Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/x-UnfyX96uENx0KE0J0U4gpkwp8.roa
File: x-UnfyX96uENx0KE0J0U4gpkwp8.roa (raw, json)
Hash identifier: wBj8S8Hb7IpkrQxZCllgoSA9BW85JuqPmRfwLQUxxh0=
Subject key identifier: C7:E5:27:7F:25:FD:EA:E1:0D:C7:42:84:D0:9D:14:E2:0A:64:C2:9F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018333C40D6F2B1D858C809FFCB4F048D0C3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/x-UnfyX96uENx0KE0J0U4gpkwp8.roa
Signing time: Mon 12 Sep 2022 22:13:50 +0000
ROA not before: Mon 12 Sep 2022 22:13:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:33:c4:0d:6f:2b:1d:85:8c:80:9f:fc:b4:f0:48:d0:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 12 22:13:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7e5277f25fdeae10dc74284d09d14e20a64c29f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:28:d1:f2:4a:d2:5a:0f:da:dc:90:2e:48:11:
49:44:a4:97:5d:b6:8f:99:b5:38:9c:cd:66:37:2b:
92:10:58:24:30:3b:85:97:ca:0d:3e:a1:7c:cc:a1:
f9:50:56:e0:99:d9:6e:38:ce:5c:d1:69:26:5e:0d:
f4:9f:95:1a:91:4d:ba:f4:f7:fc:ad:4b:53:ff:be:
88:bd:71:2d:b6:16:bb:d0:37:82:da:9d:3f:e1:3f:
cc:c9:48:e1:db:e7:3b:d7:36:ad:09:32:3d:dd:9f:
0b:5d:2e:ff:df:b0:25:cc:1a:7f:92:40:9e:3e:37:
36:94:d2:77:fd:cc:15:af:88:c4:3d:27:f9:45:a8:
7f:80:1b:1b:5b:c8:ed:5d:7a:9c:68:bf:fb:b2:20:
4d:9e:a2:24:f4:1b:a7:16:59:b4:67:28:58:84:44:
2e:c8:66:b5:ad:ac:36:27:eb:57:79:0b:e2:94:71:
8b:0c:bc:b0:e0:a4:b8:87:9d:4c:cc:1d:21:ec:8e:
8f:05:bc:e9:39:f6:84:93:d1:1f:ac:db:9a:a9:70:
03:c8:3d:83:bb:c6:56:54:cd:39:a8:3f:56:73:ac:
60:1e:ce:f2:0d:58:19:42:74:df:dc:7e:c1:c0:6c:
0d:ac:31:10:b9:04:ca:3c:26:0a:53:fc:cf:00:51:
ed:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E5:27:7F:25:FD:EA:E1:0D:C7:42:84:D0:9D:14:E2:0A:64:C2:9F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/x-UnfyX96uENx0KE0J0U4gpkwp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
af:68:11:09:9e:e6:78:ed:d1:7d:10:35:d4:ac:a6:24:56:fc:
62:3d:45:22:32:39:56:c5:8f:8a:ac:16:d2:25:17:f9:79:9d:
08:33:68:78:01:a7:8a:b0:15:cf:25:6f:20:a3:6d:77:a6:1d:
b5:b5:76:5c:6f:be:fb:04:1b:52:30:b5:d1:24:ec:a0:53:5b:
4b:c3:c3:2c:88:63:ad:85:e8:e9:55:3d:5b:dc:aa:61:56:c1:
5f:9a:04:fb:62:8b:79:0b:c0:7a:be:21:23:26:89:17:84:9c:
33:33:a3:e2:a1:73:00:9d:af:3a:85:83:47:ff:46:55:65:31:
66:65:9f:1a:d4:f6:31:31:ba:49:59:98:c0:c8:b9:d5:f5:e2:
88:f4:ba:10:2c:14:f1:56:6b:67:98:8b:4b:19:47:b9:80:51:
f5:64:ee:b6:95:27:0c:fe:92:5e:45:58:8f:ba:b1:6b:7c:55:
e8:fa:cc:b9:22:99:0c:d3:e2:17:d4:6a:c2:d7:87:7f:87:9b:
a3:f9:d1:54:14:01:b9:6d:7c:10:64:93:63:45:9c:96:55:dc:
d8:cc:a5:dd:48:ff:85:94:02:6e:55:4c:16:42:84:3e:e1:8b:
34:a4:cf:e3:f4:04:9e:d0:13:8f:05:ec:63:e2:35:ed:60:cb:
7a:fb:77:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMzxA1vKx2FjICf/LTwSNDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTEyMjIxMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2U1Mjc3ZjI1ZmRlYWUxMGRjNzQyODRkMDlkMTRlMjBhNjRjMjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSjR8krSWg/a3JAuSBFJRKSXXbaP
mbU4nM1mNyuSEFgkMDuFl8oNPqF8zKH5UFbgmdluOM5c0WkmXg30n5UakU269Pf8
rUtT/76IvXEttha70DeC2p0/4T/MyUjh2+c71zatCTI93Z8LXS7/37AlzBp/kkCe
Pjc2lNJ3/cwVr4jEPSf5Rah/gBsbW8jtXXqcaL/7siBNnqIk9BunFlm0ZyhYhEQu
yGa1raw2J+tXeQvilHGLDLyw4KS4h51MzB0h7I6PBbzpOfaEk9EfrNuaqXADyD2D
u8ZWVM05qD9Wc6xgHs7yDVgZQnTf3H7BwGwNrDEQuQTKPCYKU/zPAFHt/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMflJ38l/erhDcdChNCdFOIKZMKfMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEveC1VbmZ5WDk2dUVOeDBLRTBKMFU0Z3Brd3A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK9oEQme5njt0X0QNdSs
piRW/GI9RSIyOVbFj4qsFtIlF/l5nQgzaHgBp4qwFc8lbyCjbXemHbW1dlxvvvsE
G1IwtdEk7KBTW0vDwyyIY62F6OlVPVvcqmFWwV+aBPtii3kLwHq+ISMmiReEnDMz
o+KhcwCdrzqFg0f/RlVlMWZlnxrU9jExuklZmMDIudX14oj0uhAsFPFWa2eYi0sZ
R7mAUfVk7raVJwz+kl5FWI+6sWt8Vej6zLkimQzT4hfUasLXh3+Hm6P50VQUAblt
fBBkk2NFnJZV3NjMpd1I/4WUAm5VTBZChD7hizSkz+P0BJ7QE48F7GPiNe1gy3r7
d+A=
-----END CERTIFICATE-----
Generated at Thu May 1 05:18:51 2025 by rpki-client