Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1KI3fHey7UpeFS5uo3WSLFZXbwY.roa
File: 1KI3fHey7UpeFS5uo3WSLFZXbwY.roa (raw, json)
Hash identifier: NyrCB9Em224+XxRgfBvfx9ENKIlV6jcemnphFiV2Ij0=
Subject key identifier: D4:A2:37:7C:77:B2:ED:4A:5E:15:2E:6E:A3:75:92:2C:56:57:6F:06
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01849CE3A824DCE1EE05D081734A0DAA7B70
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1KI3fHey7UpeFS5uo3WSLFZXbwY.roa
Signing time: Tue 22 Nov 2022 01:11:16 +0000
ROA not before: Tue 22 Nov 2022 01:11:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9c:e3:a8:24:dc:e1:ee:05:d0:81:73:4a:0d:aa:7b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 22 01:11:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4a2377c77b2ed4a5e152e6ea375922c56576f06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b9:24:8e:c0:02:d5:8f:95:fc:73:fd:a0:a2:
1c:b0:9e:c2:ea:97:a4:2e:c5:5c:dd:25:51:52:ea:
89:0e:2f:fa:c6:14:29:cc:86:a4:48:29:f9:c0:60:
ac:35:b0:9c:3e:53:bf:17:d6:c6:cd:e5:9e:c8:f3:
5f:93:64:e8:bd:82:e7:b1:17:92:cc:30:00:a0:80:
eb:93:4e:c8:75:47:17:79:8e:3c:5d:aa:db:62:ac:
49:a4:f4:3a:8d:94:a6:0f:5b:f0:32:7e:ac:c3:75:
fb:02:02:5d:51:5a:b7:6f:5b:8f:e9:03:6f:b1:65:
20:3c:23:ce:42:62:a2:b7:85:58:bf:24:37:8e:32:
8d:6e:74:35:0b:e0:f0:8b:a3:fe:3a:49:5c:f7:71:
2f:f1:af:78:64:d5:95:8b:05:7e:03:0a:fd:14:69:
c4:7c:68:4f:7c:74:93:6d:e5:08:42:ce:0c:ab:5d:
55:bf:00:c6:af:9f:c5:c3:de:8f:1d:9d:c6:d7:eb:
67:a9:cd:3c:b0:49:44:5f:dc:e5:20:4f:18:9d:d7:
30:89:6d:b6:08:d2:c7:3f:0e:c8:85:18:af:9c:ee:
56:52:3d:73:1e:d7:59:0b:2e:65:46:13:fc:dd:f9:
0c:ac:3e:6b:1c:2d:e9:cf:3d:5b:e4:91:a8:5f:ca:
49:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A2:37:7C:77:B2:ED:4A:5E:15:2E:6E:A3:75:92:2C:56:57:6F:06
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1KI3fHey7UpeFS5uo3WSLFZXbwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:b6:54:01:51:6a:7b:0b:cf:19:f4:86:e6:6b:ed:13:13:ec:
49:9c:70:7f:19:86:b7:af:b7:9c:dc:75:88:bf:a5:9d:f8:b6:
41:67:18:02:91:2b:ea:ff:d0:ee:02:b1:db:e8:5f:39:57:13:
34:cd:3a:53:27:1f:a6:3c:3f:3c:de:df:6b:2d:75:c3:61:bf:
c2:ee:8e:88:bf:d3:28:ed:9c:02:02:a2:d3:c8:62:64:f7:a0:
7d:7b:e1:ad:34:c4:bc:16:d7:35:cb:80:9d:61:b2:6c:aa:f0:
3f:e8:31:4f:71:ed:e0:00:f5:c1:fd:c8:ca:5e:19:64:b1:f3:
60:65:32:db:b3:9b:5a:c2:11:d4:d1:64:34:27:36:29:9d:91:
af:d3:83:8f:b6:ee:12:92:df:50:39:9e:4e:af:bf:c4:00:88:
2b:ea:75:02:5c:76:b6:cc:c6:48:b2:8a:78:7f:b1:a1:1f:44:
b9:c7:af:5e:df:21:e3:a8:62:81:f1:ea:4c:8b:19:d9:a9:e8:
c5:8f:5d:4b:2c:aa:ad:a0:50:ad:de:0b:27:37:6e:63:be:97:
bc:50:ae:47:a0:15:52:23:11:cf:f7:0f:82:b7:0a:33:f4:e6:
eb:d1:cf:8b:e8:17:8f:4c:71:8d:c3:27:98:89:65:6b:04:8e:
3d:86:ea:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYSc46gk3OHuBdCBc0oNqntwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTIyMDExMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGEyMzc3Yzc3YjJlZDRhNWUxNTJlNmVhMzc1OTIyYzU2NTc2ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrkkjsAC1Y+V/HP9oKIcsJ7C6pek
LsVc3SVRUuqJDi/6xhQpzIakSCn5wGCsNbCcPlO/F9bGzeWeyPNfk2TovYLnsReS
zDAAoIDrk07IdUcXeY48XarbYqxJpPQ6jZSmD1vwMn6sw3X7AgJdUVq3b1uP6QNv
sWUgPCPOQmKit4VYvyQ3jjKNbnQ1C+Dwi6P+Oklc93Ev8a94ZNWViwV+Awr9FGnE
fGhPfHSTbeUIQs4Mq11VvwDGr5/Fw96PHZ3G1+tnqc08sElEX9zlIE8YndcwiW22
CNLHPw7IhRivnO5WUj1zHtdZCy5lRhP83fkMrD5rHC3pzz1b5JGoX8pJrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNSiN3x3su1KXhUubqN1kixWV28GMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMUtJM2ZIZXk3VXBlRlM1dW8zV1NMRlpYYndZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGy2VAFRansLzxn0huZr
7RMT7EmccH8Zhrevt5zcdYi/pZ34tkFnGAKRK+r/0O4CsdvoXzlXEzTNOlMnH6Y8
Pzze32stdcNhv8Lujoi/0yjtnAICotPIYmT3oH174a00xLwW1zXLgJ1hsmyq8D/o
MU9x7eAA9cH9yMpeGWSx82BlMtuzm1rCEdTRZDQnNimdka/Tg4+27hKS31A5nk6v
v8QAiCvqdQJcdrbMxkiyinh/saEfRLnHr17fIeOoYoHx6kyLGdmp6MWPXUssqq2g
UK3eCyc3bmO+l7xQrkegFVIjEc/3D4K3CjP05uvRz4voF49McY3DJ5iJZWsEjj2G
6k8=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:33:33 2025 by rpki-client