Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/25qFA12ecYETIsA-FqMYJXz2pWw.roa
File: 25qFA12ecYETIsA-FqMYJXz2pWw.roa (raw, json)
Hash identifier: aPSA+N17lO1iiyUOjlN/SkaW2DptKxmBuT91euQXL2w=
Subject key identifier: DB:9A:85:03:5D:9E:71:81:13:22:C0:3E:16:A3:18:25:7C:F6:A5:6C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 7BD2AB9D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/25qFA12ecYETIsA-FqMYJXz2pWw.roa
Signing time: Sat 16 Apr 2022 16:09:56 +0000
ROA not before: Sat 16 Apr 2022 16:09:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2077404061 (0x7bd2ab9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 16 16:09:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db9a85035d9e71811322c03e16a318257cf6a56c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:17:62:34:f7:ee:d4:fa:73:0d:a2:71:1c:2b:
2d:5f:09:be:72:ea:3f:76:0e:80:15:02:f1:43:9b:
aa:84:8e:5a:67:8f:73:2e:86:1f:5a:d2:10:ef:d7:
fc:76:5d:a9:d9:08:92:a0:ec:d5:8a:09:a6:e3:c8:
70:43:fc:5e:f4:91:1b:7c:72:28:a4:7f:bb:a3:44:
fc:b4:65:0e:0a:99:86:17:33:c3:95:78:7f:24:84:
32:26:3c:57:2c:d9:34:0f:40:41:53:d5:be:61:a8:
41:7f:7d:df:74:25:fb:e4:12:57:79:95:fa:e1:8d:
ee:c2:f8:60:d2:f2:6a:9d:c7:80:8b:26:30:49:79:
6e:e5:aa:0a:d6:07:b4:19:a8:40:d1:82:4e:f5:7d:
49:de:86:c7:df:6a:a4:6d:b1:d7:b8:f3:f8:d4:f6:
d3:54:22:4f:b7:c5:5b:86:e3:f2:96:49:f7:b8:4b:
83:a0:ec:8a:61:4a:33:2b:fe:81:d1:4d:2b:41:fa:
22:33:c4:15:11:af:86:18:31:b5:2e:ce:04:fe:74:
08:72:bc:e7:9c:67:8a:d4:bf:dd:a0:cf:bb:c5:78:
fe:3a:8e:2a:f1:b0:3f:7f:42:99:0f:4a:7e:8f:87:
e4:f6:ec:ba:41:eb:14:2e:cb:23:3b:29:c9:ea:25:
96:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:9A:85:03:5D:9E:71:81:13:22:C0:3E:16:A3:18:25:7C:F6:A5:6C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/25qFA12ecYETIsA-FqMYJXz2pWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:dc:9e:d2:b5:bc:bc:f4:72:c3:32:5a:dc:63:5a:e5:a9:fb:
74:4b:39:15:f5:ce:56:d4:e8:77:ab:01:76:3e:b4:2d:50:c9:
91:c6:ad:8e:56:b3:41:43:7e:2a:6b:a2:90:3f:9c:22:db:cb:
05:2e:f1:85:f9:2c:60:00:43:a3:75:8b:c6:2a:4f:8b:5e:25:
0e:ae:c8:a0:e8:00:c5:57:92:47:1e:e6:51:59:e1:71:24:a4:
08:5c:0a:00:69:b6:ff:9d:3a:34:dd:ed:99:5c:6a:f3:73:48:
8d:d6:b1:47:b6:bf:5a:ae:98:1c:48:06:0d:fd:a7:a5:88:d0:
09:0b:d3:a4:9d:4d:c0:35:12:d0:f0:64:ff:f2:31:30:d4:97:
a6:a6:b6:4d:55:33:7b:3f:35:af:6d:34:f9:27:e8:1c:93:a8:
42:39:16:08:92:2d:4d:6d:f0:fb:d0:4d:40:b5:7b:09:18:20:
8a:fb:a4:9a:53:bb:76:92:5c:22:8b:12:88:d2:47:30:e0:67:
f9:74:39:17:25:55:6e:cc:95:e9:6c:f2:da:04:e7:38:06:70:
9d:fd:6a:1c:a4:4a:03:42:0a:44:b9:0f:b8:69:82:41:3d:01:
3c:aa:94:2f:82:7f:dc:41:09:28:f8:af:8e:d1:f0:61:3e:12:
c6:db:35:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEe9KrnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQx
NjE2MDk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI5YTg1MDM1ZDll
NzE4MTEzMjJjMDNlMTZhMzE4MjU3Y2Y2YTU2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkXYjT37tT6cw2icRwrLV8JvnLqP3YOgBUC8UObqoSOWmeP
cy6GH1rSEO/X/HZdqdkIkqDs1YoJpuPIcEP8XvSRG3xyKKR/u6NE/LRlDgqZhhcz
w5V4fySEMiY8VyzZNA9AQVPVvmGoQX9933Ql++QSV3mV+uGN7sL4YNLyap3HgIsm
MEl5buWqCtYHtBmoQNGCTvV9Sd6Gx99qpG2x17jz+NT201QiT7fFW4bj8pZJ97hL
g6DsimFKMyv+gdFNK0H6IjPEFRGvhhgxtS7OBP50CHK855xnitS/3aDPu8V4/jqO
KvGwP39CmQ9Kfo+H5PbsukHrFC7LIzspyeollgsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTbmoUDXZ5xgRMiwD4WoxglfPalbDAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
LzI1cUZBMTJlY1lFVElzQS1GcU1ZSlh6MnBXdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQAO3J7Stby89HLDMlrcY1rlqft0SzkV9c5W1Oh3
qwF2PrQtUMmRxq2OVrNBQ34qa6KQP5wi28sFLvGF+SxgAEOjdYvGKk+LXiUOrsig
6ADFV5JHHuZRWeFxJKQIXAoAabb/nTo03e2ZXGrzc0iN1rFHtr9arpgcSAYN/ael
iNAJC9OknU3ANRLQ8GT/8jEw1JemprZNVTN7PzWvbTT5J+gck6hCORYIki1NbfD7
0E1AtXsJGCCK+6SaU7t2klwiixKI0kcw4Gf5dDkXJVVuzJXpbPLaBOc4BnCd/Woc
pEoDQgpEuQ+4aYJBPQE8qpQvgn/cQQko+K+O0fBhPhLG2zXB
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:39:15 2025 by rpki-client