Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2X2izURtMVc_k4cyV1l8YA-sUSA.roa
File: 2X2izURtMVc_k4cyV1l8YA-sUSA.roa (raw, json)
Hash identifier: F4qLgwZCM6fcmLIcOB2eGwcVsCoEiZDZ65RG0F9KewY=
Subject key identifier: D9:7D:A2:CD:44:6D:31:57:3F:93:87:32:57:59:7C:60:0F:AC:51:20
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01854C6A21349F96DDC72F1E87B13B5D78FE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2X2izURtMVc_k4cyV1l8YA-sUSA.roa
Signing time: Mon 26 Dec 2022 03:11:41 +0000
ROA not before: Mon 26 Dec 2022 03:11:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4c:6a:21:34:9f:96:dd:c7:2f:1e:87:b1:3b:5d:78:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 26 03:11:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d97da2cd446d31573f93873257597c600fac5120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3e:7f:ef:9b:7d:44:b8:fd:e5:5e:c8:2e:2d:
4b:ca:0b:03:24:11:ab:d5:c8:3c:e5:64:86:99:36:
7c:85:cc:8a:58:20:00:2d:57:c2:5d:6d:7b:88:b0:
d5:cd:c6:66:5b:4c:a9:6f:fa:b7:05:99:7c:e5:de:
e7:81:5e:d2:38:9c:8e:0b:53:7d:f4:1f:10:38:e3:
51:7d:ea:e9:e8:2a:09:5b:f6:0e:d8:bd:dd:99:c4:
f9:ed:0e:71:a0:d9:9d:96:64:dd:10:85:83:66:f8:
b7:00:8c:f4:65:79:ee:99:41:e8:d4:5d:7a:69:63:
9d:c0:e3:f7:8e:46:b7:73:19:51:c1:e0:61:7e:71:
11:9b:5a:36:ed:cf:05:56:7f:a9:d9:8f:d4:93:7c:
93:92:8a:65:3b:33:b9:19:6a:4f:3e:f2:9e:48:07:
34:5c:b3:64:8f:a2:48:99:69:fa:6a:10:f1:0c:b9:
ff:d3:dc:1a:0b:bc:22:43:7c:7c:58:6c:d6:a2:4f:
57:83:2e:13:d1:49:f5:36:4d:49:1a:19:6e:b7:fe:
00:67:9f:f5:c4:44:8e:c4:ce:c8:54:79:52:7e:3f:
d1:1d:ba:a0:ca:bd:1e:cf:5d:51:c1:70:1d:60:f9:
1b:2e:d8:aa:ae:ca:90:31:03:24:1f:3f:d6:3b:5a:
9e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:7D:A2:CD:44:6D:31:57:3F:93:87:32:57:59:7C:60:0F:AC:51:20
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2X2izURtMVc_k4cyV1l8YA-sUSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:5e:a7:4c:ed:ad:65:42:35:12:f7:7c:b2:b1:09:1d:ee:0a:
3e:25:a3:bd:31:e0:aa:ff:d9:4d:5e:a4:48:76:39:ec:64:96:
ae:47:c4:c3:4a:3c:1c:3b:49:b0:e1:8a:49:df:b6:d7:d0:5b:
cc:9a:05:57:be:cf:97:1d:a5:d4:73:bc:73:0e:4e:9c:4b:4b:
4c:08:c9:fa:dd:dd:ac:ac:0a:2d:eb:dc:d1:72:51:e2:03:e1:
8b:ce:2c:3a:3a:4b:e8:25:f9:25:7f:bd:05:e3:ed:6b:41:02:
8f:be:8d:36:fe:e8:e2:d2:49:ba:a4:6e:7c:c0:b9:e9:81:bf:
36:ac:9e:2d:e8:6c:76:bc:be:c0:61:db:3a:21:34:c7:33:5c:
01:fd:11:fa:7e:2f:61:3f:73:3d:cd:bb:95:b9:0d:7e:1e:a1:
be:aa:a9:00:70:29:a5:37:0c:6f:1d:96:9d:a1:f5:fd:7c:1d:
c1:86:a5:ca:d9:cd:54:2b:60:f9:88:78:b9:f3:8d:99:22:e5:
d1:65:64:e9:e4:bf:dc:b8:28:aa:92:1c:b5:6f:b3:e2:2a:85:
0d:80:6c:bf:87:96:94:be:a7:cc:b4:38:02:48:72:13:53:4a:
f1:25:2c:6d:96:c9:7b:3f:74:e0:81:fc:65:bd:d5:1d:d9:32:
8b:03:05:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVMaiE0n5bdxy8eh7E7XXj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI2MDMxMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTdkYTJjZDQ0NmQzMTU3M2Y5Mzg3MzI1NzU5N2M2MDBmYWM1MTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgj5/75t9RLj95V7ILi1LygsDJBGr
1cg85WSGmTZ8hcyKWCAALVfCXW17iLDVzcZmW0ypb/q3BZl85d7ngV7SOJyOC1N9
9B8QOONRferp6CoJW/YO2L3dmcT57Q5xoNmdlmTdEIWDZvi3AIz0ZXnumUHo1F16
aWOdwOP3jka3cxlRweBhfnERm1o27c8FVn+p2Y/Uk3yTkoplOzO5GWpPPvKeSAc0
XLNkj6JImWn6ahDxDLn/09waC7wiQ3x8WGzWok9Xgy4T0Un1Nk1JGhlut/4AZ5/1
xESOxM7IVHlSfj/RHbqgyr0ez11RwXAdYPkbLtiqrsqQMQMkHz/WO1qeiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNl9os1EbTFXP5OHMldZfGAPrFEgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMlgyaXpVUnRNVmNfazRjeVYxbDhZQS1zVVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHtep0ztrWVCNRL3fLKx
CR3uCj4lo70x4Kr/2U1epEh2Oexklq5HxMNKPBw7SbDhiknfttfQW8yaBVe+z5cd
pdRzvHMOTpxLS0wIyfrd3aysCi3r3NFyUeID4YvOLDo6S+gl+SV/vQXj7WtBAo++
jTb+6OLSSbqkbnzAuemBvzasni3obHa8vsBh2zohNMczXAH9Efp+L2E/cz3Nu5W5
DX4eob6qqQBwKaU3DG8dlp2h9f18HcGGpcrZzVQrYPmIeLnzjZki5dFlZOnkv9y4
KKqSHLVvs+IqhQ2AbL+HlpS+p8y0OAJIchNTSvElLG2WyXs/dOCB/GW91R3ZMosD
BRA=
-----END CERTIFICATE-----
Generated at Fri May 2 12:23:51 2025 by rpki-client