Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_sdIsiDpUcaTGbVXUen3YvThiEc.roa
File: _sdIsiDpUcaTGbVXUen3YvThiEc.roa (raw, json)
Hash identifier: 9UzLa1rFo2IC4Kjg2AnS68aiAjXEtS63C0u8ZAgXLOY=
Subject key identifier: FE:C7:48:B2:20:E9:51:C6:93:19:B5:57:51:E9:F7:62:F4:E1:88:47
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869F0B66E160C4361FFA131C1065C83907
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_sdIsiDpUcaTGbVXUen3YvThiEc.roa
Signing time: Wed 01 Mar 2023 21:19:29 +0000
ROA not before: Wed 01 Mar 2023 21:19:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9f:0b:66:e1:60:c4:36:1f:fa:13:1c:10:65:c8:39:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 1 21:19:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fec748b220e951c69319b55751e9f762f4e18847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:28:19:42:68:73:c3:2a:07:bc:63:70:7e:7e:
c5:5a:a9:ee:dc:7d:62:06:4b:36:47:88:92:73:89:
d1:5d:f1:6e:33:38:28:5d:f6:2f:31:02:88:d4:13:
cc:00:09:a5:76:08:08:75:41:3b:41:cf:ae:66:92:
3c:82:73:cb:53:bb:84:3e:60:57:4c:0d:12:c4:b3:
36:72:20:8e:8a:bd:73:99:08:9d:bc:e6:e3:86:96:
a2:9f:63:05:57:48:c7:ac:8d:2e:46:09:13:a8:59:
24:c9:57:19:52:dc:8b:13:32:d9:05:4d:91:2b:ee:
4b:6d:83:66:97:f2:19:36:fc:11:1f:09:15:62:92:
b8:b5:ac:93:7c:f1:b0:22:07:e9:50:cb:4c:04:ea:
1e:a3:55:f2:69:17:32:65:85:fe:9f:f4:ec:dc:ce:
4d:08:76:aa:ce:ec:77:86:59:bd:3c:94:53:79:6f:
f2:80:9b:53:e9:27:e7:a5:83:23:12:f5:02:99:03:
45:81:89:e5:9e:61:61:55:a2:8b:07:9e:8c:9f:50:
0e:34:cb:25:d8:c9:89:63:d0:c5:30:89:b9:7d:87:
cc:0a:40:47:68:ab:a0:28:1e:3d:dc:07:fc:5e:c0:
85:63:f9:60:74:27:ad:fa:55:8f:77:f8:95:ad:ab:
74:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C7:48:B2:20:E9:51:C6:93:19:B5:57:51:E9:F7:62:F4:E1:88:47
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_sdIsiDpUcaTGbVXUen3YvThiEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
92:bb:f7:96:48:71:5e:c8:47:66:22:3d:40:cf:72:27:19:56:
24:5e:ce:4e:92:06:c2:6a:48:03:3c:60:b7:46:18:d9:d1:c7:
86:5e:7d:96:f6:6c:85:a6:c3:0c:ba:c5:e5:c2:9e:8c:5c:55:
d9:0d:27:2a:70:8b:91:50:45:25:ef:7d:d3:ca:47:66:76:e3:
a6:ab:64:a2:ed:6a:94:73:a7:ec:fa:70:96:c6:79:aa:36:59:
a0:f1:10:f3:12:32:50:40:d8:19:f0:81:55:67:f6:cf:71:a5:
b6:73:19:e6:6c:4b:3c:3e:61:42:40:8e:c2:55:ee:1f:04:5a:
22:b2:61:0a:55:b4:c0:22:9f:2e:0c:c1:ed:f1:46:02:52:da:
af:ef:2d:10:2c:84:84:8a:87:60:d6:47:11:9b:e7:fa:fc:fe:
ca:27:70:6f:74:0a:37:b4:13:a2:dd:e4:b5:45:a9:96:68:50:
4f:4c:41:95:23:a5:7e:fa:4d:93:97:ab:61:33:a7:98:32:92:
a5:5d:d6:19:19:21:00:85:f6:06:d7:44:c4:b9:41:f7:e5:60:
f1:e4:5d:11:eb:6d:b3:5d:7a:6a:56:bf:29:f4:bc:8c:ad:9e:
07:36:4a:97:fe:fe:85:e0:3c:23:92:71:62:7a:62:52:04:8f:
82:50:fc:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYafC2bhYMQ2H/oTHBBlyDkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAxMjExOTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWM3NDhiMjIwZTk1MWM2OTMxOWI1NTc1MWU5Zjc2MmY0ZTE4ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuygZQmhzwyoHvGNwfn7FWqnu3H1i
Bks2R4iSc4nRXfFuMzgoXfYvMQKI1BPMAAmldggIdUE7Qc+uZpI8gnPLU7uEPmBX
TA0SxLM2ciCOir1zmQidvObjhpain2MFV0jHrI0uRgkTqFkkyVcZUtyLEzLZBU2R
K+5LbYNml/IZNvwRHwkVYpK4tayTfPGwIgfpUMtMBOoeo1XyaRcyZYX+n/Ts3M5N
CHaqzux3hlm9PJRTeW/ygJtT6SfnpYMjEvUCmQNFgYnlnmFhVaKLB56Mn1AONMsl
2MmJY9DFMIm5fYfMCkBHaKugKB493Af8XsCFY/lgdCet+lWPd/iVrat0cQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP7HSLIg6VHGkxm1V1Hp92L04YhHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvX3NkSXNpRHBVY2FUR2JWWFVlbjNZdlRoaUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJK795ZIcV7IR2YiPUDP
cicZViRezk6SBsJqSAM8YLdGGNnRx4ZefZb2bIWmwwy6xeXCnoxcVdkNJypwi5FQ
RSXvfdPKR2Z246arZKLtapRzp+z6cJbGeao2WaDxEPMSMlBA2BnwgVVn9s9xpbZz
GeZsSzw+YUJAjsJV7h8EWiKyYQpVtMAiny4Mwe3xRgJS2q/vLRAshISKh2DWRxGb
5/r8/soncG90Cje0E6Ld5LVFqZZoUE9MQZUjpX76TZOXq2Ezp5gykqVd1hkZIQCF
9gbXRMS5QfflYPHkXRHrbbNdempWvyn0vIytngc2Spf+/oXgPCOScWJ6YlIEj4JQ
/II=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:31:10 2025 by rpki-client