Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2KQwB6ZF2D78QJ-Ov_XKWPqYYeA.roa
File: 2KQwB6ZF2D78QJ-Ov_XKWPqYYeA.roa (raw, json)
Hash identifier: 3MAoiByYiOVkWbZm4b38Ajc10Bqgh/sbrLPHC1tfb/c=
Subject key identifier: D8:A4:30:07:A6:45:D8:3E:FC:40:9F:8E:BF:F5:CA:58:FA:98:61:E0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183B598ED0EBDC7062F297623E9EEFCFA15
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2KQwB6ZF2D78QJ-Ov_XKWPqYYeA.roa
Signing time: Sat 08 Oct 2022 03:17:21 +0000
ROA not before: Sat 08 Oct 2022 03:17:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b5:98:ed:0e:bd:c7:06:2f:29:76:23:e9:ee:fc:fa:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 8 03:17:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8a43007a645d83efc409f8ebff5ca58fa9861e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f6:76:74:8d:f3:c9:a7:d9:ef:4f:1d:e5:be:
9c:cc:01:47:8b:6c:6b:63:c8:f3:31:0b:7d:41:39:
64:fb:ea:80:1f:c9:ff:ea:43:cb:3e:65:e7:4d:b9:
a3:b9:3a:86:39:2f:19:ae:cf:d4:a6:7c:87:76:72:
dd:02:6a:2c:0e:db:1e:a3:c8:bd:ca:6f:9a:e3:8c:
a8:1d:50:de:18:32:fc:87:17:2d:cf:50:12:fd:73:
f3:2b:77:b0:41:aa:d7:3b:8b:73:b7:e2:6f:67:99:
c0:60:89:b0:c0:bf:32:1d:c6:32:99:b1:f0:ce:95:
5d:73:a4:db:cf:f4:6a:59:f1:99:c3:d4:00:87:7e:
ce:cc:4f:ea:d8:a9:e4:8a:cf:8b:73:83:4f:9b:1f:
08:d8:89:15:4a:ee:66:c5:fb:e4:a6:45:24:31:47:
94:f7:09:a8:52:a5:7a:8f:54:6e:94:7d:c2:06:1c:
88:fa:e1:92:7d:0b:4e:c0:0b:3c:44:09:ad:fe:0f:
6e:eb:d3:51:3e:14:6e:b9:ad:30:76:f1:f7:40:08:
bf:bb:96:03:18:d7:7f:97:62:86:55:a0:c6:0b:e4:
e5:e2:2c:ac:26:a6:22:c5:68:d9:f1:9b:3b:87:f5:
b1:06:42:c6:b9:ff:c4:f0:b1:2a:1e:0a:aa:f8:2c:
34:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A4:30:07:A6:45:D8:3E:FC:40:9F:8E:BF:F5:CA:58:FA:98:61:E0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2KQwB6ZF2D78QJ-Ov_XKWPqYYeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:16:52:07:98:41:93:8d:1c:b6:97:00:0a:c0:a5:9f:c7:30:
eb:8f:e1:fa:3a:cc:42:c8:91:ba:b5:ec:61:93:e3:9d:93:21:
ed:9d:1e:19:65:49:e2:3a:26:d9:32:82:04:40:9a:1f:43:de:
b3:b3:05:fe:f7:88:a2:17:27:20:06:56:b6:11:75:cc:0c:ef:
b4:ff:96:5b:38:53:2e:2b:dd:60:50:1a:ba:0c:39:c9:bc:85:
2d:d2:3b:0b:90:4a:3f:f2:9f:71:a9:48:04:da:3d:4f:f1:58:
e4:6f:5b:1f:c7:bd:a5:af:49:37:7f:b0:19:75:ef:f2:8f:13:
b8:be:9e:f3:96:75:96:df:c8:e1:dd:86:b9:1b:4a:5d:06:50:
20:3b:4e:01:7c:80:6c:93:2b:83:32:fe:81:ca:0c:18:42:f0:
ae:24:98:be:54:e8:4d:19:fd:e7:fa:12:5d:e8:bb:20:eb:9f:
ed:2e:c2:6d:a6:4b:b0:a5:8d:ed:45:67:b1:aa:c6:9b:3a:02:
e6:12:5a:21:a5:cb:01:8e:c6:b6:27:94:0e:e3:29:2e:a9:de:
79:e0:ad:02:52:67:34:7b:99:a4:37:7e:76:35:09:bc:f3:ec:
1b:b7:2e:a1:78:db:67:1e:1a:98:c3:42:0b:da:0d:39:49:2c:
7f:54:4a:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYO1mO0OvccGLyl2I+nu/PoVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDA4MDMxNzIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE0MzAwN2E2NDVkODNlZmM0MDlmOGViZmY1Y2E1OGZhOTg2MWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/Z2dI3zyafZ708d5b6czAFHi2xr
Y8jzMQt9QTlk++qAH8n/6kPLPmXnTbmjuTqGOS8Zrs/UpnyHdnLdAmosDtseo8i9
ym+a44yoHVDeGDL8hxctz1AS/XPzK3ewQarXO4tzt+JvZ5nAYImwwL8yHcYymbHw
zpVdc6Tbz/RqWfGZw9QAh37OzE/q2Knkis+Lc4NPmx8I2IkVSu5mxfvkpkUkMUeU
9wmoUqV6j1RulH3CBhyI+uGSfQtOwAs8RAmt/g9u69NRPhRuua0wdvH3QAi/u5YD
GNd/l2KGVaDGC+Tl4iysJqYixWjZ8Zs7h/WxBkLGuf/E8LEqHgqq+Cw0QQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNikMAemRdg+/ECfjr/1ylj6mGHgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMktRd0I2WkYyRDc4UUotT3ZfWEtXUHFZWWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGUWUgeYQZONHLaXAArA
pZ/HMOuP4fo6zELIkbq17GGT452TIe2dHhllSeI6JtkyggRAmh9D3rOzBf73iKIX
JyAGVrYRdcwM77T/lls4Uy4r3WBQGroMOcm8hS3SOwuQSj/yn3GpSATaPU/xWORv
Wx/HvaWvSTd/sBl17/KPE7i+nvOWdZbfyOHdhrkbSl0GUCA7TgF8gGyTK4My/oHK
DBhC8K4kmL5U6E0Z/ef6El3ouyDrn+0uwm2mS7Clje1FZ7Gqxps6AuYSWiGlywGO
xrYnlA7jKS6p3nngrQJSZzR7maQ3fnY1Cbzz7Bu3LqF422ceGpjDQgvaDTlJLH9U
Srw=
-----END CERTIFICATE-----
Generated at Thu May 1 07:21:59 2025 by rpki-client