Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/091GteTfzvrAJYkZ8_C2jFmXkXQ.roa
File: 091GteTfzvrAJYkZ8_C2jFmXkXQ.roa (raw, json)
Hash identifier: YSXODGFK8d5VHCKngSG9YfNLQBk7QG8/SuJqRoF03NQ=
Subject key identifier: D3:DD:46:B5:E4:DF:CE:FA:C0:25:89:19:F3:F0:B6:8C:59:97:91:74
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 72260653
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/091GteTfzvrAJYkZ8_C2jFmXkXQ.roa
Signing time: Sun 13 Mar 2022 09:09:24 +0000
ROA not before: Sun 13 Mar 2022 09:09:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1915094611 (0x72260653)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 13 09:09:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3dd46b5e4dfcefac0258919f3f0b68c59979174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:05:90:89:55:c7:4c:23:95:76:58:c7:36:30:
4c:11:be:e1:d4:f8:f6:1a:38:ea:f9:75:49:d9:a8:
b4:a2:42:b2:b1:59:f8:3c:be:01:24:6f:24:ba:a3:
cb:9f:19:ef:0f:70:07:dc:56:a6:e2:e4:29:53:2f:
aa:4c:22:71:34:f0:6b:f2:4c:04:0e:de:28:8f:43:
c6:b9:35:8e:a2:05:ab:d7:a3:fc:b7:03:0a:16:50:
d4:e2:99:90:b8:d8:03:47:6a:9d:22:ca:61:dd:ab:
89:fe:a0:3a:6d:eb:c5:f9:d5:f6:a3:b1:8d:64:76:
15:36:0e:ae:55:e1:d5:23:c4:7f:87:91:86:df:b6:
9c:16:fe:f8:03:6f:40:c9:a4:c7:47:12:fb:6a:82:
f0:3b:7d:06:3b:e8:23:cc:e1:63:9c:3d:0d:aa:0d:
96:ac:6f:4d:d1:1f:82:6d:9b:1a:9c:4b:79:6c:76:
9b:ac:2a:41:a0:a5:94:d5:27:b1:60:77:83:53:ae:
56:33:64:23:2b:f1:fa:27:82:3f:c9:65:eb:2a:93:
55:45:9d:b1:cb:52:aa:1f:ee:e0:b7:0d:2a:f5:80:
c1:12:e4:b0:6a:2e:ff:52:5d:10:cd:ec:49:f7:ea:
61:0d:96:7d:b7:0a:08:30:6e:e0:dd:a5:9f:82:1d:
95:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:DD:46:B5:E4:DF:CE:FA:C0:25:89:19:F3:F0:B6:8C:59:97:91:74
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/091GteTfzvrAJYkZ8_C2jFmXkXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3c:24:0b:24:4c:a8:67:de:4e:31:da:02:28:22:10:f5:41:d8:
8f:ff:f5:c9:7a:c5:a4:7d:ad:63:f1:24:86:6f:f4:e1:6f:e3:
57:55:2f:b3:33:9b:b6:d9:82:fb:ef:cd:74:2d:c2:c2:c6:ea:
ba:c2:99:a4:ee:a2:f5:88:6c:0d:32:af:8e:0b:ef:f1:d9:1a:
9c:35:ae:8c:47:2d:2b:00:14:cd:5f:45:c4:ee:cc:14:4a:d8:
db:00:1b:02:f1:7b:30:33:10:88:e3:8b:f1:97:96:0f:0c:f3:
54:cc:cf:60:52:e7:49:1b:07:ba:12:ca:a3:2a:89:fd:3e:d4:
5b:3b:dd:75:0c:8d:4f:fa:4f:b3:d6:40:97:1d:36:d5:87:54:
42:88:cb:d5:e1:ec:30:2a:75:d6:d9:e2:86:53:f4:8b:f7:38:
23:78:c5:29:fb:af:82:4c:0d:c8:64:4f:52:5a:d7:b7:d1:d0:
35:63:79:12:f1:6f:9c:ce:0c:91:22:c8:47:8b:63:e5:91:6e:
ee:d7:50:c7:8b:13:40:ae:a6:63:c1:50:20:43:bd:9a:1d:27:
04:ae:91:82:67:1e:4a:0e:91:2b:9d:bf:5a:2a:4e:42:18:ef:
64:25:b0:61:61:08:91:85:a9:5f:84:5c:20:35:48:ce:09:92:
fa:9d:50:11
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEciYGUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMx
MzA5MDkyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDNkZDQ2YjVlNGRm
Y2VmYWMwMjU4OTE5ZjNmMGI2OGM1OTk3OTE3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJYFkIlVx0wjlXZYxzYwTBG+4dT49ho46vl1SdmotKJCsrFZ
+Dy+ASRvJLqjy58Z7w9wB9xWpuLkKVMvqkwicTTwa/JMBA7eKI9Dxrk1jqIFq9ej
/LcDChZQ1OKZkLjYA0dqnSLKYd2rif6gOm3rxfnV9qOxjWR2FTYOrlXh1SPEf4eR
ht+2nBb++ANvQMmkx0cS+2qC8Dt9BjvoI8zhY5w9DaoNlqxvTdEfgm2bGpxLeWx2
m6wqQaCllNUnsWB3g1OuVjNkIyvx+ieCP8ll6yqTVUWdsctSqh/u4LcNKvWAwRLk
sGou/1JdEM3sSffqYQ2WfbcKCDBu4N2ln4IdlY8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTT3Ua15N/O+sAliRnz8LaMWZeRdDAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
LzA5MUd0ZVRmenZyQUpZa1o4X0MyakZtWGtYUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQA8JAskTKhn3k4x2gIoIhD1QdiP//XJesWkfa1j
8SSGb/Thb+NXVS+zM5u22YL77810LcLCxuq6wpmk7qL1iGwNMq+OC+/x2RqcNa6M
Ry0rABTNX0XE7swUStjbABsC8XswMxCI44vxl5YPDPNUzM9gUudJGwe6EsqjKon9
PtRbO911DI1P+k+z1kCXHTbVh1RCiMvV4ewwKnXW2eKGU/SL9zgjeMUp+6+CTA3I
ZE9SWte30dA1Y3kS8W+czgyRIshHi2PlkW7u11DHixNArqZjwVAgQ72aHScErpGC
Zx5KDpErnb9aKk5CGO9kJbBhYQiRhalfhFwgNUjOCZL6nVAR
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:21:01 2025 by rpki-client