Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1nj6JqfTUssQ7OmUAifme7-Wndw.roa
File: 1nj6JqfTUssQ7OmUAifme7-Wndw.roa (raw, json)
Hash identifier: mk4zWrJU4aTF/EeNxdI2RSeNJMhxgfd8O9ijVpg0dOU=
Subject key identifier: D6:78:FA:26:A7:D3:52:CB:10:EC:E9:94:02:27:E6:7B:BF:96:9D:DC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185274ADBE76D01C0968EB0EC967797D778
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1nj6JqfTUssQ7OmUAifme7-Wndw.roa
Signing time: Sun 18 Dec 2022 22:11:35 +0000
ROA not before: Sun 18 Dec 2022 22:11:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:27:4a:db:e7:6d:01:c0:96:8e:b0:ec:96:77:97:d7:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 18 22:11:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d678fa26a7d352cb10ece9940227e67bbf969ddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:16:c1:0f:2b:70:bd:ea:d3:47:de:1d:1b:e2:
18:a9:54:f6:e5:77:2d:23:0f:77:47:a5:6f:d3:2d:
c1:f2:a4:92:68:06:7d:21:35:0e:0a:9e:14:7c:28:
9a:2e:ce:ff:aa:41:f3:34:66:ad:0c:8f:25:1b:c8:
fb:83:a3:8a:a1:a7:a0:aa:37:0b:0f:06:a4:a8:e0:
a4:8e:cb:05:16:27:a8:5e:b3:2a:6a:34:24:a4:88:
3c:35:46:d5:0b:e6:30:0c:d7:6a:d5:d4:7f:db:2e:
2a:9e:71:6b:d2:a6:52:0d:b3:32:ce:f8:cb:50:d2:
41:5a:9b:27:c8:f8:63:d2:ba:5d:60:e4:08:06:07:
61:2d:3f:10:ba:a6:1e:41:4e:89:39:ba:ab:5a:b4:
9e:f0:54:86:81:2e:fd:98:9b:ca:75:82:43:f6:1c:
f7:0f:32:24:d9:a5:b4:f6:85:b9:b2:de:36:9e:24:
0f:b8:c8:d9:38:16:9c:ee:60:05:f0:8e:8e:f3:b2:
09:bf:15:a7:c8:86:94:7e:84:e5:7e:b6:65:87:40:
72:17:99:83:57:eb:aa:37:46:14:d6:8d:f4:8a:15:
10:16:ca:f5:ba:65:e1:f0:ec:01:71:3d:1b:29:c8:
01:5d:18:fc:38:66:16:cb:7b:4f:c3:76:a2:15:fe:
92:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:78:FA:26:A7:D3:52:CB:10:EC:E9:94:02:27:E6:7B:BF:96:9D:DC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1nj6JqfTUssQ7OmUAifme7-Wndw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:56:ba:0f:9f:55:a1:42:a8:1a:e2:09:24:46:d2:aa:3f:98:
ed:2d:de:ea:59:83:64:22:85:ae:10:fd:f2:8d:e1:3a:08:34:
10:80:ff:70:c5:94:10:1a:f7:8b:d6:5e:ab:3b:5f:5d:4e:b1:
13:d9:3f:a4:28:bb:a5:a9:fd:5c:ca:66:08:6d:49:ae:20:86:
0b:f3:28:bc:7c:66:b8:4c:1e:da:46:41:5b:54:4b:0f:93:5d:
03:00:66:df:83:f2:7a:0a:cc:3c:5e:90:7c:d0:1c:cf:11:e5:
6f:f6:fb:9d:6a:4a:3a:c3:eb:49:f0:66:59:2f:c8:fc:b4:e0:
37:a0:e6:04:3e:df:5c:8b:06:48:38:e8:f3:01:68:a6:30:47:
16:82:43:e9:ef:99:81:0f:ba:41:3f:f1:5e:6b:36:6a:c1:52:
a9:c7:83:2b:a2:ab:86:39:b1:c9:58:a9:ad:a7:f9:f5:3f:bb:
cd:47:12:1a:a7:12:50:61:62:d6:fe:61:cf:fd:b5:99:cc:eb:
8c:21:bf:d8:86:42:8d:e8:32:0c:a4:5c:43:3e:de:07:bd:df:
37:cb:a6:e1:82:2c:8b:78:15:98:36:6a:7e:cd:a5:96:f9:21:
1d:79:81:d0:e7:e8:e1:d5:79:6d:e5:70:81:93:d2:56:47:af:
87:a4:36:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUnStvnbQHAlo6w7JZ3l9d4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE4MjIxMTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjc4ZmEyNmE3ZDM1MmNiMTBlY2U5OTQwMjI3ZTY3YmJmOTY5ZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixbBDytwverTR94dG+IYqVT25Xct
Iw93R6Vv0y3B8qSSaAZ9ITUOCp4UfCiaLs7/qkHzNGatDI8lG8j7g6OKoaegqjcL
DwakqOCkjssFFieoXrMqajQkpIg8NUbVC+YwDNdq1dR/2y4qnnFr0qZSDbMyzvjL
UNJBWpsnyPhj0rpdYOQIBgdhLT8QuqYeQU6JObqrWrSe8FSGgS79mJvKdYJD9hz3
DzIk2aW09oW5st42niQPuMjZOBac7mAF8I6O87IJvxWnyIaUfoTlfrZlh0ByF5mD
V+uqN0YU1o30ihUQFsr1umXh8OwBcT0bKcgBXRj8OGYWy3tPw3aiFf6SlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNZ4+ian01LLEOzplAIn5nu/lp3cMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMW5qNkpxZlRVc3NRN09tVUFpZm1lNy1XbmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGlWug+fVaFCqBriCSRG
0qo/mO0t3upZg2Qiha4Q/fKN4ToINBCA/3DFlBAa94vWXqs7X11OsRPZP6Qou6Wp
/VzKZghtSa4ghgvzKLx8ZrhMHtpGQVtUSw+TXQMAZt+D8noKzDxekHzQHM8R5W/2
+51qSjrD60nwZlkvyPy04Deg5gQ+31yLBkg46PMBaKYwRxaCQ+nvmYEPukE/8V5r
NmrBUqnHgyuiq4Y5sclYqa2n+fU/u81HEhqnElBhYtb+Yc/9tZnM64whv9iGQo3o
MgykXEM+3ge93zfLpuGCLIt4FZg2an7NpZb5IR15gdDn6OHVeW3lcIGT0lZHr4ek
NjM=
-----END CERTIFICATE-----
Generated at Fri May 2 02:44:45 2025 by rpki-client