Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/v7tJDnn8FVHlZYauyfrb8zYUkjk.roa
File: v7tJDnn8FVHlZYauyfrb8zYUkjk.roa (raw, json)
Hash identifier: fBB8z8qnyoyUGv/AdDFBPjj9sMjF4VATAFoeYyQcKzs=
Subject key identifier: BF:BB:49:0E:79:FC:15:51:E5:65:86:AE:C9:FA:DB:F3:36:14:92:39
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01857E9E4C73865061A867406ECCA3D67C91
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/v7tJDnn8FVHlZYauyfrb8zYUkjk.roa
Signing time: Wed 04 Jan 2023 21:09:41 +0000
ROA not before: Wed 04 Jan 2023 21:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7e:9e:4c:73:86:50:61:a8:67:40:6e:cc:a3:d6:7c:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 4 21:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfbb490e79fc1551e56586aec9fadbf336149239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b2:7b:84:4b:87:61:05:18:98:85:96:bc:b1:
e5:4c:be:50:58:59:9e:b3:11:81:7c:dd:31:22:95:
a9:85:2b:51:43:3a:e5:e1:09:bf:81:3b:1b:ce:6d:
18:19:6d:1d:e9:27:17:c1:75:64:ee:05:90:d2:a9:
5f:9f:75:c0:f8:65:72:11:f4:f4:f6:55:9d:c8:a8:
1e:88:31:40:34:85:58:d6:7e:c3:6b:c1:9d:47:98:
d0:db:0a:34:eb:94:db:e3:8d:e4:12:a6:52:d5:4e:
49:6c:b0:ad:2c:60:d7:20:f0:3d:86:be:0c:b0:ff:
fe:75:0b:02:92:7b:4d:c9:e7:73:12:2e:0e:3d:f0:
89:d1:5e:a5:3b:d2:16:ac:6d:62:56:4a:15:89:0a:
87:18:fa:05:5e:92:ce:6f:3b:a4:de:39:b6:d9:41:
15:7a:95:10:e0:61:67:34:33:29:60:12:ed:0f:db:
e6:44:b4:c8:e2:35:f3:4b:0f:4d:a4:b6:d5:ed:54:
d0:8a:0a:ad:c3:72:3a:34:6d:50:8b:c2:6f:7e:a4:
ea:0f:51:29:4e:71:18:ed:34:9c:09:ab:a4:c1:e5:
4e:f2:d8:69:b7:4b:db:2e:6b:39:91:14:72:9e:68:
f0:4b:9d:1c:80:cc:c1:a6:91:b8:4e:0e:0c:15:9e:
6d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:BB:49:0E:79:FC:15:51:E5:65:86:AE:C9:FA:DB:F3:36:14:92:39
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/v7tJDnn8FVHlZYauyfrb8zYUkjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:1c:dc:17:d7:cb:af:d2:a7:c3:84:0b:f6:cd:cd:fd:d2:46:
8b:d7:d9:bd:8a:c8:9a:38:49:74:b6:7d:03:c4:5d:09:cc:b8:
fb:bd:f5:ef:9f:df:4e:69:e2:81:12:89:ae:ec:53:11:b3:36:
1e:fa:7a:cd:e8:07:07:6b:a6:b9:03:78:7e:06:c3:88:d8:73:
0a:a7:92:cc:19:ce:74:e7:7e:fe:81:0b:c8:c7:53:59:4f:cb:
fe:13:43:f6:13:bb:38:b9:54:ab:24:9e:c0:c3:a8:b7:fe:fa:
ff:5f:29:44:9d:4c:76:b0:c7:b5:dd:e1:e5:8a:64:6b:39:cc:
51:ba:c9:fa:50:98:03:c8:37:78:93:31:97:ca:16:b2:7a:70:
03:09:62:ac:8f:bb:82:23:44:ba:7b:4a:0b:ab:44:65:bf:e8:
54:5d:18:95:8d:54:ee:ab:cc:1e:7c:e6:42:d1:5f:c7:2a:ec:
ce:3a:e5:6f:c3:d9:bf:ae:6b:b3:f9:d9:4b:33:9c:6b:f2:6e:
01:af:ae:ce:78:6f:55:d8:48:89:4b:99:ff:57:d5:5d:be:aa:
e7:d7:4c:3b:40:15:88:3d:c5:40:18:be:d1:b8:50:31:e5:c4:
1d:76:ac:b2:55:d2:f0:20:f4:ea:aa:87:dc:f1:d1:75:94:a7:
37:e0:b0:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV+nkxzhlBhqGdAbsyj1nyRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA0MjEwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmJiNDkwZTc5ZmMxNTUxZTU2NTg2YWVjOWZhZGJmMzM2MTQ5MjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrJ7hEuHYQUYmIWWvLHlTL5QWFme
sxGBfN0xIpWphStRQzrl4Qm/gTsbzm0YGW0d6ScXwXVk7gWQ0qlfn3XA+GVyEfT0
9lWdyKgeiDFANIVY1n7Da8GdR5jQ2wo065Tb443kEqZS1U5JbLCtLGDXIPA9hr4M
sP/+dQsCkntNyedzEi4OPfCJ0V6lO9IWrG1iVkoViQqHGPoFXpLObzuk3jm22UEV
epUQ4GFnNDMpYBLtD9vmRLTI4jXzSw9NpLbV7VTQigqtw3I6NG1Qi8JvfqTqD1Ep
TnEY7TScCaukweVO8thpt0vbLms5kRRynmjwS50cgMzBppG4Tg4MFZ5tawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL+7SQ55/BVR5WWGrsn62/M2FJI5MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdjd0SkRubjhGVkhsWllhdXlmcmI4ellVa2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKIc3BfXy6/Sp8OEC/bN
zf3SRovX2b2KyJo4SXS2fQPEXQnMuPu99e+f305p4oESia7sUxGzNh76es3oBwdr
prkDeH4Gw4jYcwqnkswZznTnfv6BC8jHU1lPy/4TQ/YTuzi5VKsknsDDqLf++v9f
KUSdTHawx7Xd4eWKZGs5zFG6yfpQmAPIN3iTMZfKFrJ6cAMJYqyPu4IjRLp7Sgur
RGW/6FRdGJWNVO6rzB585kLRX8cq7M465W/D2b+ua7P52UsznGvybgGvrs54b1XY
SIlLmf9X1V2+qufXTDtAFYg9xUAYvtG4UDHlxB12rLJV0vAg9Oqqh9zx0XWUpzfg
sKA=
-----END CERTIFICATE-----
Generated at Mon Jun 9 07:58:16 2025 by rpki-client