Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/w7z1KxQnU71s8PDdyT8NWa2HQOk.roa
File: w7z1KxQnU71s8PDdyT8NWa2HQOk.roa (raw, json)
Hash identifier: mfuK7OspmBRK2CQlzBjA31tTlY9ghzHsQa1M2P1whGg=
Subject key identifier: C3:BC:F5:2B:14:27:53:BD:6C:F0:F0:DD:C9:3F:0D:59:AD:87:40:E9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856EBC746FE49C53AB3210A3AB71A6D7B2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/w7z1KxQnU71s8PDdyT8NWa2HQOk.roa
Signing time: Sun 01 Jan 2023 19:08:42 +0000
ROA not before: Sun 01 Jan 2023 19:08:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:bc:74:6f:e4:9c:53:ab:32:10:a3:ab:71:a6:d7:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 1 19:08:42 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3bcf52b142753bd6cf0f0ddc93f0d59ad8740e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:42:87:cc:5d:23:7d:b2:99:4c:68:20:d2:46:
20:32:1d:5a:74:74:b1:6c:5a:78:39:57:19:ee:f4:
a7:5d:5e:5b:68:0d:3d:3c:5a:23:f3:3b:b8:d1:6f:
bb:27:48:3e:51:4a:58:23:2b:90:47:e8:b9:c1:ed:
f7:9b:53:e9:1e:36:c7:08:0f:be:2f:b0:71:f3:52:
f7:2e:67:0f:aa:1d:9f:d4:7a:7d:26:0a:01:09:ab:
8b:5e:b2:44:98:91:ea:47:b4:a2:55:60:fc:7a:a2:
f2:16:4c:c7:8c:49:23:ba:53:90:30:42:b9:9d:6a:
33:3d:27:6a:3b:98:98:13:71:da:c9:42:a3:55:00:
c9:fc:cb:c0:88:6a:5a:06:29:72:44:5a:4e:4a:e6:
68:e5:b0:f1:b5:be:bf:1d:1d:25:f0:b3:07:ea:99:
e9:b8:c8:e4:f5:c2:65:8c:ba:1a:50:49:59:1e:8c:
a7:72:82:1d:eb:84:25:42:59:da:0a:85:dd:58:6c:
f4:ba:da:77:05:7d:3c:05:81:c3:e8:85:ff:97:62:
b6:f2:9b:69:88:5b:80:5d:78:b5:28:82:fe:47:47:
72:84:84:21:d7:21:13:24:eb:04:22:6b:2a:6e:37:
65:dd:7e:fc:d6:8b:aa:de:7d:3b:ef:9b:55:96:62:
46:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:BC:F5:2B:14:27:53:BD:6C:F0:F0:DD:C9:3F:0D:59:AD:87:40:E9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/w7z1KxQnU71s8PDdyT8NWa2HQOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:78:22:6d:40:32:ff:1f:f0:84:ad:7e:cb:e3:62:27:a9:c6:
dd:54:25:d0:e6:ff:73:29:91:90:9a:72:cb:86:b3:33:c2:aa:
db:ad:f1:b1:72:e3:62:e2:05:05:c0:85:b9:76:e1:a7:48:9f:
c0:ea:c1:33:1c:3a:aa:aa:dc:09:fe:b6:3f:66:76:80:89:05:
bd:7e:de:ef:20:b0:11:ca:68:9f:62:94:35:ec:4a:6d:53:25:
e3:10:2a:a1:4b:ed:93:64:d6:13:2f:d2:c8:77:19:ee:97:d0:
d5:0b:91:a1:a9:2d:46:2a:fd:13:20:81:da:2b:bd:a9:68:9a:
cd:e0:9a:a9:86:41:e5:cf:dc:36:29:94:32:8c:90:a0:8e:e7:
aa:6e:f7:81:34:df:25:b1:45:9b:e4:8d:e0:79:e7:9e:1f:24:
85:34:52:ef:78:4f:71:33:cc:78:9c:b7:d4:bd:a7:44:59:6e:
d1:de:15:b2:e4:e1:3b:6a:41:46:d6:f1:05:f4:51:3e:e1:f9:
f2:56:7f:c5:a9:86:66:69:7d:bd:41:e2:0b:f0:01:af:fa:70:
ef:73:9c:1b:f2:9a:31:58:7c:2c:b6:10:26:15:c0:a7:9e:da:
41:00:5b:09:50:5e:0f:53:eb:5f:b6:2a:c8:c5:cc:38:02:c0:
94:ee:0b:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuvHRv5JxTqzIQo6txpteyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAxMTkwODQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2JjZjUyYjE0Mjc1M2JkNmNmMGYwZGRjOTNmMGQ1OWFkODc0MGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEKHzF0jfbKZTGgg0kYgMh1adHSx
bFp4OVcZ7vSnXV5baA09PFoj8zu40W+7J0g+UUpYIyuQR+i5we33m1PpHjbHCA++
L7Bx81L3LmcPqh2f1Hp9JgoBCauLXrJEmJHqR7SiVWD8eqLyFkzHjEkjulOQMEK5
nWozPSdqO5iYE3HayUKjVQDJ/MvAiGpaBilyRFpOSuZo5bDxtb6/HR0l8LMH6pnp
uMjk9cJljLoaUElZHoyncoId64QlQlnaCoXdWGz0utp3BX08BYHD6IX/l2K28ptp
iFuAXXi1KIL+R0dyhIQh1yETJOsEImsqbjdl3X781ouq3n0775tVlmJGOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMO89SsUJ1O9bPDw3ck/DVmth0DpMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdzd6MUt4UW5VNzFzOFBEZHlUOE5XYTJIUU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFV4Im1AMv8f8IStfsvj
Yiepxt1UJdDm/3MpkZCacsuGszPCqtut8bFy42LiBQXAhbl24adIn8DqwTMcOqqq
3An+tj9mdoCJBb1+3u8gsBHKaJ9ilDXsSm1TJeMQKqFL7ZNk1hMv0sh3Ge6X0NUL
kaGpLUYq/RMggdorvaloms3gmqmGQeXP3DYplDKMkKCO56pu94E03yWxRZvkjeB5
554fJIU0Uu94T3EzzHict9S9p0RZbtHeFbLk4TtqQUbW8QX0UT7h+fJWf8WphmZp
fb1B4gvwAa/6cO9znBvymjFYfCy2ECYVwKee2kEAWwlQXg9T61+2KsjFzDgCwJTu
C5k=
-----END CERTIFICATE-----
Generated at Mon Jun 9 07:41:34 2025 by rpki-client