Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/20qkUDRx5awThVYPmSyT5pburDk.roa
File: 20qkUDRx5awThVYPmSyT5pburDk.roa (raw, json)
Hash identifier: ptmhcdmxi58cKD6Z6GFL+fdb/1vb5ahqlQuTWyXztrU=
Subject key identifier: DB:4A:A4:50:34:71:E5:AC:13:85:56:0F:99:2C:93:E6:96:EE:AC:39
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6842A0AF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/20qkUDRx5awThVYPmSyT5pburDk.roa
Signing time: Sat 05 Feb 2022 23:17:29 +0000
ROA not before: Sat 05 Feb 2022 23:17:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17e:a0dd:2f5b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1749196975 (0x6842a0af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 5 23:17:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db4aa4503471e5ac1385560f992c93e696eeac39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e8:4c:f4:2f:5a:c4:d5:36:32:58:31:c9:a8:
ec:7c:2e:b8:1d:a2:b1:e3:8c:14:c0:16:d5:d8:66:
07:7b:ec:c4:0a:74:5d:4a:e6:86:f9:26:d2:74:dd:
95:23:79:cc:74:06:a4:70:5e:d9:4a:96:8b:89:34:
bd:c4:70:5b:ae:40:b5:e0:23:96:f1:5b:c2:57:7d:
97:ba:33:ce:5d:c2:60:5d:ff:c7:5c:1c:33:72:bb:
a9:6f:67:85:22:f8:6d:eb:94:7a:2e:7c:8b:56:c6:
28:e8:6f:1b:f8:9f:74:47:3e:50:f9:7a:35:1c:5a:
69:cc:af:d0:2b:5a:07:d0:87:9b:e6:05:b1:f9:a8:
08:31:ee:28:f0:cc:5d:fe:3c:fe:7b:fd:f0:50:00:
f5:1d:83:9c:58:0f:29:69:cd:7d:e1:7b:a8:6d:41:
ff:e8:f8:1d:e0:ba:e5:71:c2:06:c7:29:93:6f:0d:
f6:32:d2:2c:61:06:94:db:e2:92:a2:6e:29:0a:88:
0f:c6:f7:0a:6d:c5:a0:5a:81:a0:0d:3c:87:96:2e:
04:c8:1d:27:ec:b0:87:ee:82:9b:8f:cd:39:5f:91:
43:ec:66:97:5b:31:3f:fb:06:c0:7a:c0:fe:f4:06:
62:4b:a6:0a:1d:d9:bc:22:84:6e:16:fd:d3:65:33:
ef:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4A:A4:50:34:71:E5:AC:13:85:56:0F:99:2C:93:E6:96:EE:AC:39
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/20qkUDRx5awThVYPmSyT5pburDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:43:a0:10:91:31:a0:3f:e3:84:d1:2d:f8:35:ce:c4:25:2c:
3d:81:3a:7d:70:ad:c2:bf:b6:de:08:2b:0a:19:e8:77:a3:6e:
c9:ae:c1:32:3f:9e:eb:45:2d:46:1d:d8:fc:27:e8:77:61:ba:
90:15:ae:42:27:74:22:88:33:5d:4c:f6:f2:8e:88:b2:b3:a2:
3b:a9:af:c2:2a:41:4e:d1:51:db:a5:82:59:f5:e7:4d:02:7a:
28:08:15:49:94:2f:24:ad:4a:33:a2:e2:70:cf:da:2c:0e:30:
a5:99:2d:e7:11:66:9a:e6:47:94:38:e8:7e:54:44:80:92:68:
7d:f7:5b:13:9c:9e:22:84:eb:3c:2e:0e:cb:c7:24:2d:e2:47:
80:ff:a1:18:d2:84:c4:db:4b:ea:f0:9e:0f:ae:ab:14:a9:03:
d8:64:25:f6:04:be:a1:c5:46:fe:f3:2e:c4:9d:7f:91:e5:72:
42:24:ad:e2:f7:34:17:2a:28:36:f6:31:25:87:f0:29:f6:56:
1d:35:1a:8c:b2:4e:80:a9:2f:70:fa:27:19:a8:a4:81:b6:eb:
5c:29:63:af:7e:39:0d:c2:1d:eb:21:45:3e:d5:ea:4d:4e:a3:
56:c8:cf:6c:43:78:35:1a:11:b3:b8:6f:cf:78:5c:0a:56:8c:
64:ea:81:fa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEaEKgrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIw
NTIzMTcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI0YWE0NTAzNDcx
ZTVhYzEzODU1NjBmOTkyYzkzZTY5NmVlYWMzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANPoTPQvWsTVNjJYMcmo7HwuuB2iseOMFMAW1dhmB3vsxAp0
XUrmhvkm0nTdlSN5zHQGpHBe2UqWi4k0vcRwW65AteAjlvFbwld9l7ozzl3CYF3/
x1wcM3K7qW9nhSL4beuUei58i1bGKOhvG/ifdEc+UPl6NRxaacyv0CtaB9CHm+YF
sfmoCDHuKPDMXf48/nv98FAA9R2DnFgPKWnNfeF7qG1B/+j4HeC65XHCBscpk28N
9jLSLGEGlNvikqJuKQqID8b3Cm3FoFqBoA08h5YuBMgdJ+ywh+6Cm4/NOV+RQ+xm
l1sxP/sGwHrA/vQGYkumCh3ZvCKEbhb902Uz73ECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTbSqRQNHHlrBOFVg+ZLJPmlu6sOTAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
LzIwcWtVRFJ4NWF3VGhWWVBtU3lUNXBidXJEay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBFQ6AQkTGgP+OE0S34Nc7EJSw9gTp9cK3Cv7be
CCsKGeh3o27JrsEyP57rRS1GHdj8J+h3YbqQFa5CJ3QiiDNdTPbyjoiys6I7qa/C
KkFO0VHbpYJZ9edNAnooCBVJlC8krUozouJwz9osDjClmS3nEWaa5keUOOh+VESA
kmh991sTnJ4ihOs8Lg7LxyQt4keA/6EY0oTE20vq8J4PrqsUqQPYZCX2BL6hxUb+
8y7EnX+R5XJCJK3i9zQXKig29jElh/Ap9lYdNRqMsk6AqS9w+icZqKSBtutcKWOv
fjkNwh3rIUU+1epNTqNWyM9sQ3g1GhGzuG/PeFwKVoxk6oH6
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:33:57 2025 by rpki-client