Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1kxjaJFJJZsQryWbLTPP50aiDbs.roa
File: 1kxjaJFJJZsQryWbLTPP50aiDbs.roa (raw, json)
Hash identifier: 6yhjW9QiqiApX+Hv3Abj+wg2+247vcjq3lyJT/TU/nI=
Subject key identifier: D6:4C:63:68:91:49:25:9B:10:AF:25:9B:2D:33:CF:E7:46:A2:0D:BB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 78533F2E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1kxjaJFJJZsQryWbLTPP50aiDbs.roa
Signing time: Mon 04 Apr 2022 10:04:27 +0000
ROA not before: Mon 04 Apr 2022 10:04:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:f408:6bb9/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2018721582 (0x78533f2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 4 10:04:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d64c63689149259b10af259b2d33cfe746a20dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:b9:25:e3:3b:2f:09:69:aa:6c:7f:69:7f:a8:
55:52:d7:f6:2f:c4:d2:26:53:bf:cf:ea:b5:4c:60:
dc:3e:3c:2f:b8:bc:21:ad:88:95:e6:0c:48:e7:45:
96:5f:54:c1:11:3e:b4:f3:82:af:78:92:cc:42:46:
21:a8:ff:b0:60:06:43:ab:71:94:04:cb:ef:bc:72:
87:fa:40:18:59:9a:2d:80:d3:06:da:28:94:17:10:
44:85:63:88:0b:fb:ae:3f:a5:a8:09:7a:5a:10:c3:
ef:8f:a4:99:a4:15:65:06:fb:74:92:1d:d8:c3:27:
dd:f9:57:6e:2d:6c:64:ed:69:30:e1:47:43:a1:c6:
dd:3a:4f:15:24:51:15:cb:2a:43:8e:5e:b1:67:c7:
82:4e:74:a3:e8:f6:4a:8e:a0:17:7f:8f:47:1b:73:
4f:d6:fe:77:35:d7:0a:d5:5f:39:a9:92:4f:7e:d6:
eb:42:ea:5e:e6:e4:f8:03:1b:f9:1f:26:3c:c5:f5:
38:55:49:69:51:0b:74:1e:6c:05:4d:9e:ed:47:cd:
ed:6a:e8:68:19:f4:94:d6:ed:11:48:6d:33:15:1c:
61:4a:41:29:91:64:d5:69:19:7b:b4:c3:71:48:05:
5d:33:69:a5:b2:1d:64:81:b0:74:85:3b:10:04:da:
44:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:4C:63:68:91:49:25:9B:10:AF:25:9B:2D:33:CF:E7:46:A2:0D:BB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1kxjaJFJJZsQryWbLTPP50aiDbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:5f:c7:f9:61:ef:36:15:4c:1b:27:70:c3:d2:e4:be:ca:66:
88:dc:c6:66:7e:46:48:1a:d4:60:1f:01:72:bf:88:ae:2c:b2:
79:25:d9:ad:76:40:7b:6c:04:b2:e9:e3:26:19:9b:17:8a:f3:
f2:c2:6c:cf:9a:b8:b6:b1:89:e3:d2:4d:6c:20:30:83:25:35:
9a:9d:ac:01:2e:1f:01:92:c5:8a:cc:e2:8b:42:0e:c4:ac:a9:
08:3c:23:fc:7e:74:43:84:b0:ce:e2:12:ff:d5:ea:6b:5c:07:
49:67:75:d7:43:01:db:e9:45:87:89:30:c0:63:82:48:3f:ed:
ec:cd:1b:5b:2b:04:8e:14:bf:d5:b5:66:a5:09:32:4d:a5:6a:
e0:45:25:20:6a:90:d2:14:86:09:a5:8d:0d:bb:18:3a:db:64:
45:3f:64:6b:b8:24:8d:78:d7:3f:41:16:18:c6:1c:b8:0d:00:
d0:28:a6:ee:b5:81:52:b2:8d:fb:af:cf:5a:ad:4c:0a:a7:70:
e6:2a:2f:4c:dd:a8:6b:cc:a2:3e:11:91:44:7a:ae:2a:c8:13:
1a:80:c9:f0:56:0d:ea:f1:04:da:90:a0:cf:c1:7b:30:a3:79:
b0:a3:dd:7a:80:23:d6:01:42:df:1f:0d:b5:51:77:04:46:66:
80:10:d6:22
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEeFM/LjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQw
NDEwMDQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDY0YzYzNjg5MTQ5
MjU5YjEwYWYyNTliMmQzM2NmZTc0NmEyMGRiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPC5JeM7Lwlpqmx/aX+oVVLX9i/E0iZTv8/qtUxg3D48L7i8
Ia2IleYMSOdFll9UwRE+tPOCr3iSzEJGIaj/sGAGQ6txlATL77xyh/pAGFmaLYDT
BtoolBcQRIVjiAv7rj+lqAl6WhDD74+kmaQVZQb7dJId2MMn3flXbi1sZO1pMOFH
Q6HG3TpPFSRRFcsqQ45esWfHgk50o+j2So6gF3+PRxtzT9b+dzXXCtVfOamST37W
60LqXubk+AMb+R8mPMX1OFVJaVELdB5sBU2e7UfN7WroaBn0lNbtEUhtMxUcYUpB
KZFk1WkZe7TDcUgFXTNppbIdZIGwdIU7EATaRP8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTWTGNokUklmxCvJZstM8/nRqINuzAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
LzFreGphSkZKSlpzUXJ5V2JMVFBQNTBhaURicy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQCPX8f5Ye82FUwbJ3DD0uS+ymaI3MZmfkZIGtRg
HwFyv4iuLLJ5JdmtdkB7bASy6eMmGZsXivPywmzPmri2sYnj0k1sIDCDJTWanawB
Lh8BksWKzOKLQg7ErKkIPCP8fnRDhLDO4hL/1eprXAdJZ3XXQwHb6UWHiTDAY4JI
P+3szRtbKwSOFL/VtWalCTJNpWrgRSUgapDSFIYJpY0Nuxg622RFP2RruCSNeNc/
QRYYxhy4DQDQKKbutYFSso37r89arUwKp3DmKi9M3ahrzKI+EZFEeq4qyBMagMnw
Vg3q8QTakKDPwXswo3mwo916gCPWAULfHw21UXcERmaAENYi
-----END CERTIFICATE-----
Generated at Thu May 1 20:38:27 2025 by rpki-client