Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-VpfUkojwgQGEIOrGEzYxpWA3UA.roa
File: 1-VpfUkojwgQGEIOrGEzYxpWA3UA.roa (raw, json)
Hash identifier: rasAhrMypN6SDhNxt4U0DnAHtfritCaEGGxd298TNCE=
Subject key identifier: F9:5A:5F:52:4A:23:C2:04:06:10:83:AB:18:4C:D8:C6:95:80:DD:40
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184AA6A61FF1F4E2FDC330B007BD7C9A6E3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-VpfUkojwgQGEIOrGEzYxpWA3UA.roa
Signing time: Thu 24 Nov 2022 16:13:29 +0000
ROA not before: Thu 24 Nov 2022 16:13:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:9f03:9814/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:aa:6a:61:ff:1f:4e:2f:dc:33:0b:00:7b:d7:c9:a6:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 24 16:13:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f95a5f524a23c204061083ab184cd8c69580dd40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4c:28:f6:1c:5f:79:2d:37:26:76:a8:dd:b2:
66:32:fb:f5:24:32:c1:84:f3:24:8c:b9:1f:46:8b:
a3:db:ba:29:42:48:76:7d:4a:ec:23:1b:0e:ee:d1:
ca:76:1d:b7:ba:ac:e2:fa:48:09:8b:24:a9:ed:f2:
78:ab:da:1a:a9:4e:d7:92:a6:c8:b6:e6:81:c3:fd:
3c:9a:18:4e:45:64:05:58:61:a6:0f:3c:9b:94:3d:
7e:78:23:9b:92:74:5e:68:4c:f1:c3:27:83:f3:22:
30:8e:90:df:59:e8:8b:73:77:16:7e:ca:fd:5b:05:
b5:7b:d5:fb:73:33:d8:c2:40:99:40:33:02:b5:e9:
a0:14:38:3e:48:51:c6:50:df:49:f9:60:e5:4c:ad:
96:79:06:ed:77:14:16:43:84:1c:fe:ba:39:cb:6f:
72:a7:f9:d5:da:b7:09:a4:cb:2b:f3:fd:d0:c9:e3:
61:c7:22:5e:0b:63:1a:71:58:0e:ba:f3:be:fd:8e:
81:88:74:0c:8a:bb:fb:bf:cf:0a:11:ab:6f:d0:33:
83:12:8c:38:f8:09:f1:db:6f:3e:da:30:0f:9c:7b:
70:e8:d4:93:69:f0:c9:9c:c1:36:0c:3b:27:83:4d:
fc:bc:6a:09:90:e9:7b:8a:2d:1a:f7:19:0f:3c:eb:
98:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:5A:5F:52:4A:23:C2:04:06:10:83:AB:18:4C:D8:C6:95:80:DD:40
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-VpfUkojwgQGEIOrGEzYxpWA3UA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
29:5c:5a:96:46:38:b7:63:f9:6f:8a:87:eb:c3:50:3a:a0:00:
91:c5:e8:9d:04:03:ed:46:98:36:e0:f4:84:1c:d2:13:d1:22:
b3:e8:74:fc:dc:3b:bb:b5:b5:49:39:df:1e:99:eb:0d:a6:13:
1d:ec:1f:24:3b:aa:22:32:47:a1:dd:38:36:51:68:2e:c0:e4:
19:68:87:3b:82:ae:4b:c1:00:10:83:98:d6:07:f0:d8:86:11:
ba:e5:66:15:11:17:f1:c4:e9:34:a3:bf:cf:51:c7:5c:96:ed:
0a:c8:f8:14:4d:19:3c:19:6f:a1:13:63:f7:d4:c7:60:95:a2:
39:64:98:bd:74:b5:77:8f:4d:d5:8b:40:03:fd:88:8a:80:57:
b3:9c:e5:0d:65:af:2c:a8:33:df:e1:e8:4f:0b:57:f2:72:a9:
a2:93:c7:4a:ba:84:d4:0d:c2:0d:00:e4:63:a1:ce:d4:93:8b:
fa:ab:7a:04:57:ba:70:63:14:39:e7:27:95:fc:7e:4b:3b:5f:
c8:59:52:f5:2a:95:2e:ea:05:cf:73:13:58:31:a8:7a:0d:0a:
06:74:1b:a5:fb:61:81:d7:3a:af:dc:49:04:cb:51:91:6d:d4:
f5:c7:70:1e:05:e4:a7:52:cf:6c:5f:56:63:0d:1a:3f:2d:45:
08:d8:f8:55
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYSqamH/H04v3DMLAHvXyabjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTI0MTYxMzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTVhNWY1MjRhMjNjMjA0MDYxMDgzYWIxODRjZDhjNjk1ODBkZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUwo9hxfeS03Jnao3bJmMvv1JDLB
hPMkjLkfRouj27opQkh2fUrsIxsO7tHKdh23uqzi+kgJiySp7fJ4q9oaqU7XkqbI
tuaBw/08mhhORWQFWGGmDzyblD1+eCObknReaEzxwyeD8yIwjpDfWeiLc3cWfsr9
WwW1e9X7czPYwkCZQDMCtemgFDg+SFHGUN9J+WDlTK2WeQbtdxQWQ4Qc/ro5y29y
p/nV2rcJpMsr8/3QyeNhxyJeC2MacVgOuvO+/Y6BiHQMirv7v88KEatv0DODEow4
+Anx228+2jAPnHtw6NSTafDJnME2DDsng038vGoJkOl7ii0a9xkPPOuYVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPlaX1JKI8IEBhCDqxhM2MaVgN1AMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMS1WcGZVa29qd2dRR0VJT3JHRXpZeHBXQTNVQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFh
Ni8xL2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQApXFqWRji3Y/lviofr
w1A6oACRxeidBAPtRpg24PSEHNIT0SKz6HT83Du7tbVJOd8emesNphMd7B8kO6oi
Mkeh3Tg2UWguwOQZaIc7gq5LwQAQg5jWB/DYhhG65WYVERfxxOk0o7/PUcdclu0K
yPgUTRk8GW+hE2P31MdglaI5ZJi9dLV3j03Vi0AD/YiKgFeznOUNZa8sqDPf4ehP
C1fycqmik8dKuoTUDcINAORjoc7Uk4v6q3oEV7pwYxQ55yeV/H5LO1/IWVL1KpUu
6gXPcxNYMah6DQoGdBul+2GB1zqv3EkEy1GRbdT1x3AeBeSnUs9sX1ZjDRo/LUUI
2PhV
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:43:46 2025 by rpki-client