Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GvAPhQ8_MXPSNP_qIVn1OxNJPNE.roa
File: GvAPhQ8_MXPSNP_qIVn1OxNJPNE.roa (raw, json)
Hash identifier: nx76SDDM7wqBNmIVggG8OtUyjGGVxh9HvLDwhVjrQ+E=
Subject key identifier: 1A:F0:0F:85:0F:3F:31:73:D2:34:FF:EA:21:59:F5:3B:13:49:3C:D1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185469C3B7CFE964DACE8E22C52C5E1E7A0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GvAPhQ8_MXPSNP_qIVn1OxNJPNE.roa
Signing time: Sun 25 Dec 2022 00:08:41 +0000
ROA not before: Sun 25 Dec 2022 00:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:46:9c:3b:7c:fe:96:4d:ac:e8:e2:2c:52:c5:e1:e7:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 25 00:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1af00f850f3f3173d234ffea2159f53b13493cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:06:78:ed:cd:c0:de:01:6b:89:d1:65:37:f0:
98:cb:48:8b:65:65:d1:e8:07:ce:dd:2a:c5:e1:9f:
99:30:ea:78:20:c5:4f:82:80:59:52:76:93:d3:59:
fe:ad:69:4a:85:69:44:8c:d5:c3:b4:b1:95:cd:9e:
03:13:74:b1:e1:ef:75:0c:ba:02:76:2f:d9:3b:cc:
12:7c:c6:b8:9d:26:5f:62:a0:ab:82:28:84:f0:b3:
5d:5e:37:f1:3c:97:0e:f9:7e:b6:38:bf:46:79:29:
05:ef:ee:59:72:e2:d2:62:1a:8f:d4:54:fe:a1:f1:
67:b6:fd:b9:96:1e:69:10:45:86:3a:30:e7:3a:b5:
98:e9:f6:63:a4:6e:ec:96:b2:97:98:74:9b:6f:ce:
78:e7:4c:c9:47:a9:55:dd:ca:2d:09:1a:a1:27:c1:
0f:9d:da:95:a5:9d:82:d7:70:21:93:d4:d5:f3:bd:
a8:a0:78:ac:c0:75:ec:24:ac:46:7e:f1:15:9e:88:
98:b5:32:9c:db:02:01:94:5e:43:60:0a:55:64:47:
a0:50:bd:15:a1:58:98:87:c6:fc:e3:32:3a:2f:56:
d0:70:1d:07:37:b5:7a:4d:01:4f:e9:97:bc:01:0e:
a9:cc:7d:1d:7f:c2:60:aa:ab:d9:80:e8:dc:f6:f6:
5c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F0:0F:85:0F:3F:31:73:D2:34:FF:EA:21:59:F5:3B:13:49:3C:D1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GvAPhQ8_MXPSNP_qIVn1OxNJPNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:0d:a8:cc:00:c1:60:35:c3:a9:e1:1d:b7:64:c4:8d:a1:5a:
ef:41:a6:3b:49:60:10:3a:a9:5e:66:e7:69:3d:d8:19:6e:22:
e5:8d:4b:1f:19:4e:ad:b2:c8:9e:bb:2e:f2:bc:f8:4f:7c:80:
fe:05:12:02:30:96:af:4a:65:b0:c6:2e:cd:39:55:53:95:4b:
e4:8b:15:bd:66:36:63:e9:eb:ab:f2:e6:ee:d1:af:0f:3b:c2:
fd:3c:51:24:ca:c9:fd:c8:9a:66:bc:e9:fb:dd:58:cd:82:d3:
8f:a1:90:a2:0f:b7:b1:77:32:89:09:23:07:27:28:c7:b8:90:
22:0a:99:88:77:cb:d7:8b:94:46:f5:6f:43:f7:17:c2:cb:94:
da:dd:83:49:70:ed:f7:96:9a:ee:6d:71:7e:23:4a:ae:c3:ab:
a1:15:c8:73:e9:7f:d6:50:2f:c8:65:c3:67:4a:f1:0e:d3:66:
17:84:77:9d:2b:47:d2:9c:af:ff:89:8b:2f:6d:9a:94:be:a7:
c2:5e:82:3d:2c:e2:ce:0f:dd:a6:8e:68:24:35:c8:e3:43:5a:
3e:2f:d8:0c:37:17:45:10:02:76:65:6c:89:fb:ab:e9:57:dc:
d7:2f:fd:7a:a7:84:00:d3:96:ce:ea:6c:56:4c:97:48:75:2d:
6d:7f:d6:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVGnDt8/pZNrOjiLFLF4eegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI1MDAwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWYwMGY4NTBmM2YzMTczZDIzNGZmZWEyMTU5ZjUzYjEzNDkzY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQZ47c3A3gFridFlN/CYy0iLZWXR
6AfO3SrF4Z+ZMOp4IMVPgoBZUnaT01n+rWlKhWlEjNXDtLGVzZ4DE3Sx4e91DLoC
di/ZO8wSfMa4nSZfYqCrgiiE8LNdXjfxPJcO+X62OL9GeSkF7+5ZcuLSYhqP1FT+
ofFntv25lh5pEEWGOjDnOrWY6fZjpG7slrKXmHSbb85450zJR6lV3cotCRqhJ8EP
ndqVpZ2C13Ahk9TV872ooHiswHXsJKxGfvEVnoiYtTKc2wIBlF5DYApVZEegUL0V
oViYh8b84zI6L1bQcB0HN7V6TQFP6Ze8AQ6pzH0df8JgqqvZgOjc9vZcjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBrwD4UPPzFz0jT/6iFZ9TsTSTzRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvR3ZBUGhROF9NWFBTTlBfcUlWbjFPeE5KUE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHMNqMwAwWA1w6nhHbdk
xI2hWu9BpjtJYBA6qV5m52k92BluIuWNSx8ZTq2yyJ67LvK8+E98gP4FEgIwlq9K
ZbDGLs05VVOVS+SLFb1mNmPp66vy5u7Rrw87wv08USTKyf3Imma86fvdWM2C04+h
kKIPt7F3MokJIwcnKMe4kCIKmYh3y9eLlEb1b0P3F8LLlNrdg0lw7feWmu5tcX4j
Sq7Dq6EVyHPpf9ZQL8hlw2dK8Q7TZheEd50rR9Kcr/+Jiy9tmpS+p8Jegj0s4s4P
3aaOaCQ1yONDWj4v2Aw3F0UQAnZlbIn7q+lX3Ncv/XqnhADTls7qbFZMl0h1LW1/
1nY=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:40:52 2025 by rpki-client