Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2qGgkoF-rI3zyuMaFBfJblQXW24.roa
File: 2qGgkoF-rI3zyuMaFBfJblQXW24.roa (raw, json)
Hash identifier: Pp5YCTrorl8MKcA6YqsF/hXco2vSroh1BdLLWFSJm90=
Subject key identifier: DA:A1:A0:92:81:7E:AC:8D:F3:CA:E3:1A:14:17:C9:6E:54:17:5B:6E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018436C6686E40A3AC002DE67CDFAFB347DE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2qGgkoF-rI3zyuMaFBfJblQXW24.roa
Signing time: Wed 02 Nov 2022 05:18:03 +0000
ROA not before: Wed 02 Nov 2022 05:18:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:36:c6:68:6e:40:a3:ac:00:2d:e6:7c:df:af:b3:47:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 2 05:18:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=daa1a092817eac8df3cae31a1417c96e54175b6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:14:22:12:f8:49:6d:0e:3b:04:e1:42:ce:48:
35:e6:fb:a0:f9:46:9d:03:5d:8f:e6:3c:d6:c6:9b:
6b:e7:ca:64:8a:00:de:41:89:7c:5e:ac:90:57:d6:
13:a3:52:1b:aa:f3:76:e1:cf:0d:5f:a4:d1:1e:32:
b7:c6:7e:4a:e4:91:58:61:26:ee:ef:65:1a:4c:4a:
0c:5d:fe:66:07:07:72:6a:20:8c:cc:08:7f:e2:7d:
ee:ed:89:13:cb:99:d9:7d:45:3c:2e:55:ee:9d:b4:
9d:43:63:03:d2:66:41:6f:e8:1d:bc:3b:a1:4e:e0:
6a:65:ca:48:c2:4d:86:41:e7:eb:b9:33:d8:9f:90:
e9:8b:b8:23:83:4c:56:15:f1:4d:70:ae:dd:cf:50:
75:0b:5f:a0:9a:6e:27:09:86:d6:5c:48:24:d6:02:
6a:36:f4:45:46:9b:e2:77:fa:07:a1:98:12:f9:d6:
8b:42:65:85:30:01:2c:4d:0b:be:fb:0f:a8:3e:99:
c6:4a:41:d7:7a:42:22:8c:7d:b8:f4:8c:8b:51:d1:
bc:31:7f:39:ce:e4:59:1f:d2:dc:81:8b:9d:14:2a:
76:67:34:e3:32:29:f5:4a:09:90:30:6d:40:8d:5a:
34:55:e7:16:16:84:69:eb:43:e8:eb:f5:a3:61:eb:
31:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A1:A0:92:81:7E:AC:8D:F3:CA:E3:1A:14:17:C9:6E:54:17:5B:6E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2qGgkoF-rI3zyuMaFBfJblQXW24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:c6:6f:ba:c8:60:f1:16:7d:9e:78:af:7a:1e:d6:ba:e5:50:
01:dc:08:81:c0:6c:df:96:05:11:be:1f:8a:3c:7e:ed:ac:50:
c7:fd:b1:58:da:ff:75:58:37:1d:b1:f9:7d:05:7f:8a:d2:00:
dc:ea:6c:85:57:c8:8f:3b:8d:a8:74:48:91:82:8e:0b:63:0a:
b9:ff:9b:43:76:4a:17:e9:1a:b9:8c:08:14:52:83:d9:85:d7:
99:f7:a7:04:bd:67:7b:4a:e0:f3:c2:dd:c8:4d:b9:32:29:9c:
3b:6b:fa:e7:e2:c1:b0:ac:84:8f:2f:e3:b8:71:ea:35:e7:eb:
e5:2e:a5:44:7b:26:bc:57:12:fd:89:fc:5d:d5:c3:76:a8:f1:
90:69:c3:8d:64:72:f7:dd:ee:24:9b:ef:2e:05:eb:89:43:21:
39:52:5b:5a:5e:da:50:86:60:e0:8b:d3:94:1b:b6:5e:d3:2f:
3b:ae:32:1d:db:f7:2c:01:cc:dd:7f:12:47:48:61:df:d9:d1:
be:a4:1f:58:0f:13:14:5d:b7:c9:3d:73:c6:2b:6c:2f:39:67:
86:dc:8e:eb:4c:0a:a4:9d:bd:a1:60:7c:ea:e3:56:f2:a9:15:
58:e3:2e:fb:43:11:aa:6b:9f:da:21:5b:49:29:5d:7b:d3:87:
7b:09:74:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQ2xmhuQKOsAC3mfN+vs0feMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTAyMDUxODAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWExYTA5MjgxN2VhYzhkZjNjYWUzMWExNDE3Yzk2ZTU0MTc1YjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihQiEvhJbQ47BOFCzkg15vug+Uad
A12P5jzWxptr58pkigDeQYl8XqyQV9YTo1IbqvN24c8NX6TRHjK3xn5K5JFYYSbu
72UaTEoMXf5mBwdyaiCMzAh/4n3u7YkTy5nZfUU8LlXunbSdQ2MD0mZBb+gdvDuh
TuBqZcpIwk2GQefruTPYn5Dpi7gjg0xWFfFNcK7dz1B1C1+gmm4nCYbWXEgk1gJq
NvRFRpvid/oHoZgS+daLQmWFMAEsTQu++w+oPpnGSkHXekIijH249IyLUdG8MX85
zuRZH9LcgYudFCp2ZzTjMin1SgmQMG1AjVo0VecWFoRp60Po6/WjYesxEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNqhoJKBfqyN88rjGhQXyW5UF1tuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMnFHZ2tvRi1ySTN6eXVNYUZCZkpibFFYVzI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIvGb7rIYPEWfZ54r3oe
1rrlUAHcCIHAbN+WBRG+H4o8fu2sUMf9sVja/3VYNx2x+X0Ff4rSANzqbIVXyI87
jah0SJGCjgtjCrn/m0N2ShfpGrmMCBRSg9mF15n3pwS9Z3tK4PPC3chNuTIpnDtr
+ufiwbCshI8v47hx6jXn6+UupUR7JrxXEv2J/F3Vw3ao8ZBpw41kcvfd7iSb7y4F
64lDITlSW1pe2lCGYOCL05Qbtl7TLzuuMh3b9ywBzN1/EkdIYd/Z0b6kH1gPExRd
t8k9c8YrbC85Z4bcjutMCqSdvaFgfOrjVvKpFVjjLvtDEaprn9ohW0kpXXvTh3sJ
dKg=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:40:16 2025 by rpki-client