Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1kJXXAmOG0hoUbzgqT8T7I7dYdA.roa
File: 1kJXXAmOG0hoUbzgqT8T7I7dYdA.roa (raw, json)
Hash identifier: bb9D7zmlgOwnfyTl27XvEEZQ8nRt7fOtcaC5lZ7NNRI=
Subject key identifier: D6:42:57:5C:09:8E:1B:48:68:51:BC:E0:A9:3F:13:EC:8E:DD:61:D0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2E90D995816849CDCA6AB99A001C9678
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1kJXXAmOG0hoUbzgqT8T7I7dYdA.roa
Signing time: Fri 25 Aug 2023 21:19:19 +0000
ROA not before: Fri 25 Aug 2023 21:19:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2e:90:d9:95:81:68:49:cd:ca:6a:b9:9a:00:1c:96:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 25 21:19:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d642575c098e1b486851bce0a93f13ec8edd61d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:62:64:f9:44:8e:34:c5:9a:7d:17:d2:a3:b7:
fe:b6:e6:60:73:68:ab:35:75:ad:5e:39:d1:8f:cd:
92:e6:a0:8b:22:f0:7c:20:0e:16:31:56:37:d0:88:
bb:07:49:01:56:13:f2:5a:66:00:b7:83:a4:c5:d7:
6a:07:7a:d4:0a:2f:ac:51:06:e5:5b:34:ab:12:60:
4a:b6:cd:2b:25:01:d3:c4:ce:0c:76:0c:45:90:e6:
f1:7d:25:89:2c:b4:c7:c4:f7:01:21:c7:4a:ea:92:
1b:cf:7b:b9:7b:a6:ae:b8:17:8e:ff:55:70:fd:09:
30:ee:29:46:44:32:f5:c1:c3:c2:3d:9b:d8:50:4f:
59:94:cf:75:5e:fb:06:83:18:39:a3:67:63:62:6a:
9f:aa:5e:9c:65:fc:0f:ad:69:17:4d:f3:d2:a0:f1:
90:aa:ec:0e:30:6a:0e:53:49:93:76:8a:94:ff:52:
ce:d5:cb:f2:d9:e5:63:ad:62:a3:96:cf:e9:9a:c7:
f1:f0:df:0f:1d:21:25:48:0e:70:fe:ed:7a:eb:49:
64:5b:ce:d6:6b:5b:8e:ca:54:cc:be:ab:a5:cc:53:
75:a3:6f:be:c6:8c:f6:a1:bc:38:03:4b:e8:09:de:
1f:8d:72:d4:d3:15:f4:f3:7c:78:86:8b:1d:b4:3f:
60:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:42:57:5C:09:8E:1B:48:68:51:BC:E0:A9:3F:13:EC:8E:DD:61:D0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1kJXXAmOG0hoUbzgqT8T7I7dYdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:18:cd:70:5a:e1:63:1c:cb:02:23:cb:0f:69:c8:59:7c:49:
21:2f:47:6c:4e:0e:22:65:ed:18:a4:0f:b9:b5:f7:76:58:dc:
18:4a:09:7a:d7:c6:f8:a8:ff:84:81:a1:fa:3f:05:4f:ab:d3:
70:1a:53:f2:92:4d:39:0b:79:98:43:f7:a0:bb:d7:29:ca:94:
a3:fa:5c:1e:b8:39:77:90:ac:9b:b8:3d:17:9d:a3:0d:03:52:
f9:86:b6:8f:80:e2:a7:57:a7:b3:c9:1d:d2:17:53:4b:c1:6f:
cc:be:8f:76:f6:b1:53:5f:2b:7e:36:eb:d8:67:5b:c8:53:c4:
32:86:95:a5:a0:4e:9c:c2:ab:a0:87:8c:54:4c:3c:03:2c:dd:
ba:93:01:63:15:5d:f2:b0:a8:1e:a1:d6:8b:78:46:aa:2f:89:
fb:fd:d3:80:08:85:76:d6:ce:e8:80:19:31:7b:c6:eb:ff:bf:
ad:11:ca:4e:ae:13:5d:e3:97:b0:75:db:e4:e7:9b:7b:3f:33:
23:78:ea:ee:3f:ef:35:7a:2c:5c:61:ba:4b:df:d7:43:fa:68:
7e:00:75:cd:dc:35:2f:d1:84:cb:a1:13:a1:c1:45:01:57:0d:
5f:3e:0f:89:ad:97:42:dc:5a:5c:c6:39:29:b9:8f:f8:d1:86:
61:09:a5:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoukNmVgWhJzcpquZoAHJZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI1MjExOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQyNTc1YzA5OGUxYjQ4Njg1MWJjZTBhOTNmMTNlYzhlZGQ2MWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GJk+USONMWafRfSo7f+tuZgc2ir
NXWtXjnRj82S5qCLIvB8IA4WMVY30Ii7B0kBVhPyWmYAt4OkxddqB3rUCi+sUQbl
WzSrEmBKts0rJQHTxM4MdgxFkObxfSWJLLTHxPcBIcdK6pIbz3u5e6auuBeO/1Vw
/Qkw7ilGRDL1wcPCPZvYUE9ZlM91XvsGgxg5o2djYmqfql6cZfwPrWkXTfPSoPGQ
quwOMGoOU0mTdoqU/1LO1cvy2eVjrWKjls/pmsfx8N8PHSElSA5w/u1660lkW87W
a1uOylTMvqulzFN1o2++xoz2obw4A0voCd4fjXLU0xX083x4hosdtD9gkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNZCV1wJjhtIaFG84Kk/E+yO3WHQMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMWtKWFhBbU9HMGhvVWJ6Z3FUOFQ3STdkWWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI4YzXBa4WMcywIjyw9p
yFl8SSEvR2xODiJl7RikD7m193ZY3BhKCXrXxvio/4SBofo/BU+r03AaU/KSTTkL
eZhD96C71ynKlKP6XB64OXeQrJu4PRedow0DUvmGto+A4qdXp7PJHdIXU0vBb8y+
j3b2sVNfK34269hnW8hTxDKGlaWgTpzCq6CHjFRMPAMs3bqTAWMVXfKwqB6h1ot4
Rqovifv904AIhXbWzuiAGTF7xuv/v60Ryk6uE13jl7B12+Tnm3s/MyN46u4/7zV6
LFxhukvf10P6aH4Adc3cNS/RhMuhE6HBRQFXDV8+D4mtl0LcWlzGOSm5j/jRhmEJ
pcU=
-----END CERTIFICATE-----
Generated at Thu May 1 10:08:34 2025 by rpki-client