH5
yjOpwtNOaPOw8VLaSOVYe94R+P43jKtiP1HvvI9a1uHHssWeX1BjAA9OWQmckFC4
Uno3y+zY1HgGBZTo90gGSJTPN9JbMlFhbH+kJkAXYxC9sA2WfQxWJgNGYfBoia1j
xBLZVkOJGU3oS9ovSrFqOTK+LB34LYWPJO2VPrMmQiwtDvIxoLvE7Nl/YQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMHaZvXwIUaJi9iSNZJNNDqdAUiuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvd2RwbTlmQWhSb21MMkpJMWtrMDBPcDBCU0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAQ8ckPZo+sdcPzaTjd6
j4EtII/dxsjtSG9KXWQdUMedfm2LKgGaoyMdVvxoAlQWMEaT17UmEvrCQSFeKXhR
omc0SIEHjpOIvN7JiUKBwvgkKJU5yPl6kQIQfDAajHVppNy19JdtmKoVtlOR3caP
sLMoNIj3B8uq1CLa0yNIPzRRQuWphSeTJ0j5zuBVwFYheFYHqBy8DMclPfyCYFF/
DphvKSRSZjBfBP/RBFHu1AZr9MUmj9vggVvul2yhozxucSMkkvWfUBgH+IxSmSSf
luaDmSrUhoWHUUmfhcZED4gpbGDV9/z4pegl1u1tWqsjxXICSImqdfRWmyw8d8Fq
cps=
-----END CERTIFICATE-----
Generated at Fri May 2 01:51:39 2025 by rpki-client