Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1qAifHj50gkL6MfFRA0utW7JlKQ.roa
File: 1qAifHj50gkL6MfFRA0utW7JlKQ.roa (raw, json)
Hash identifier: tpLy5SEQPfKq0EbnH2IAmOClwweVksrEODfvV7DwRNk=
Subject key identifier: D6:A0:22:7C:78:F9:D2:09:0B:E8:C7:C5:44:0D:2E:B5:6E:C9:94:A4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018978957023D47B7CE1659F6EFFBB0A8695
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1qAifHj50gkL6MfFRA0utW7JlKQ.roa
Signing time: Fri 21 Jul 2023 13:13:26 +0000
ROA not before: Fri 21 Jul 2023 13:13:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:95:70:23:d4:7b:7c:e1:65:9f:6e:ff:bb:0a:86:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 21 13:13:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6a0227c78f9d2090be8c7c5440d2eb56ec994a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:52:26:04:87:e6:22:65:ed:26:79:49:cf:fa:
2f:e6:45:58:81:26:9b:ae:d4:e5:e7:2d:3c:38:30:
25:d5:dd:f1:93:a6:c5:a6:49:69:a5:50:c1:96:6f:
d0:47:1b:a4:86:a8:19:6f:d5:c0:3f:50:d1:58:d7:
87:f2:be:cd:69:4a:4a:4b:65:9c:a2:ce:0e:5e:97:
e2:ff:3e:06:9e:d9:ad:ea:47:69:ec:5e:6b:74:da:
ce:36:ef:9f:3a:f9:57:e0:4b:7c:7c:a8:ee:dc:b7:
bc:27:1a:90:e0:c1:60:85:e3:34:fe:d3:08:38:a5:
b6:55:8b:1a:79:77:2f:75:59:5d:16:6f:ac:9a:b7:
f9:59:6c:1f:29:bc:3e:85:c1:c3:f7:cd:39:dc:9f:
6b:7e:8b:9d:53:89:ce:51:0a:e4:30:b8:76:4c:25:
5a:ea:81:06:be:2d:33:be:62:e0:e3:69:5b:dc:ae:
51:fd:f2:87:9c:c9:1a:8f:68:97:3d:a9:0f:5d:f2:
a5:d1:ec:0a:63:74:67:59:26:0a:c3:3a:fc:56:5c:
f9:45:6f:a5:56:ee:59:fc:ab:9a:c1:35:03:c6:74:
f2:21:49:32:eb:44:5e:6c:1e:21:b3:20:c6:f2:54:
64:4b:d0:76:7a:31:b8:7c:04:0f:ff:b6:cb:f5:e4:
6a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A0:22:7C:78:F9:D2:09:0B:E8:C7:C5:44:0D:2E:B5:6E:C9:94:A4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1qAifHj50gkL6MfFRA0utW7JlKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:68:f0:be:02:8c:f3:4d:4d:d6:06:0f:51:32:d8:ea:e4:1d:
05:30:7e:07:5b:51:65:98:6a:6b:2a:f1:bf:0d:a3:0d:56:89:
bc:12:fd:9c:11:69:64:d7:89:55:cb:5e:86:92:80:0c:04:a5:
4a:c5:16:97:2a:67:ef:ca:c3:b2:2d:d9:d3:5e:d9:4f:73:96:
d3:d0:31:23:bb:24:a1:54:a3:fd:22:8a:ea:2d:bc:6d:07:79:
98:c0:6a:4c:07:77:cf:cf:3a:ef:c4:99:dd:aa:e6:7f:a9:be:
c8:a9:23:ee:55:ad:c0:ea:b5:b2:9e:0e:43:23:cf:cd:b4:d8:
d7:41:7d:34:5d:6b:7a:22:52:8a:ac:c1:47:ab:78:b5:8f:ca:
67:4f:b0:87:0b:ec:fc:a5:76:27:42:ae:8a:03:ce:19:7d:76:
31:94:eb:c2:88:5d:7e:9f:86:d3:cf:cb:4f:ba:3f:04:c1:b2:
9b:5f:9e:1d:95:5e:d6:bc:ae:da:46:e2:4d:4c:bf:97:8e:df:
c0:6a:db:f9:3f:ad:81:51:e2:e1:89:4e:96:1e:9b:af:bd:fd:
4f:48:aa:76:e9:bc:94:ab:13:2c:40:36:b9:71:0d:a6:77:67:
dd:a6:b4:10:c6:ae:5b:72:47:9e:9f:91:7a:9e:89:99:d2:b7:
fd:3e:d4:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYl4lXAj1Ht84WWfbv+7CoaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzIxMTMxMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmEwMjI3Yzc4ZjlkMjA5MGJlOGM3YzU0NDBkMmViNTZlYzk5NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFImBIfmImXtJnlJz/ov5kVYgSab
rtTl5y08ODAl1d3xk6bFpklppVDBlm/QRxukhqgZb9XAP1DRWNeH8r7NaUpKS2Wc
os4OXpfi/z4Gntmt6kdp7F5rdNrONu+fOvlX4Et8fKju3Le8JxqQ4MFgheM0/tMI
OKW2VYsaeXcvdVldFm+smrf5WWwfKbw+hcHD98053J9rfoudU4nOUQrkMLh2TCVa
6oEGvi0zvmLg42lb3K5R/fKHnMkaj2iXPakPXfKl0ewKY3RnWSYKwzr8Vlz5RW+l
Vu5Z/KuawTUDxnTyIUky60RebB4hsyDG8lRkS9B2ejG4fAQP/7bL9eRq7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNagInx4+dIJC+jHxUQNLrVuyZSkMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMXFBaWZIajUwZ2tMNk1mRlJBMHV0VzdKbEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGVo8L4CjPNNTdYGD1Ey
2OrkHQUwfgdbUWWYamsq8b8Now1WibwS/ZwRaWTXiVXLXoaSgAwEpUrFFpcqZ+/K
w7It2dNe2U9zltPQMSO7JKFUo/0iiuotvG0HeZjAakwHd8/POu/Emd2q5n+pvsip
I+5VrcDqtbKeDkMjz8202NdBfTRda3oiUoqswUereLWPymdPsIcL7PyldidCrooD
zhl9djGU68KIXX6fhtPPy0+6PwTBsptfnh2VXta8rtpG4k1Mv5eO38Bq2/k/rYFR
4uGJTpYem6+9/U9IqnbpvJSrEyxANrlxDaZ3Z92mtBDGrltyR56fkXqeiZnSt/0+
1CA=
-----END CERTIFICATE-----
Generated at Sun May 4 14:46:28 2025 by rpki-client