Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/01Sf04zZLlAqBebV5woTY4KJptQ.roa
File: 01Sf04zZLlAqBebV5woTY4KJptQ.roa (raw, json)
Hash identifier: ORT3cVUNnsS1tol1B1AM2/hs7aAnpALwqXe7oMxPajs=
Subject key identifier: D3:54:9F:D3:8C:D9:2E:50:2A:05:E6:D5:E7:0A:13:63:82:89:A6:D4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6B3167D2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/01Sf04zZLlAqBebV5woTY4KJptQ.roa
Signing time: Wed 16 Feb 2022 21:04:55 +0000
ROA not before: Wed 16 Feb 2022 21:04:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17f:45a:3496/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1798399954 (0x6b3167d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 16 21:04:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3549fd38cd92e502a05e6d5e70a13638289a6d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:51:4a:61:a6:8e:3f:1f:86:0e:1c:6f:1a:01:
89:f9:d0:25:02:4c:2f:8e:ba:d4:32:85:e1:ce:ee:
76:89:25:d6:96:60:42:56:da:a1:60:75:c8:9f:8b:
60:fa:d0:d5:b2:8e:b2:30:33:5c:df:ae:03:aa:34:
90:ae:a0:94:76:da:1f:28:4a:9b:4e:d4:f3:fb:1a:
9d:25:65:fa:a1:22:27:0a:51:f4:fe:4f:36:da:7e:
ad:4c:c3:84:7f:b3:cf:a7:08:74:7e:66:6f:86:15:
b3:40:a6:d0:88:59:02:75:83:f7:29:e1:a6:61:70:
6b:9f:10:dc:42:6e:02:e3:e5:74:f2:8b:07:a9:11:
41:8e:b2:76:c7:d0:b6:b6:7d:ae:55:75:5a:d8:3b:
af:d4:0e:98:56:2b:7f:dc:a1:60:cb:aa:84:c7:ee:
07:53:a6:32:fa:3f:29:92:aa:0d:fc:a4:1d:9a:f8:
0f:b5:2d:15:9a:71:cd:3c:ab:7a:61:80:bd:a3:6c:
9f:cf:f1:5c:7a:9b:27:a7:b6:61:ff:10:47:31:b9:
80:96:8e:7d:84:04:36:95:6f:87:4f:f4:90:6b:38:
cd:03:c3:f7:44:28:64:be:2f:3c:86:a7:d3:6a:03:
65:27:e8:42:db:c8:3f:bf:8f:ce:cf:50:b2:a3:9c:
1c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:54:9F:D3:8C:D9:2E:50:2A:05:E6:D5:E7:0A:13:63:82:89:A6:D4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/01Sf04zZLlAqBebV5woTY4KJptQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:58:0b:bb:d4:61:6d:45:77:7d:67:4a:89:99:8e:27:83:dd:
a2:39:33:54:3f:00:41:5b:13:41:4f:80:ab:b2:b5:af:60:26:
2d:85:48:ac:c4:d9:f1:24:44:c1:47:02:ab:ab:6d:28:51:e6:
90:30:30:7f:09:3c:75:82:1d:aa:d1:12:15:ef:6c:5b:be:d2:
57:b0:8f:4f:05:ba:8d:39:f3:4e:27:b9:ac:78:a8:d9:6b:d5:
62:81:4c:33:9e:3f:dc:7d:fe:07:08:73:7f:7a:89:41:4a:70:
57:d6:8b:37:20:36:45:00:40:b5:68:c2:7e:6e:23:96:fd:a5:
15:7b:83:3c:79:1a:e5:f7:0a:69:03:b8:2f:db:e9:64:26:93:
f1:f7:40:ec:10:05:2f:56:aa:33:ec:48:79:26:49:ec:4b:ec:
1e:eb:60:df:78:2b:40:c3:a4:76:cc:88:cd:ae:b7:0b:ef:ef:
37:49:c1:fc:fa:ab:00:21:4e:eb:e6:9b:bd:cc:98:ef:68:3c:
d1:c3:17:73:61:80:53:d3:3d:74:01:a6:f4:72:0e:67:0a:ea:
bf:89:04:d6:df:47:a6:6b:26:0a:43:90:ed:cf:e2:0f:b0:d8:
a4:0a:cb:97:47:ae:cd:64:a1:f2:fb:83:e3:1c:9f:c2:e4:31:
db:b7:1d:76
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEazFn0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIx
NjIxMDQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM1NDlmZDM4Y2Q5
MmU1MDJhMDVlNmQ1ZTcwYTEzNjM4Mjg5YTZkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRRSmGmjj8fhg4cbxoBifnQJQJML4661DKF4c7udokl1pZg
QlbaoWB1yJ+LYPrQ1bKOsjAzXN+uA6o0kK6glHbaHyhKm07U8/sanSVl+qEiJwpR
9P5PNtp+rUzDhH+zz6cIdH5mb4YVs0Cm0IhZAnWD9ynhpmFwa58Q3EJuAuPldPKL
B6kRQY6ydsfQtrZ9rlV1Wtg7r9QOmFYrf9yhYMuqhMfuB1OmMvo/KZKqDfykHZr4
D7UtFZpxzTyremGAvaNsn8/xXHqbJ6e2Yf8QRzG5gJaOfYQENpVvh0/0kGs4zQPD
90QoZL4vPIan02oDZSfoQtvIP7+Pzs9QsqOcHOMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTTVJ/TjNkuUCoF5tXnChNjgomm1DAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
LzAxU2YwNHpaTGxBcUJlYlY1d29UWTRLSnB0US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQADWAu71GFtRXd9Z0qJmY4ng92iOTNUPwBBWxNB
T4CrsrWvYCYthUisxNnxJETBRwKrq20oUeaQMDB/CTx1gh2q0RIV72xbvtJXsI9P
BbqNOfNOJ7mseKjZa9VigUwznj/cff4HCHN/eolBSnBX1os3IDZFAEC1aMJ+biOW
/aUVe4M8eRrl9wppA7gv2+lkJpPx90DsEAUvVqoz7Eh5JknsS+we62DfeCtAw6R2
zIjNrrcL7+83ScH8+qsAIU7r5pu9zJjvaDzRwxdzYYBT0z10Aab0cg5nCuq/iQTW
30emayYKQ5Dtz+IPsNikCsuXR67NZKHy+4PjHJ/C5DHbtx12
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:28:34 2025 by rpki-client