Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2gQEjt9P0NAKhrpf4p6JDzUjDCc.roa
File: 2gQEjt9P0NAKhrpf4p6JDzUjDCc.roa (raw, json)
Hash identifier: ZBah7cAGa7Gz3auSvkMX/E91dZH8tO0kmB9922t0SGw=
Subject key identifier: DA:04:04:8E:DF:4F:D0:D0:0A:86:BA:5F:E2:9E:89:0F:35:23:0C:27
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184E7C68F5CBD7610772A6466DA4E7B66F0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2gQEjt9P0NAKhrpf4p6JDzUjDCc.roa
Signing time: Tue 06 Dec 2022 14:11:00 +0000
ROA not before: Tue 06 Dec 2022 14:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:c6:8f:5c:bd:76:10:77:2a:64:66:da:4e:7b:66:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 6 14:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da04048edf4fd0d00a86ba5fe29e890f35230c27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c5:08:98:4a:f0:96:8d:74:d5:ba:dc:af:ff:
f3:a7:94:f2:93:16:a4:66:9b:c0:61:47:ff:02:29:
94:e6:a6:f6:a3:4a:18:1f:be:ec:ad:e8:5b:4e:d4:
da:35:dd:81:ca:1b:56:4a:7c:d7:24:42:d3:c4:30:
56:f4:c0:a8:cf:c3:31:ee:4b:be:96:fc:81:0d:d6:
ab:d8:bf:78:ce:72:22:a2:4e:bf:8e:0f:d6:15:71:
3d:78:5b:37:f3:65:e0:ec:35:48:e0:15:e9:b8:3b:
aa:2e:56:17:27:bd:e3:41:39:48:d6:5b:d8:e3:35:
38:38:1a:09:fb:6f:ce:a5:b4:a2:25:4d:da:6a:f0:
58:5e:b2:90:f5:f5:dd:59:d9:5e:a7:dd:ae:21:ba:
66:7a:da:85:37:b8:4a:08:15:9e:99:92:44:ee:c6:
6f:54:53:27:cd:6f:f9:35:a0:0f:43:14:21:cb:80:
a1:02:ca:45:db:59:e3:f3:60:3b:87:da:4f:50:fa:
5d:cd:e9:2d:81:67:a0:1a:9b:94:33:0d:62:3a:ea:
f9:8f:f0:b8:ff:d9:cb:5b:14:03:a7:94:bb:ad:88:
ef:5b:f1:29:0c:d9:93:db:45:63:64:5e:b2:ad:b4:
c7:a0:53:74:04:64:52:0e:ed:cc:70:98:fa:74:8b:
7f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:04:04:8E:DF:4F:D0:D0:0A:86:BA:5F:E2:9E:89:0F:35:23:0C:27
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2gQEjt9P0NAKhrpf4p6JDzUjDCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:fc:b5:87:c2:14:e0:70:df:66:ee:17:4f:d3:4d:37:99:46:
93:b2:df:63:c0:0a:33:f0:89:40:2b:cb:d5:52:9d:ba:63:05:
1a:02:71:8b:8d:2e:bf:42:80:68:aa:2b:0d:6c:ba:a9:eb:9d:
8e:d0:ed:1e:d7:9a:8b:fe:8a:ae:38:c4:7a:62:6b:52:07:dd:
ff:2a:2c:c9:6f:c1:a4:c6:fe:c8:a5:82:9b:07:39:b8:ea:8c:
91:b4:f3:9f:e7:13:40:61:8b:a9:59:73:e2:f2:a7:bf:9d:eb:
05:e5:80:10:4b:71:6f:02:63:92:30:bc:c5:3d:13:d1:5f:13:
13:50:5a:ee:73:a1:7a:a0:4f:05:21:9e:c5:95:dd:c5:d9:73:
4b:2b:08:93:c1:62:7d:05:ad:3b:46:8f:2e:1b:b8:a2:a0:0f:
c0:34:a9:09:3f:c6:13:e2:ab:1e:02:47:65:97:cf:0c:1a:82:
cc:67:77:13:a4:83:87:1c:a0:ba:0f:f8:17:2b:c3:cf:4c:85:
77:9b:e3:c4:b1:71:2a:7e:fa:c3:68:73:52:9e:66:ad:55:76:
26:90:b5:60:9c:90:36:c5:ab:e9:54:2c:35:e2:92:26:73:8b:
3e:71:81:07:40:86:18:e3:fa:9a:b0:94:e1:6e:f0:13:08:a8:
ca:21:30:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTnxo9cvXYQdypkZtpOe2bwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA2MTQxMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTA0MDQ4ZWRmNGZkMGQwMGE4NmJhNWZlMjllODkwZjM1MjMwYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMUImErwlo101brcr//zp5Tykxak
ZpvAYUf/AimU5qb2o0oYH77srehbTtTaNd2ByhtWSnzXJELTxDBW9MCoz8Mx7ku+
lvyBDdar2L94znIiok6/jg/WFXE9eFs382Xg7DVI4BXpuDuqLlYXJ73jQTlI1lvY
4zU4OBoJ+2/OpbSiJU3aavBYXrKQ9fXdWdlep92uIbpmetqFN7hKCBWemZJE7sZv
VFMnzW/5NaAPQxQhy4ChAspF21nj82A7h9pPUPpdzektgWegGpuUMw1iOur5j/C4
/9nLWxQDp5S7rYjvW/EpDNmT20VjZF6yrbTHoFN0BGRSDu3McJj6dIt/iwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNoEBI7fT9DQCoa6X+KeiQ81IwwnMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMmdRRWp0OVAwTkFLaHJwZjRwNkpEelVqRENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIb8tYfCFOBw32buF0/T
TTeZRpOy32PACjPwiUAry9VSnbpjBRoCcYuNLr9CgGiqKw1suqnrnY7Q7R7Xmov+
iq44xHpia1IH3f8qLMlvwaTG/silgpsHObjqjJG085/nE0Bhi6lZc+Lyp7+d6wXl
gBBLcW8CY5IwvMU9E9FfExNQWu5zoXqgTwUhnsWV3cXZc0srCJPBYn0FrTtGjy4b
uKKgD8A0qQk/xhPiqx4CR2WXzwwagsxndxOkg4ccoLoP+Bcrw89MhXeb48SxcSp+
+sNoc1KeZq1VdiaQtWCckDbFq+lULDXikiZziz5xgQdAhhjj+pqwlOFu8BMIqMoh
MDA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:59:51 2025 by rpki-client