Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2qWfhuYYWcicpf6fX3qPOLhP9H4.roa
File: 2qWfhuYYWcicpf6fX3qPOLhP9H4.roa (raw, json)
Hash identifier: j36vWvcS2sah754ZRjd1nv0D2LGr01cxFAWIp38JXCI=
Subject key identifier: DA:A5:9F:86:E6:18:59:C8:9C:A5:FE:9F:5F:7A:8F:38:B8:4F:F4:7E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8EF91545
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2qWfhuYYWcicpf6fX3qPOLhP9H4.roa
Signing time: Wed 22 Jun 2022 13:31:32 +0000
ROA not before: Wed 22 Jun 2022 13:31:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2398688581 (0x8ef91545)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 22 13:31:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=daa59f86e61859c89ca5fe9f5f7a8f38b84ff47e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f7:c3:f5:d7:6d:cb:78:ef:dc:78:6d:fe:ca:
7e:fc:80:54:26:72:e1:c0:22:7a:ca:ce:59:a0:a8:
f0:17:81:b5:9a:f2:51:ab:34:34:e9:4d:ea:b1:51:
d6:2d:fa:52:62:3b:b8:01:f2:f5:69:b5:d8:d4:f6:
49:3e:09:b9:c5:94:46:9f:2b:32:c2:17:2d:dd:47:
b3:cf:51:cf:8b:77:47:28:31:1b:5e:23:2b:f8:61:
c0:83:0f:55:03:03:69:e0:9a:93:e4:95:09:0f:6b:
a6:1e:56:e7:25:0b:41:b4:95:62:45:f5:2d:94:b9:
ba:e3:7d:3b:e6:5f:ea:54:59:49:66:ae:f1:e6:fa:
e9:ff:1f:e9:a3:44:6d:4f:07:94:2e:0b:2c:d6:76:
da:a6:ec:ce:6c:e8:a6:24:79:97:3a:f9:aa:1a:2a:
5d:89:e7:7a:96:da:55:e5:a7:39:5f:63:ec:0a:3e:
1c:60:2f:33:c0:bf:2e:cd:06:c1:22:4b:76:38:48:
0d:98:81:41:2d:31:b7:b7:de:5d:40:91:4b:26:bc:
98:30:4e:37:80:ff:fe:17:1e:70:8d:2e:75:d7:f1:
cd:64:65:16:fc:f1:55:7f:1e:af:76:3a:6f:5c:50:
ab:5a:2f:c3:09:63:b9:4a:41:bc:9a:d3:4c:06:dd:
29:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A5:9F:86:E6:18:59:C8:9C:A5:FE:9F:5F:7A:8F:38:B8:4F:F4:7E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2qWfhuYYWcicpf6fX3qPOLhP9H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:82:9b:58:7b:09:04:b0:01:95:92:67:80:bb:11:3e:02:9d:
6f:19:98:ec:70:7f:bd:b8:de:ae:04:3e:d3:1f:37:54:24:ac:
6f:d3:ee:19:32:15:ed:96:6e:5d:92:68:5b:64:e0:78:7a:3e:
fc:08:58:5f:11:08:9e:48:2f:4f:a5:d7:c3:c7:57:90:1a:8c:
f9:83:8e:3c:26:8b:62:d7:3d:a5:e0:b3:75:a8:56:d6:3e:a1:
0b:89:21:65:d7:02:ec:ce:f9:e4:a7:d0:f9:39:dc:a9:65:04:
82:a1:0f:d7:37:7d:f0:7e:b8:c0:3e:5e:35:64:1d:c5:4d:2f:
7a:dc:ad:53:af:22:2b:64:22:c3:4a:fb:e7:ef:83:c5:cf:d4:
e8:99:81:8c:19:e9:35:b2:91:b9:43:3d:ab:7b:cc:e7:b4:72:
fd:a7:fa:a8:e0:6e:c7:9e:87:ea:63:6d:90:26:ad:27:be:30:
50:7b:13:39:59:87:33:04:f1:0c:ae:96:5a:dd:59:2a:7f:7b:
bf:40:8a:ad:59:39:3a:60:df:92:79:4c:35:3f:6e:67:9b:e2:
9a:c3:b1:a6:31:11:6e:79:b0:5a:f2:a2:50:34:4d:72:16:a6:
1f:ad:be:f7:5b:58:13:12:56:f8:73:68:73:d2:74:ef:80:e6:
55:54:9c:45
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAI75FUUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MjIxMzMxMzJaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGRhYTU5Zjg2ZTYx
ODU5Yzg5Y2E1ZmU5ZjVmN2E4ZjM4Yjg0ZmY0N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDV98P1123LeO/ceG3+yn78gFQmcuHAInrKzlmgqPAXgbWa
8lGrNDTpTeqxUdYt+lJiO7gB8vVptdjU9kk+CbnFlEafKzLCFy3dR7PPUc+Ld0co
MRteIyv4YcCDD1UDA2ngmpPklQkPa6YeVuclC0G0lWJF9S2UubrjfTvmX+pUWUlm
rvHm+un/H+mjRG1PB5QuCyzWdtqm7M5s6KYkeZc6+aoaKl2J53qW2lXlpzlfY+wK
PhxgLzPAvy7NBsEiS3Y4SA2YgUEtMbe33l1AkUsmvJgwTjeA//4XHnCNLnXX8c1k
ZRb88VV/Hq92Om9cUKtaL8MJY7lKQbya00wG3Sk7AgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQU2qWfhuYYWcicpf6fX3qPOLhP9H4wHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS8ycVdmaHVZWVdjaWNwZjZmWDNxUE9MaFA5SDQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEASoKbWHsJBLABlZJngLsRPgKdbxmY7HB/vbje
rgQ+0x83VCSsb9PuGTIV7ZZuXZJoW2TgeHo+/AhYXxEInkgvT6XXw8dXkBqM+YOO
PCaLYtc9peCzdahW1j6hC4khZdcC7M755KfQ+TncqWUEgqEP1zd98H64wD5eNWQd
xU0vetytU68iK2Qiw0r75++Dxc/U6JmBjBnpNbKRuUM9q3vM57Ry/af6qOBux56H
6mNtkCatJ74wUHsTOVmHMwTxDK6WWt1ZKn97v0CKrVk5OmDfknlMNT9uZ5vimsOx
pjERbnmwWvKiUDRNchamH62+91tYExJW+HNoc9J074DmVVScRQ==
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:18:49 2025 by rpki-client