Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2kyVzfYRaQTcXfC2Ad6w-_YQezE.roa
File: 2kyVzfYRaQTcXfC2Ad6w-_YQezE.roa (raw, json)
Hash identifier: lBcKpwHRa4s/DriITW452zC6SqSX7HzSNTo+3nYs0MQ=
Subject key identifier: DA:4C:95:CD:F6:11:69:04:DC:5D:F0:B6:01:DE:B0:FB:F6:10:7B:31
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185DA3E0AC9CB7A0A8FE38F18F592D82342
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2kyVzfYRaQTcXfC2Ad6w-_YQezE.roa
Signing time: Sun 22 Jan 2023 16:09:37 +0000
ROA not before: Sun 22 Jan 2023 16:09:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:da:3e:0a:c9:cb:7a:0a:8f:e3:8f:18:f5:92:d8:23:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 22 16:09:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da4c95cdf6116904dc5df0b601deb0fbf6107b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c5:2b:cf:ac:f7:9c:60:39:58:23:1a:9c:2f:
b0:8d:6b:f6:d0:5d:0d:dd:9c:ed:aa:f9:67:7f:87:
a9:66:51:c1:1a:3a:51:9a:f5:2b:d6:e8:ef:c6:e6:
af:2a:9c:9a:60:e9:66:d2:6a:b0:a9:29:57:b2:1f:
97:de:ff:e5:9d:7f:f5:bb:1e:3a:1c:b1:6f:58:ab:
28:cd:d6:6f:de:de:ac:15:71:f6:6b:ac:72:b8:79:
96:75:8c:e3:a2:ce:db:39:d8:30:f5:b2:eb:20:19:
56:64:a4:de:36:7d:45:96:81:e1:de:95:e1:5e:2c:
79:74:1c:54:c7:31:5e:c8:a6:2a:96:41:69:b8:01:
58:9d:9f:b6:72:aa:57:cb:7a:34:58:f5:f8:c7:27:
c4:b3:88:51:52:37:c2:80:4f:df:87:b5:3c:52:a6:
3c:bc:fa:bc:f2:73:3e:b0:39:c9:b6:97:95:f7:7c:
20:72:9d:58:bb:0a:c2:69:b0:74:a2:36:08:02:ba:
76:fa:6e:49:90:0e:d4:c6:2f:a7:0c:58:4f:85:db:
3c:18:aa:04:6d:99:05:83:eb:fa:0d:a9:b5:21:e6:
51:a6:61:2b:4c:3c:7f:9f:73:0c:20:15:41:70:a0:
12:91:b4:af:d6:28:cb:41:e0:1b:ff:d5:6f:57:82:
2d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:4C:95:CD:F6:11:69:04:DC:5D:F0:B6:01:DE:B0:FB:F6:10:7B:31
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2kyVzfYRaQTcXfC2Ad6w-_YQezE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:ef:c9:78:6a:7d:06:b8:0e:6b:eb:0f:7d:a9:b7:e4:48:80:
f8:a6:ea:93:d1:46:63:10:d4:8e:b6:c9:53:c1:2b:d7:1e:92:
a8:10:f3:dd:db:99:a4:a4:09:86:5a:45:a7:24:d1:81:4d:93:
2e:22:48:99:3f:08:da:16:ef:9d:45:2b:aa:0b:54:03:1e:93:
13:46:7f:0b:05:01:eb:43:cc:51:80:0f:62:76:03:39:70:c1:
5b:0a:90:10:ca:a6:67:d0:4a:ff:89:95:f0:56:f9:63:09:88:
a0:f3:b0:e5:6b:be:5d:2d:19:7a:f2:a5:46:05:95:ad:36:d6:
21:f2:6b:18:c5:21:c5:18:21:70:16:7a:fd:5f:36:fe:55:2c:
af:6f:ee:56:ac:00:76:1a:66:5b:75:c4:83:f3:e0:5f:e0:31:
36:66:83:65:64:87:f6:c1:65:0a:fc:4f:5c:50:6f:b1:9c:1a:
51:ec:1f:98:42:bb:db:bd:8f:44:3a:71:72:f6:bd:22:b3:a2:
89:b4:d3:fb:64:ce:bf:04:b7:20:0f:50:a3:97:35:4c:a7:c2:
32:63:14:59:6e:87:71:f7:45:2e:99:73:68:58:64:46:08:e6:
5a:d1:81:ae:4f:e8:7f:14:96:0b:6e:f4:6f:c1:5e:09:e9:ae:
5b:19:50:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXaPgrJy3oKj+OPGPWS2CNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIyMTYwOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTRjOTVjZGY2MTE2OTA0ZGM1ZGYwYjYwMWRlYjBmYmY2MTA3YjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8Urz6z3nGA5WCManC+wjWv20F0N
3Zztqvlnf4epZlHBGjpRmvUr1ujvxuavKpyaYOlm0mqwqSlXsh+X3v/lnX/1ux46
HLFvWKsozdZv3t6sFXH2a6xyuHmWdYzjos7bOdgw9bLrIBlWZKTeNn1FloHh3pXh
Xix5dBxUxzFeyKYqlkFpuAFYnZ+2cqpXy3o0WPX4xyfEs4hRUjfCgE/fh7U8UqY8
vPq88nM+sDnJtpeV93wgcp1YuwrCabB0ojYIArp2+m5JkA7Uxi+nDFhPhds8GKoE
bZkFg+v6Dam1IeZRpmErTDx/n3MMIBVBcKASkbSv1ijLQeAb/9VvV4IthwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNpMlc32EWkE3F3wtgHesPv2EHsxMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMmt5VnpmWVJhUVRjWGZDMkFkNnctX1lRZXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAfvyXhqfQa4DmvrD32p
t+RIgPim6pPRRmMQ1I62yVPBK9cekqgQ893bmaSkCYZaRack0YFNky4iSJk/CNoW
751FK6oLVAMekxNGfwsFAetDzFGAD2J2AzlwwVsKkBDKpmfQSv+JlfBW+WMJiKDz
sOVrvl0tGXrypUYFla021iHyaxjFIcUYIXAWev1fNv5VLK9v7lasAHYaZlt1xIPz
4F/gMTZmg2Vkh/bBZQr8T1xQb7GcGlHsH5hCu9u9j0Q6cXL2vSKzoom00/tkzr8E
tyAPUKOXNUynwjJjFFluh3H3RS6Zc2hYZEYI5lrRga5P6H8Ulgtu9G/BXgnprlsZ
UAw=
-----END CERTIFICATE-----
Generated at Thu May 1 03:57:05 2025 by rpki-client