Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2DxUdd83y5LIuarEqgjDVJb49KA.roa
File: 2DxUdd83y5LIuarEqgjDVJb49KA.roa (raw, json)
Hash identifier: tmr2+XOjoIjHuiEXTDTaK+2YKSTG2VV4cdiiGLEId8E=
Subject key identifier: D8:3C:54:75:DF:37:CB:92:C8:B9:AA:C4:AA:08:C3:54:96:F8:F4:A0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 84FAF2E5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2DxUdd83y5LIuarEqgjDVJb49KA.roa
Signing time: Tue 17 May 2022 23:14:28 +0000
ROA not before: Tue 17 May 2022 23:14:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2231038693 (0x84faf2e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 17 23:14:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d83c5475df37cb92c8b9aac4aa08c35496f8f4a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b6:b6:65:33:8f:0c:0a:e9:fc:6a:16:cf:f2:
89:d1:60:8e:d8:41:d9:19:f9:50:a4:1b:fc:f5:34:
fa:df:54:74:4b:59:7f:91:bc:16:c9:fc:ce:ea:0c:
f8:8e:d7:70:94:2f:18:69:53:c4:b0:b5:2f:a2:21:
a6:e4:72:cb:3e:6e:cf:b4:39:0b:b6:a9:5e:8b:f4:
aa:80:a0:8e:ee:74:bb:83:97:ee:dd:a6:9b:63:f7:
99:1c:7c:00:dc:e6:95:f8:55:fd:77:89:d7:e0:f8:
13:30:60:38:8d:51:84:0d:21:5b:d8:45:8e:09:9b:
75:b4:26:e3:43:fb:38:e5:1a:52:ba:be:b7:d1:9f:
00:4f:14:c1:32:ec:ac:db:6c:7e:93:5c:58:74:25:
1e:98:e5:d0:53:db:24:1c:41:c8:e3:c1:aa:6d:ec:
37:59:b0:59:d0:38:e3:48:5c:69:70:37:a2:08:37:
05:b5:e5:ca:e2:d5:c9:73:28:80:63:7d:00:8f:32:
38:55:2b:10:08:07:0e:b6:df:8d:85:79:8c:4a:74:
5f:12:e1:40:11:d5:e1:ce:7d:af:f3:f3:75:1e:ca:
57:86:73:00:86:5a:26:09:b1:61:37:81:7b:97:64:
79:d5:8b:8d:dc:95:d7:53:b1:16:e1:6c:62:5f:dc:
ef:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3C:54:75:DF:37:CB:92:C8:B9:AA:C4:AA:08:C3:54:96:F8:F4:A0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2DxUdd83y5LIuarEqgjDVJb49KA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:c6:2d:f4:ae:bd:3b:c6:5b:64:d8:fa:de:ba:c7:45:7c:55:
88:c8:25:d7:7f:36:8c:09:8c:0a:46:0c:e9:b1:a4:b8:fe:ab:
b3:e6:d0:50:26:d2:6c:f0:31:14:30:a5:8a:2e:35:54:75:89:
da:eb:ff:31:61:1d:d6:84:12:15:29:4e:ce:28:f7:8b:d2:16:
ee:74:7a:cc:8e:6d:31:5b:7a:8e:44:a6:02:1d:90:7d:98:ef:
53:5c:44:6b:d6:2f:c0:7c:e6:15:36:6e:5d:18:55:85:de:a3:
e9:f0:cb:59:67:20:8b:ab:12:57:a2:2a:09:49:a4:25:33:94:
3c:51:e5:73:2d:d0:4c:3b:3c:21:61:93:69:5e:38:e8:b2:54:
24:c0:fd:8c:fe:91:38:4c:8a:7c:2a:15:3b:53:dd:2e:19:39:
8e:4b:21:e5:3c:0b:b0:8f:65:d3:82:36:8d:e7:32:26:1e:0a:
7d:f5:81:65:34:56:34:3e:dd:3e:35:e4:38:eb:63:8c:20:2e:
ed:e6:3f:62:6d:fa:29:b1:4d:e0:40:6a:ea:fb:89:82:7d:1c:
ad:03:a0:43:0c:ef:41:05:c4:dd:f1:92:89:2c:1c:3c:1d:5f:
96:74:37:47:62:ed:dc:f6:d6:f0:3d:e7:09:63:2b:3b:b7:11:
7f:f6:2f:24
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIT68uUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MTcyMzE0MjhaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGQ4M2M1NDc1ZGYz
N2NiOTJjOGI5YWFjNGFhMDhjMzU0OTZmOGY0YTAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwtrZlM48MCun8ahbP8onRYI7YQdkZ+VCkG/z1NPrfVHRL
WX+RvBbJ/M7qDPiO13CULxhpU8SwtS+iIabkcss+bs+0OQu2qV6L9KqAoI7udLuD
l+7dpptj95kcfADc5pX4Vf13idfg+BMwYDiNUYQNIVvYRY4Jm3W0JuND+zjlGlK6
vrfRnwBPFMEy7KzbbH6TXFh0JR6Y5dBT2yQcQcjjwapt7DdZsFnQOONIXGlwN6II
NwW15cri1clzKIBjfQCPMjhVKxAIBw62342FeYxKdF8S4UAR1eHOfa/z83UeyleG
cwCGWiYJsWE3gXuXZHnVi43clddTsRbhbGJf3O9pAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQU2DxUdd83y5LIuarEqgjDVJb49KAwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS8yRHhVZGQ4M3k1TEl1YXJFcWdqRFZKYjQ5S0Eucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAXcYt9K69O8ZbZNj63rrHRXxViMgl1382jAmM
CkYM6bGkuP6rs+bQUCbSbPAxFDClii41VHWJ2uv/MWEd1oQSFSlOzij3i9IW7nR6
zI5tMVt6jkSmAh2QfZjvU1xEa9YvwHzmFTZuXRhVhd6j6fDLWWcgi6sSV6IqCUmk
JTOUPFHlcy3QTDs8IWGTaV446LJUJMD9jP6ROEyKfCoVO1PdLhk5jksh5TwLsI9l
04I2jecyJh4KffWBZTRWND7dPjXkOOtjjCAu7eY/Ym36KbFN4EBq6vuJgn0crQOg
QwzvQQXE3fGSiSwcPB1flnQ3R2Lt3PbW8D3nCWMrO7cRf/YvJA==
-----END CERTIFICATE-----
Generated at Thu May 1 18:41:42 2025 by rpki-client