Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2zCJXkIvStx3Wn_lxGmXSuojb1U.roa
File: 2zCJXkIvStx3Wn_lxGmXSuojb1U.roa (raw, json)
Hash identifier: ktwnHa2SJyzqz0oBuO+ABhCBPTo6mSlv5aXx14cCSW8=
Subject key identifier: DB:30:89:5E:42:2F:4A:DC:77:5A:7F:E5:C4:69:97:4A:EA:23:6F:55
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185C15B873363D545A49D46EDA04EDD0015
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2zCJXkIvStx3Wn_lxGmXSuojb1U.roa
Signing time: Tue 17 Jan 2023 20:11:19 +0000
ROA not before: Tue 17 Jan 2023 20:11:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c1:5b:87:33:63:d5:45:a4:9d:46:ed:a0:4e:dd:00:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 17 20:11:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db30895e422f4adc775a7fe5c469974aea236f55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:db:31:0b:c0:52:13:5e:65:19:9b:50:bb:7b:
e7:d8:14:7e:8c:0d:c9:e7:05:b2:cb:63:3f:f5:92:
1d:6b:3b:89:8d:b5:15:3b:01:51:d9:d8:86:a9:bf:
85:96:08:71:51:39:3b:e3:e9:67:19:27:97:f5:89:
2d:37:8a:24:18:4c:79:e1:80:e2:5b:a1:79:18:30:
a8:85:cf:2b:a7:cd:9f:90:bc:d2:c1:3b:2a:0f:a9:
0b:73:51:61:6e:cf:34:4f:83:0e:e4:f3:a7:a6:83:
a1:e6:fb:ae:3f:17:77:e7:06:d2:7c:fb:27:e7:82:
a3:c0:bc:f0:f2:dd:13:29:2f:a8:27:3c:cc:8e:e4:
3e:65:ad:04:8c:bc:30:41:29:fc:91:95:4d:56:18:
f2:d0:38:2f:32:bf:d4:05:4b:d8:a9:f5:4d:20:c7:
71:6d:b9:90:71:35:51:f3:ff:71:41:d8:f9:da:aa:
8e:36:99:75:ac:b0:4e:71:0f:d3:72:ec:8f:06:06:
e6:9f:fd:50:14:54:a2:45:26:fc:a6:54:4e:f7:f7:
1c:cf:25:95:4f:b2:1d:3d:e6:b2:70:07:a2:88:5c:
cb:72:87:8d:53:94:f5:9e:9d:c5:c6:98:d3:68:40:
41:23:90:10:40:bc:85:11:db:92:76:b2:f4:84:af:
b5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:30:89:5E:42:2F:4A:DC:77:5A:7F:E5:C4:69:97:4A:EA:23:6F:55
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2zCJXkIvStx3Wn_lxGmXSuojb1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:a8:20:8e:6b:17:37:44:3e:1b:db:39:65:32:88:c7:99:f1:
66:a7:40:9c:ae:6c:4e:71:61:ed:07:bd:e1:30:c9:b8:fb:47:
6c:54:21:54:5a:30:2b:f3:31:9f:8a:c0:56:9e:04:af:d1:51:
8a:87:04:76:ba:6e:ae:03:f1:15:75:39:c6:9e:6c:99:de:51:
e4:9a:b3:3e:58:1c:17:c3:db:0a:9e:cd:65:e5:dc:fe:8e:e9:
b5:f1:2b:19:fb:04:fc:4b:f4:fb:1b:44:80:d4:a2:6a:e9:c6:
f8:21:e2:1c:24:83:b6:34:88:33:ca:ca:20:59:88:b2:ce:a1:
48:4c:90:82:b9:7a:1a:4e:ae:f2:01:f7:c0:47:8f:e8:e6:33:
d7:e5:49:1a:74:40:76:fc:9b:9a:44:60:69:49:89:2b:41:b6:
59:fe:54:2a:be:16:e2:98:82:bf:db:a8:3d:4e:40:5c:f6:52:
3f:59:fd:fe:bf:72:83:3d:34:3f:19:3b:7f:8b:e9:dc:84:55:
58:b6:2f:57:a3:e0:38:d4:de:93:93:46:db:ba:49:59:0a:da:
81:8b:f0:cf:61:f3:61:e1:9a:65:72:25:4e:d5:2b:33:0a:8d:
c4:af:24:c4:13:ae:f0:84:3a:a7:8d:9f:93:f9:18:af:9f:00:
60:30:f2:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXBW4czY9VFpJ1G7aBO3QAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTE3MjAxMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjMwODk1ZTQyMmY0YWRjNzc1YTdmZTVjNDY5OTc0YWVhMjM2ZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtsxC8BSE15lGZtQu3vn2BR+jA3J
5wWyy2M/9ZIdazuJjbUVOwFR2diGqb+FlghxUTk74+lnGSeX9YktN4okGEx54YDi
W6F5GDCohc8rp82fkLzSwTsqD6kLc1Fhbs80T4MO5POnpoOh5vuuPxd35wbSfPsn
54KjwLzw8t0TKS+oJzzMjuQ+Za0EjLwwQSn8kZVNVhjy0DgvMr/UBUvYqfVNIMdx
bbmQcTVR8/9xQdj52qqONpl1rLBOcQ/TcuyPBgbmn/1QFFSiRSb8plRO9/cczyWV
T7IdPeaycAeiiFzLcoeNU5T1np3FxpjTaEBBI5AQQLyFEduSdrL0hK+1ZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNswiV5CL0rcd1p/5cRpl0rqI29VMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMnpDSlhrSXZTdHgzV25fbHhHbVhTdW9qYjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKWoII5rFzdEPhvbOWUy
iMeZ8WanQJyubE5xYe0HveEwybj7R2xUIVRaMCvzMZ+KwFaeBK/RUYqHBHa6bq4D
8RV1OcaebJneUeSasz5YHBfD2wqezWXl3P6O6bXxKxn7BPxL9PsbRIDUomrpxvgh
4hwkg7Y0iDPKyiBZiLLOoUhMkIK5ehpOrvIB98BHj+jmM9flSRp0QHb8m5pEYGlJ
iStBtln+VCq+FuKYgr/bqD1OQFz2Uj9Z/f6/coM9ND8ZO3+L6dyEVVi2L1ej4DjU
3pOTRtu6SVkK2oGL8M9h82HhmmVyJU7VKzMKjcSvJMQTrvCEOqeNn5P5GK+fAGAw
8s4=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:36:28 2025 by rpki-client