Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2K_r1s6o99PAFVqhFBX5WXaaD3I.roa
File: 2K_r1s6o99PAFVqhFBX5WXaaD3I.roa (raw, json)
Hash identifier: wjEHxuqSBNkPZ3oxBUpaQ2+3SvX+cDDW9R4ZxoQGekY=
Subject key identifier: D8:AF:EB:D6:CE:A8:F7:D3:C0:15:5A:A1:14:15:F9:59:76:9A:0F:72
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018522C776DB6CAF0137CF5006091E2A18C2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2K_r1s6o99PAFVqhFBX5WXaaD3I.roa
Signing time: Sun 18 Dec 2022 01:09:35 +0000
ROA not before: Sun 18 Dec 2022 01:09:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:22:c7:76:db:6c:af:01:37:cf:50:06:09:1e:2a:18:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 18 01:09:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8afebd6cea8f7d3c0155aa11415f959769a0f72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:17:df:d7:d8:39:3a:c0:bd:f8:17:b5:4f:ed:
e4:47:d3:2e:84:17:b9:fe:c0:0e:2e:86:1d:be:ce:
a0:86:c1:41:e2:7f:6b:0d:53:8b:06:70:a2:23:c9:
95:54:df:9f:d2:09:d6:5c:4e:d4:48:25:77:da:de:
d6:90:88:b4:56:4d:8a:1c:92:66:f3:14:ea:13:11:
69:20:2e:c8:d0:15:0d:ee:46:35:6e:5c:34:5a:3e:
bf:92:dc:77:46:02:d8:92:50:84:d8:e7:94:b2:1e:
d5:e2:55:b6:fc:b9:6c:2a:85:04:49:93:89:fb:9e:
a9:88:81:8e:10:55:31:23:32:40:8b:e2:dd:89:98:
69:1c:65:bb:06:4e:8a:42:d4:e1:0a:f9:dd:2b:ba:
34:77:dc:04:48:d2:03:c6:b4:fa:38:87:7a:a1:ee:
14:83:47:20:34:8b:c1:8d:a2:b7:b6:00:93:c1:1d:
81:04:c1:32:35:3c:af:3e:25:6f:e0:9b:42:be:3d:
50:2f:95:70:dd:e5:e2:e8:3c:9c:0d:91:e7:d5:ef:
73:73:fe:7a:85:c0:5e:c9:3c:f1:a6:4b:d2:57:61:
e1:77:e7:6e:ed:c8:c0:d7:aa:4a:5f:38:90:de:e8:
05:77:4a:f1:1a:c4:36:b8:c3:5b:86:87:4b:5a:0e:
92:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:AF:EB:D6:CE:A8:F7:D3:C0:15:5A:A1:14:15:F9:59:76:9A:0F:72
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2K_r1s6o99PAFVqhFBX5WXaaD3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:e7:86:54:19:12:d7:54:e0:f6:42:4a:3b:8a:7c:bf:df:26:
61:80:cb:7c:05:8b:81:79:8a:ea:b7:d7:03:a2:8b:28:e3:9a:
d6:ed:1d:17:fa:87:39:7c:d5:0f:5e:cc:2b:bf:b0:32:7c:2b:
ac:d5:14:75:95:3b:89:0b:23:a6:28:cc:cf:72:28:b7:23:1a:
69:5d:18:d2:c0:bf:f3:d0:8d:ad:32:48:78:53:d4:c9:9b:69:
be:a6:0e:c1:d4:36:43:5d:b1:7d:7b:f6:31:94:db:12:81:42:
60:24:84:de:18:8a:f8:98:0a:0e:93:9a:3b:3b:02:8d:fd:6c:
a7:12:73:05:98:98:bd:3b:c3:50:0f:09:68:a7:59:28:ea:78:
1d:04:1c:1a:2b:61:e6:e6:65:7d:42:f9:33:e6:b2:a5:c5:68:
91:a7:b9:a6:02:cd:16:ed:7a:9b:01:32:7b:b9:c9:17:f2:8f:
f7:bc:51:77:e3:ed:3c:8b:c2:9d:57:14:22:22:f6:ae:27:23:
35:25:0b:ad:d1:f2:11:e3:19:0f:18:60:9d:29:73:19:06:4b:
35:c5:6d:1f:16:e4:de:ed:c1:58:0b:41:93:33:a6:02:27:07:
23:09:74:f2:1b:28:a5:26:6c:f0:27:78:52:15:56:48:22:d2:
90:89:d4:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUix3bbbK8BN89QBgkeKhjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE4MDEwOTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGFmZWJkNmNlYThmN2QzYzAxNTVhYTExNDE1Zjk1OTc2OWEwZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRff19g5OsC9+Be1T+3kR9MuhBe5
/sAOLoYdvs6ghsFB4n9rDVOLBnCiI8mVVN+f0gnWXE7USCV32t7WkIi0Vk2KHJJm
8xTqExFpIC7I0BUN7kY1blw0Wj6/ktx3RgLYklCE2OeUsh7V4lW2/LlsKoUESZOJ
+56piIGOEFUxIzJAi+LdiZhpHGW7Bk6KQtThCvndK7o0d9wESNIDxrT6OId6oe4U
g0cgNIvBjaK3tgCTwR2BBMEyNTyvPiVv4JtCvj1QL5Vw3eXi6DycDZHn1e9zc/56
hcBeyTzxpkvSV2Hhd+du7cjA16pKXziQ3ugFd0rxGsQ2uMNbhodLWg6SRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNiv69bOqPfTwBVaoRQV+Vl2mg9yMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMktfcjFzNm85OVBBRlZxaEZCWDVXWGFhRDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAErnhlQZEtdU4PZCSjuK
fL/fJmGAy3wFi4F5iuq31wOiiyjjmtbtHRf6hzl81Q9ezCu/sDJ8K6zVFHWVO4kL
I6YozM9yKLcjGmldGNLAv/PQja0ySHhT1Mmbab6mDsHUNkNdsX179jGU2xKBQmAk
hN4YiviYCg6Tmjs7Ao39bKcScwWYmL07w1APCWinWSjqeB0EHBorYebmZX1C+TPm
sqXFaJGnuaYCzRbtepsBMnu5yRfyj/e8UXfj7TyLwp1XFCIi9q4nIzUlC63R8hHj
GQ8YYJ0pcxkGSzXFbR8W5N7twVgLQZMzpgInByMJdPIbKKUmbPAneFIVVkgi0pCJ
1Fg=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:51:54 2025 by rpki-client