Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2Cap_s2Nh0OESquUVAJfNLGRJQE.roa
File: 2Cap_s2Nh0OESquUVAJfNLGRJQE.roa (raw, json)
Hash identifier: QSjhMGkeF6cK66+ruFVq74JpzcBAZOSwzjMq24pIRVQ=
Subject key identifier: D8:26:A9:FE:CD:8D:87:43:84:4A:AB:94:54:02:5F:34:B1:91:25:01
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 82097CEB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2Cap_s2Nh0OESquUVAJfNLGRJQE.roa
Signing time: Sat 07 May 2022 21:10:14 +0000
ROA not before: Sat 07 May 2022 21:10:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2181659883 (0x82097ceb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 7 21:10:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d826a9fecd8d8743844aab9454025f34b1912501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e3:74:64:80:8c:a6:1e:db:a5:67:19:f3:5a:
d3:2d:dd:50:75:62:cc:09:71:48:31:e7:2b:8d:d2:
97:35:15:f7:cd:c8:ba:e7:9f:d8:76:91:ae:0e:09:
d9:7b:a4:83:7a:50:77:aa:d5:27:01:75:79:b7:99:
a9:c5:18:86:87:33:de:75:42:0a:2d:08:7d:5a:da:
0d:ad:50:39:e4:3b:ae:65:02:df:e8:71:cf:b0:9e:
10:37:02:a8:f5:21:12:a2:71:8f:a2:8d:40:79:93:
97:e9:5f:82:6c:f1:bc:1f:a3:e2:16:13:d1:dc:db:
10:50:20:06:9e:2e:44:49:a5:55:37:35:18:c2:95:
c0:47:e9:b3:53:c3:14:b9:bd:70:9a:bf:3a:1d:10:
3a:f1:7c:da:32:13:5d:d4:a8:ee:2c:94:bd:37:c6:
07:75:1d:5a:ef:c9:27:c4:82:8d:fa:6d:11:d7:52:
09:60:0b:78:56:0c:c2:e8:a6:b6:d8:9a:4d:2b:03:
ef:3c:05:31:11:d8:37:d6:9c:3d:46:01:4e:ec:b4:
65:2d:27:c8:52:23:54:db:07:00:4a:18:86:ea:fd:
42:22:65:bc:9a:ae:34:3a:6c:79:35:33:d5:3e:c5:
f6:24:35:ab:09:57:4c:4b:ee:e2:1e:7f:19:27:65:
45:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:26:A9:FE:CD:8D:87:43:84:4A:AB:94:54:02:5F:34:B1:91:25:01
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2Cap_s2Nh0OESquUVAJfNLGRJQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:66:21:f3:d4:a7:0b:27:6e:61:c0:9f:be:d7:c6:56:e7:e3:
31:d7:c3:16:54:53:df:4c:53:5b:ff:dc:72:16:a8:13:ab:87:
09:e4:f1:ba:b8:04:a0:bc:9c:05:21:c8:be:eb:3c:e9:93:d2:
cb:1f:dc:98:fe:b4:a7:8d:4b:d5:b6:9d:d5:c7:1d:3b:e5:1e:
2b:ee:12:b1:88:32:0d:9f:de:23:91:27:71:1b:0e:94:e4:41:
b6:44:93:69:5a:1c:8e:e4:47:a9:2d:71:c6:c5:7f:27:98:dd:
2a:e6:1f:7c:1c:95:0d:16:f6:1a:95:17:52:6b:a3:10:2a:eb:
f6:c7:5b:cf:2f:64:48:66:57:9a:8f:20:12:b2:06:13:cb:4a:
77:21:68:ce:65:e8:1f:b0:9c:3d:cf:00:f1:97:b0:3f:eb:29:
89:2c:65:39:61:dc:c0:98:62:02:8f:2b:0b:02:8f:1a:69:bc:
dc:08:1e:dd:94:3a:cd:c6:eb:bb:e7:7a:e1:be:0e:0b:d9:03:
e0:ee:23:8e:9e:b0:4a:9c:b8:d2:5b:bb:ac:39:60:f8:3f:0b:
e2:a9:4f:31:c5:5a:6b:06:54:17:d0:2d:1c:bc:d8:6d:87:97:
f6:d0:6b:06:3b:5d:ab:f1:d5:c8:2d:46:24:19:32:79:42:3b:
6d:eb:db:7a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIIJfOswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MDcyMTEwMTRaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGQ4MjZhOWZlY2Q4
ZDg3NDM4NDRhYWI5NDU0MDI1ZjM0YjE5MTI1MDEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCp43RkgIymHtulZxnzWtMt3VB1YswJcUgx5yuN0pc1FffN
yLrnn9h2ka4OCdl7pIN6UHeq1ScBdXm3manFGIaHM951QgotCH1a2g2tUDnkO65l
At/occ+wnhA3Aqj1IRKicY+ijUB5k5fpX4Js8bwfo+IWE9Hc2xBQIAaeLkRJpVU3
NRjClcBH6bNTwxS5vXCavzodEDrxfNoyE13UqO4slL03xgd1HVrvySfEgo36bRHX
UglgC3hWDMLoprbYmk0rA+88BTER2DfWnD1GAU7stGUtJ8hSI1TbBwBKGIbq/UIi
ZbyarjQ6bHk1M9U+xfYkNasJV0xL7uIefxknZUXBAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQU2Cap/s2Nh0OESquUVAJfNLGRJQEwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS8yQ2FwX3MyTmgwT0VTcXVVVkFKZk5MR1JKUUUucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAmWYh89SnCyduYcCfvtfGVufjMdfDFlRT30xT
W//cchaoE6uHCeTxurgEoLycBSHIvus86ZPSyx/cmP60p41L1bad1ccdO+UeK+4S
sYgyDZ/eI5EncRsOlORBtkSTaVocjuRHqS1xxsV/J5jdKuYffByVDRb2GpUXUmuj
ECrr9sdbzy9kSGZXmo8gErIGE8tKdyFozmXoH7CcPc8A8ZewP+spiSxlOWHcwJhi
Ao8rCwKPGmm83Age3ZQ6zcbru+d64b4OC9kD4O4jjp6wSpy40lu7rDlg+D8L4qlP
McVaawZUF9AtHLzYbYeX9tBrBjtdq/HVyC1GJBkyeUI7bevbeg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:38:09 2025 by rpki-client