Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zVcRSByzCXv4jrwZH9SVx6AaQJw.roa
File: zVcRSByzCXv4jrwZH9SVx6AaQJw.roa (raw, json)
Hash identifier: UDaJEENla1RFkucDUeo3aWRkvgj1l8V0I247jIczuw4=
Subject key identifier: CD:57:11:48:1C:B3:09:7B:F8:8E:BC:19:1F:D4:95:C7:A0:1A:40:9C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186421C794B968F3A859167F4E691198564
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zVcRSByzCXv4jrwZH9SVx6AaQJw.roa
Signing time: Sat 11 Feb 2023 20:13:27 +0000
ROA not before: Sat 11 Feb 2023 20:13:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:42:1c:79:4b:96:8f:3a:85:91:67:f4:e6:91:19:85:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 11 20:13:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd5711481cb3097bf88ebc191fd495c7a01a409c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4b:8e:0f:ff:0f:9a:ee:2e:3b:44:6d:b2:81:
ce:84:79:c6:49:8a:b0:4b:ac:eb:cf:6c:dd:f1:0d:
e4:93:9f:01:8b:69:09:5b:d5:7f:a1:40:80:a3:d6:
75:59:aa:5b:8f:6d:4c:53:46:4f:26:2a:14:fb:98:
b8:7e:b1:48:19:23:71:8a:3f:d4:16:c2:f6:fc:cd:
0a:e7:f5:04:5a:94:63:49:e6:cc:08:d4:ab:6c:bc:
46:4b:1b:fa:af:e1:de:d8:42:c3:1c:66:12:82:4b:
17:b0:3e:12:9c:b8:44:40:85:2c:11:92:6b:5d:c3:
3a:c1:f0:b8:7a:db:c4:cd:a0:a3:48:48:d6:28:da:
83:83:4e:c5:9a:7f:da:92:96:fd:dd:ce:15:2f:3f:
35:08:8b:8c:5c:0b:0f:ab:49:4f:ea:05:dd:f6:09:
30:13:9a:95:20:fe:15:3f:1a:4b:10:2d:49:19:7f:
0a:fd:4b:67:7f:58:6c:61:30:49:0a:07:25:d5:ff:
50:4d:50:5f:36:cd:e8:47:58:f4:ca:a6:fd:35:39:
61:1e:34:d1:fa:ff:92:9f:e1:2f:01:34:94:1d:95:
ae:ac:90:61:33:77:06:57:09:a1:ab:36:f2:0b:2d:
aa:6f:41:9e:86:bc:d2:b5:99:c7:42:14:0b:d8:f6:
c9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:57:11:48:1C:B3:09:7B:F8:8E:BC:19:1F:D4:95:C7:A0:1A:40:9C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/zVcRSByzCXv4jrwZH9SVx6AaQJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:b3:2c:0f:aa:60:d2:97:cd:43:2a:ea:6b:d0:e7:c4:50:d5:
d9:4b:b9:93:e3:09:e0:db:f8:c7:dd:29:6e:af:af:1d:5b:0f:
78:c4:5c:64:d7:20:4d:86:65:41:52:e7:0e:18:d1:40:53:37:
ca:89:c8:6a:f2:60:57:1e:0e:cc:d0:f5:c1:1c:d1:1a:38:de:
b7:c7:fa:9a:df:f6:e8:e0:b2:00:ec:b7:62:fe:75:9c:d5:04:
51:6c:f0:72:0a:08:45:43:d9:14:33:1b:e5:e6:38:a6:8c:4e:
ea:27:3c:d0:f4:10:bc:db:c2:2d:f0:22:42:42:54:76:46:61:
85:a0:64:63:92:ec:c1:a2:b1:1b:c3:03:8e:2e:4a:d8:67:f2:
c1:87:7a:e3:6d:2f:f3:b1:ef:c6:de:d0:61:b6:0a:5e:4d:90:
14:de:62:fe:65:d5:9f:58:40:c3:76:8d:65:88:d8:ce:b4:2a:
37:47:42:da:f4:56:75:d1:fd:8a:31:5b:d6:72:2d:92:d6:1e:
12:8f:9b:be:42:94:e9:5f:ae:45:f4:5e:f4:8c:bd:e2:7c:09:
41:b8:2f:4f:e2:08:fd:4c:f2:3e:04:e8:4c:40:ec:e9:d2:7e:
bb:9e:8f:b3:4d:a3:47:21:71:01:37:b3:23:dc:72:4f:72:c3:
b3:55:e3:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZCHHlLlo86hZFn9OaRGYVkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjExMjAxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDU3MTE0ODFjYjMwOTdiZjg4ZWJjMTkxZmQ0OTVjN2EwMWE0MDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEuOD/8Pmu4uO0RtsoHOhHnGSYqw
S6zrz2zd8Q3kk58Bi2kJW9V/oUCAo9Z1Wapbj21MU0ZPJioU+5i4frFIGSNxij/U
FsL2/M0K5/UEWpRjSebMCNSrbLxGSxv6r+He2ELDHGYSgksXsD4SnLhEQIUsEZJr
XcM6wfC4etvEzaCjSEjWKNqDg07Fmn/akpb93c4VLz81CIuMXAsPq0lP6gXd9gkw
E5qVIP4VPxpLEC1JGX8K/Utnf1hsYTBJCgcl1f9QTVBfNs3oR1j0yqb9NTlhHjTR
+v+Sn+EvATSUHZWurJBhM3cGVwmhqzbyCy2qb0GehrzStZnHQhQL2PbJeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM1XEUgcswl7+I68GR/UlcegGkCcMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvelZjUlNCeXpDWHY0anJ3Wkg5U1Z4NkFhUUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKazLA+qYNKXzUMq6mvQ
58RQ1dlLuZPjCeDb+MfdKW6vrx1bD3jEXGTXIE2GZUFS5w4Y0UBTN8qJyGryYFce
DszQ9cEc0Ro43rfH+prf9ujgsgDst2L+dZzVBFFs8HIKCEVD2RQzG+XmOKaMTuon
PND0ELzbwi3wIkJCVHZGYYWgZGOS7MGisRvDA44uSthn8sGHeuNtL/Ox78be0GG2
Cl5NkBTeYv5l1Z9YQMN2jWWI2M60KjdHQtr0VnXR/YoxW9ZyLZLWHhKPm75ClOlf
rkX0XvSMveJ8CUG4L0/iCP1M8j4E6ExA7OnSfruej7NNo0chcQE3syPcck9yw7NV
45s=
-----END CERTIFICATE-----
Generated at Thu May 1 12:52:30 2025 by rpki-client