Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1qB7MKGZ9lbm7gKHA4mzt-DM7nk.roa
File: 1qB7MKGZ9lbm7gKHA4mzt-DM7nk.roa (raw, json)
Hash identifier: iCYEmxy5uKRBWy7yT1jDIHdY9L6p4pTe3zjH9HrhbRA=
Subject key identifier: D6:A0:7B:30:A1:99:F6:56:E6:EE:02:87:03:89:B3:B7:E0:CC:EE:79
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183F32CF0DB2066C1FB5EF10AEAD86112B9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1qB7MKGZ9lbm7gKHA4mzt-DM7nk.roa
Signing time: Thu 20 Oct 2022 02:15:52 +0000
ROA not before: Thu 20 Oct 2022 02:15:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f3:2c:f0:db:20:66:c1:fb:5e:f1:0a:ea:d8:61:12:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 20 02:15:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6a07b30a199f656e6ee02870389b3b7e0ccee79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c3:dd:5b:63:33:31:89:45:60:b1:5a:16:b4:
e5:9c:95:65:b7:ba:db:54:36:51:39:85:43:2a:36:
c7:4e:2c:7f:30:e0:d9:7f:b9:dd:a7:8a:c2:32:88:
01:49:d2:c7:b2:b5:20:cf:6a:d0:05:bb:01:58:63:
67:90:06:c2:25:13:f2:d6:73:24:9f:b3:ae:47:67:
2e:15:86:19:1e:dc:d9:c3:f9:62:20:5a:63:56:22:
63:64:b7:98:9a:3d:6c:d8:9c:c6:2d:9a:af:c9:e3:
45:65:d4:cc:28:2e:ad:5a:68:01:ca:d6:67:eb:60:
8c:bc:0f:ff:60:fa:a8:dd:02:bd:ba:97:43:0c:7c:
a7:a1:a5:01:48:a5:4c:a9:02:73:ed:f0:32:d2:70:
c6:83:80:6c:dd:4f:a6:10:5a:10:28:84:8d:7b:ad:
13:a2:65:cd:83:35:1a:4f:fe:34:8f:53:da:4e:44:
34:7c:94:dc:a7:ca:91:99:4e:7a:4f:d3:bf:0f:48:
0d:b2:b4:e3:9b:7f:5a:c2:6b:b3:48:34:d8:7f:23:
be:dd:b5:e6:37:eb:ed:ba:51:20:9b:6b:7a:18:d9:
55:23:60:c9:73:c1:67:62:20:82:f5:a7:e9:f3:4c:
5c:de:65:a8:a3:46:e6:a0:6b:0b:a7:53:ff:da:4b:
7f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A0:7B:30:A1:99:F6:56:E6:EE:02:87:03:89:B3:B7:E0:CC:EE:79
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1qB7MKGZ9lbm7gKHA4mzt-DM7nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b4:36:42:6e:ec:43:d7:d7:6c:18:2b:a1:7d:3c:90:9f:fe:79:
56:d3:11:b7:35:a4:1d:34:65:ea:fc:76:84:ed:d6:70:75:4d:
63:a0:1f:9a:c8:35:92:81:2f:ab:b4:cb:5e:c3:43:cd:ab:b7:
e1:3e:5c:c7:97:93:2c:f0:fb:44:11:71:29:3b:cf:76:6a:23:
9e:4a:70:a1:69:49:0e:1d:94:9d:60:94:56:78:c1:f1:d3:a0:
4e:86:4d:1a:39:c9:da:83:b1:a9:78:d8:7c:71:a0:2e:72:f0:
be:b1:5b:66:f7:48:04:d5:eb:ca:b5:89:8d:0c:ac:99:05:28:
e8:10:75:89:be:c6:7c:ad:d7:02:76:88:41:da:6d:e9:a9:b6:
78:83:2f:4c:a2:1d:45:0e:f5:4a:40:1b:92:d2:4f:07:6d:fa:
14:44:5b:9e:c2:31:91:87:c2:21:ee:a5:2e:94:48:3e:66:e5:
9c:03:88:40:07:74:49:60:e9:bc:90:87:5d:03:b1:da:e7:8b:
11:4e:d2:5d:93:f8:3e:ed:2f:d0:f2:13:79:c2:5e:14:14:07:
ea:e5:5d:be:d0:72:e3:5c:db:49:6d:e1:7f:5d:ae:8f:19:13:
fe:ce:4b:84:02:1b:be:c6:0a:6b:b1:bb:2f:bb:13:56:36:95:
f2:9d:97:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYPzLPDbIGbB+17xCurYYRK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDIwMDIxNTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmEwN2IzMGExOTlmNjU2ZTZlZTAyODcwMzg5YjNiN2UwY2NlZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsPdW2MzMYlFYLFaFrTlnJVlt7rb
VDZROYVDKjbHTix/MODZf7ndp4rCMogBSdLHsrUgz2rQBbsBWGNnkAbCJRPy1nMk
n7OuR2cuFYYZHtzZw/liIFpjViJjZLeYmj1s2JzGLZqvyeNFZdTMKC6tWmgBytZn
62CMvA//YPqo3QK9updDDHynoaUBSKVMqQJz7fAy0nDGg4Bs3U+mEFoQKISNe60T
omXNgzUaT/40j1PaTkQ0fJTcp8qRmU56T9O/D0gNsrTjm39awmuzSDTYfyO+3bXm
N+vtulEgm2t6GNlVI2DJc8FnYiCC9afp80xc3mWoo0bmoGsLp1P/2kt/4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNagezChmfZW5u4ChwOJs7fgzO55MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMXFCN01LR1o5bGJtN2dLSEE0bXp0LURNN25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALQ2Qm7sQ9fXbBgroX08
kJ/+eVbTEbc1pB00Zer8doTt1nB1TWOgH5rINZKBL6u0y17DQ82rt+E+XMeXkyzw
+0QRcSk7z3ZqI55KcKFpSQ4dlJ1glFZ4wfHToE6GTRo5ydqDsal42HxxoC5y8L6x
W2b3SATV68q1iY0MrJkFKOgQdYm+xnyt1wJ2iEHabemptniDL0yiHUUO9UpAG5LS
Twdt+hREW57CMZGHwiHupS6USD5m5ZwDiEAHdElg6byQh10DsdrnixFO0l2T+D7t
L9DyE3nCXhQUB+rlXb7QcuNc20lt4X9dro8ZE/7OS4QCG77GCmuxuy+7E1Y2lfKd
l8o=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:23:33 2025 by rpki-client