Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2K72r5YryO5s6rGn8837uhVQ0e4.roa
File: 2K72r5YryO5s6rGn8837uhVQ0e4.roa (raw, json)
Hash identifier: q/r4nOYY1rsBgsx4qK9Nt/uQ5wezfH91/J9gmjFaC3M=
Subject key identifier: D8:AE:F6:AF:96:2B:C8:EE:6C:EA:B1:A7:F3:CD:FB:BA:15:50:D1:EE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 86D223F3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2K72r5YryO5s6rGn8837uhVQ0e4.roa
Signing time: Tue 24 May 2022 11:10:13 +0000
ROA not before: Tue 24 May 2022 11:10:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:ddb5:bc5/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:e0ec:efe1/128 maxlen: 128
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2261918707 (0x86d223f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 24 11:10:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8aef6af962bc8ee6ceab1a7f3cdfbba1550d1ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e8:9b:87:e5:00:44:0b:00:13:7e:87:42:a9:
0e:09:1f:d0:5c:7f:fd:1f:55:2c:aa:17:c1:96:72:
f8:30:09:af:0e:53:01:b9:a5:17:34:66:44:27:84:
45:80:7c:aa:ac:0c:9c:a4:34:e5:f0:e3:f4:81:60:
d8:3c:95:d7:2f:a5:55:40:b2:6f:8c:10:c3:9e:58:
eb:6f:08:04:90:7b:0d:f8:84:72:83:c3:a3:35:ae:
71:14:c6:f3:09:c0:97:fa:c8:2a:a3:af:1a:f6:7b:
93:1e:2c:b5:0c:ea:9c:ba:f7:64:86:a8:18:1e:17:
ef:2b:fa:22:bd:65:ef:12:bb:bc:2d:2e:ca:fb:f9:
84:82:b8:41:28:4a:b3:69:e3:43:e9:19:51:78:83:
fe:a0:13:82:67:b7:f9:52:a8:cf:93:a9:6a:28:50:
07:b0:68:81:26:28:b8:65:3d:6e:20:18:81:d2:f0:
99:c0:79:6f:ce:ad:e9:3b:39:9a:f7:f2:5d:4d:a0:
50:34:51:35:87:2f:93:e8:5c:5f:63:ee:c7:92:ff:
62:09:33:c8:08:fd:b3:f3:01:89:27:da:59:ac:b2:
dd:a0:34:e7:67:06:e2:c3:9f:e2:82:08:1f:d8:cf:
f4:5f:5a:e6:9a:a4:39:6f:2c:b2:14:da:9c:00:b8:
49:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:AE:F6:AF:96:2B:C8:EE:6C:EA:B1:A7:F3:CD:FB:BA:15:50:D1:EE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2K72r5YryO5s6rGn8837uhVQ0e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:4c:b1:9e:d7:84:49:c1:55:38:92:43:20:6f:6e:72:a0:3b:
15:91:fe:ec:3d:fc:35:0f:28:b6:2e:2a:5d:66:45:45:e7:5f:
5c:1b:22:db:3d:b2:05:b1:d1:0d:33:f1:2f:88:f2:e2:7c:4f:
89:27:fa:ea:6c:4f:5e:fe:c4:bd:77:d7:b5:7c:9b:14:f2:1f:
9a:ae:c4:2e:0a:35:24:4b:56:b6:fb:eb:67:66:41:3c:d5:dd:
94:a5:cb:0b:51:85:6f:af:ef:cc:4e:f9:e6:ee:7b:09:0c:90:
f4:2e:ce:39:50:66:32:4c:05:46:3d:97:be:f1:85:83:dc:54:
fe:69:b7:2e:03:ab:33:b6:71:d4:01:52:1c:56:df:4c:95:9b:
85:a2:4a:80:58:c0:54:c1:95:08:b4:19:07:20:a0:20:ce:48:
ee:4a:8f:85:80:f6:27:e2:d4:99:d8:ff:f6:84:b2:e2:1f:c5:
2b:9b:37:31:fe:c2:32:0d:fb:07:95:7b:0d:0a:28:bd:84:1f:
9f:1f:81:bb:9f:44:b4:77:81:80:03:95:72:81:c8:0d:f0:6e:
dc:00:01:7c:b5:2e:a4:26:8a:b7:5a:67:a7:b4:ea:9e:a8:4d:
c4:7d:23:e0:4e:41:00:94:ec:21:c3:e2:b8:d4:80:d2:ee:c4:
36:88:27:88
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIbSI/MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjQxMTEwMTNaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGQ4YWVmNmFmOTYy
YmM4ZWU2Y2VhYjFhN2YzY2RmYmJhMTU1MGQxZWUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDE6JuH5QBECwATfodCqQ4JH9Bcf/0fVSyqF8GWcvgwCa8O
UwG5pRc0ZkQnhEWAfKqsDJykNOXw4/SBYNg8ldcvpVVAsm+MEMOeWOtvCASQew34
hHKDw6M1rnEUxvMJwJf6yCqjrxr2e5MeLLUM6py692SGqBgeF+8r+iK9Ze8Su7wt
Lsr7+YSCuEEoSrNp40PpGVF4g/6gE4Jnt/lSqM+TqWooUAewaIEmKLhlPW4gGIHS
8JnAeW/Orek7OZr38l1NoFA0UTWHL5PoXF9j7seS/2IJM8gI/bPzAYkn2lmsst2g
NOdnBuLDn+KCCB/Yz/RfWuaapDlvLLIU2pwAuEnHAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQU2K72r5YryO5s6rGn8837uhVQ0e4wHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS8ySzcycjVZcnlPNXM2ckduODgzN3VoVlEwZTQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAD0yxnteEScFVOJJDIG9ucqA7FZH+7D38NQ8o
ti4qXWZFRedfXBsi2z2yBbHRDTPxL4jy4nxPiSf66mxPXv7EvXfXtXybFPIfmq7E
Lgo1JEtWtvvrZ2ZBPNXdlKXLC1GFb6/vzE755u57CQyQ9C7OOVBmMkwFRj2XvvGF
g9xU/mm3LgOrM7Zx1AFSHFbfTJWbhaJKgFjAVMGVCLQZByCgIM5I7kqPhYD2J+LU
mdj/9oSy4h/FK5s3Mf7CMg37B5V7DQoovYQfnx+Bu59EtHeBgAOVcoHIDfBu3AAB
fLUupCaKt1pnp7TqnqhNxH0j4E5BAJTsIcPiuNSA0u7ENogniA==
-----END CERTIFICATE-----
Generated at Sat May 3 17:44:17 2025 by rpki-client