Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2B7VEUaJvN-HY3bg0wAdkjzuouU.roa
File: 2B7VEUaJvN-HY3bg0wAdkjzuouU.roa (raw, json)
Hash identifier: kQcUZET24WV553YM9ZVfXoptuX/pqdc8nH8kCnFAmEI=
Subject key identifier: D8:1E:D5:11:46:89:BC:DF:87:63:76:E0:D3:00:1D:92:3C:EE:A2:E5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018559114414CB45010049E31E21BBE9220D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2B7VEUaJvN-HY3bg0wAdkjzuouU.roa
Signing time: Wed 28 Dec 2022 14:09:41 +0000
ROA not before: Wed 28 Dec 2022 14:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:59:11:44:14:cb:45:01:00:49:e3:1e:21:bb:e9:22:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 28 14:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d81ed5114689bcdf876376e0d3001d923ceea2e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c8:14:0d:c0:40:d4:c0:e7:b5:ac:b2:19:d6:
46:c8:38:bb:b1:7f:76:a3:f2:6d:71:57:e5:fe:0b:
66:9d:42:c0:1b:08:41:73:c1:12:95:1d:9b:80:5f:
51:34:56:d0:d5:b1:f9:60:c8:11:03:6c:46:11:1d:
36:00:28:15:0f:1a:b4:6e:cf:5a:90:06:43:63:3b:
5d:9c:47:83:be:20:fd:7e:4e:46:5f:0d:28:e1:e5:
49:06:39:0e:6c:29:9b:74:60:5b:85:03:77:d6:42:
92:c4:a5:65:b1:32:fb:70:2f:74:2e:ec:1f:d4:6e:
4a:69:0a:d8:02:bd:12:f2:2d:79:37:c1:78:d6:a9:
03:46:dd:ff:1c:89:6e:09:4a:37:4a:24:bb:5d:5c:
58:1a:a9:26:c6:e2:10:9e:f9:dd:17:e9:ba:57:7a:
a5:e2:ff:15:e2:89:35:9d:3b:bb:41:14:24:a9:7f:
4b:04:ec:7e:1c:73:1f:3f:b7:5c:65:19:21:46:10:
a1:7b:c1:e1:87:0c:78:97:51:a0:fe:d4:6b:a7:f0:
88:b6:ce:36:19:d4:0e:13:ac:33:83:0c:c1:65:85:
85:5b:ff:e2:24:70:f2:d8:07:e9:41:36:6f:33:10:
d9:57:a3:15:c6:c1:73:a0:f9:0b:49:da:5d:93:38:
10:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:1E:D5:11:46:89:BC:DF:87:63:76:E0:D3:00:1D:92:3C:EE:A2:E5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2B7VEUaJvN-HY3bg0wAdkjzuouU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:19:4a:74:84:2c:2e:a0:2a:46:78:32:2d:68:b6:d1:dd:c7:
16:f1:d4:02:6b:bb:79:67:cc:d7:b6:fb:57:b2:f4:3c:2f:0d:
90:25:c4:b5:5e:f2:de:26:c0:95:be:19:26:2d:bb:ed:c8:05:
6e:95:ff:42:ed:5e:74:dc:36:02:c9:13:35:af:6f:4c:25:28:
8d:78:2c:df:37:20:24:e8:03:8b:3f:ae:84:f4:46:86:bb:aa:
fe:89:5f:8e:0f:0d:1e:57:bd:92:cb:af:e2:e3:e7:6b:40:54:
d1:bc:41:af:1d:f3:0d:58:13:06:fe:81:eb:31:2e:98:00:e9:
e4:e2:d3:d5:f5:1e:03:0f:24:7b:28:ce:98:a6:83:92:fc:53:
0a:b0:1a:eb:43:b3:77:f4:cb:35:f3:d3:34:bd:70:89:12:ea:
b1:59:dd:3d:b6:47:f1:77:c2:e6:4a:a9:7f:e8:53:a2:ec:41:
f7:ca:7e:12:9e:d5:c3:88:50:61:90:72:56:28:ab:a8:61:b6:
36:9a:81:56:e5:d1:2f:78:81:a3:1d:f2:a3:d2:3a:32:6c:b5:
20:21:17:1e:01:cd:85:e9:ac:90:d4:46:d0:d1:98:24:ca:8c:
4e:ab:13:53:7c:56:ea:f2:94:05:a1:15:34:50:28:c5:e7:3a:
35:38:46:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVZEUQUy0UBAEnjHiG76SINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI4MTQwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODFlZDUxMTQ2ODliY2RmODc2Mzc2ZTBkMzAwMWQ5MjNjZWVhMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8gUDcBA1MDntayyGdZGyDi7sX92
o/JtcVfl/gtmnULAGwhBc8ESlR2bgF9RNFbQ1bH5YMgRA2xGER02ACgVDxq0bs9a
kAZDYztdnEeDviD9fk5GXw0o4eVJBjkObCmbdGBbhQN31kKSxKVlsTL7cC90Luwf
1G5KaQrYAr0S8i15N8F41qkDRt3/HIluCUo3SiS7XVxYGqkmxuIQnvndF+m6V3ql
4v8V4ok1nTu7QRQkqX9LBOx+HHMfP7dcZRkhRhChe8Hhhwx4l1Gg/tRrp/CIts42
GdQOE6wzgwzBZYWFW//iJHDy2AfpQTZvMxDZV6MVxsFzoPkLSdpdkzgQbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNge1RFGibzfh2N24NMAHZI87qLlMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMkI3VkVVYUp2Ti1IWTNiZzB3QWRranp1b3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE4ZSnSELC6gKkZ4Mi1o
ttHdxxbx1AJru3lnzNe2+1ey9DwvDZAlxLVe8t4mwJW+GSYtu+3IBW6V/0LtXnTc
NgLJEzWvb0wlKI14LN83ICToA4s/roT0Roa7qv6JX44PDR5XvZLLr+Lj52tAVNG8
Qa8d8w1YEwb+gesxLpgA6eTi09X1HgMPJHsozpimg5L8UwqwGutDs3f0yzXz0zS9
cIkS6rFZ3T22R/F3wuZKqX/oU6LsQffKfhKe1cOIUGGQclYoq6hhtjaagVbl0S94
gaMd8qPSOjJstSAhFx4BzYXprJDURtDRmCTKjE6rE1N8VurylAWhFTRQKMXnOjU4
RvI=
-----END CERTIFICATE-----
Generated at Fri May 2 14:26:24 2025 by rpki-client