Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3Gmhtn3k0MK4V2IybmfXzBQdEYQ.roa
File: 3Gmhtn3k0MK4V2IybmfXzBQdEYQ.roa (raw, json)
Hash identifier: ZeqVBdZXC6ihrPiU8X3Uc04FJAFU5P8MGFv/BO3R2II=
Subject key identifier: DC:69:A1:B6:7D:E4:D0:C2:B8:57:62:32:6E:67:D7:CC:14:1D:11:84
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01828059C04AB410C6CBACFAEE598E9738CD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3Gmhtn3k0MK4V2IybmfXzBQdEYQ.roa
Signing time: Tue 09 Aug 2022 02:05:41 +0000
ROA not before: Tue 09 Aug 2022 02:05:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64:ffff:0:182:8058:e32b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:80:59:c0:4a:b4:10:c6:cb:ac:fa:ee:59:8e:97:38:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 9 02:05:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc69a1b67de4d0c2b85762326e67d7cc141d1184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8e:97:9d:1a:ac:98:cf:7d:a2:f3:89:d6:44:
be:a5:3d:00:8a:2d:bf:75:08:de:0d:56:20:3f:43:
a8:8e:6a:95:c7:b1:5f:09:6b:a1:93:c5:f9:62:b8:
2a:69:aa:0d:be:d8:0a:43:1a:b5:63:68:5f:94:26:
63:54:49:fc:41:58:df:e0:58:8f:59:60:6c:48:7e:
6a:da:e7:ba:6c:e2:27:58:ba:df:6e:e1:83:0c:fe:
dc:7f:e5:00:02:94:17:b8:80:24:dd:d1:61:b7:67:
86:6a:d9:28:ef:e2:fa:0d:f2:99:f8:6d:58:0f:7c:
97:e3:f6:9b:13:55:f8:eb:d7:b6:f4:5b:26:ba:a8:
46:74:b6:20:e3:49:ef:88:08:2b:55:f4:df:ff:2a:
b5:9e:ea:c0:a7:70:75:30:d0:24:21:7d:6d:60:be:
69:b6:e8:c0:bd:86:e4:7c:68:83:d9:2d:1f:11:82:
36:0d:d1:1d:ba:4b:b1:f8:6a:02:7d:33:3b:dc:be:
7d:5d:84:e8:ea:52:ef:44:d3:a9:3e:f8:d2:9f:7a:
0f:c7:4e:bf:47:5c:a5:ce:fb:75:cb:c9:3b:ba:06:
ad:e6:67:c8:fb:9d:28:03:e5:a2:3e:5f:ed:9f:53:
cf:3a:cd:0b:c6:e5:84:18:e2:f7:62:d2:3c:c2:54:
d8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:69:A1:B6:7D:E4:D0:C2:B8:57:62:32:6E:67:D7:CC:14:1D:11:84
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3Gmhtn3k0MK4V2IybmfXzBQdEYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:d6:61:b7:74:46:70:86:6d:b2:3a:03:88:4b:b3:0c:bf:85:
39:8b:01:71:23:17:e3:8b:15:f1:a6:1b:3d:32:5f:8d:c1:47:
03:83:3f:0e:0f:13:64:b4:f6:d6:08:7a:43:f8:b7:7d:53:64:
18:f3:16:75:23:f4:ac:99:c3:13:1e:6b:cc:40:db:12:24:c8:
a7:52:e8:fb:83:b8:80:61:2a:dc:ed:80:e4:ef:5e:25:8e:53:
ad:12:2a:0a:f1:87:5a:9d:bd:1c:dd:b4:f1:74:be:17:3f:3a:
ff:a8:40:bb:2a:0b:e0:a6:47:b5:42:e0:c5:6f:e5:29:c4:d9:
eb:31:95:ab:c9:02:a1:ed:40:61:17:6a:e8:63:06:86:e4:13:
ca:43:3b:a7:9e:e7:b2:11:b7:ee:81:fc:fc:52:d9:e1:49:f5:
88:53:ea:83:aa:e1:1e:9d:36:49:22:84:b7:d7:83:2d:9b:ed:
49:41:82:2c:0c:b0:6e:b2:fb:c9:c1:84:63:51:96:35:25:69:
c7:4e:ee:b3:83:71:14:3f:4e:fa:83:4f:f5:8a:e2:a0:c5:c3:
81:10:f3:49:bd:c8:20:14:38:39:e3:b0:d2:00:6f:1a:ba:55:
0f:b6:6a:ce:d3:59:e4:47:03:e0:0c:a8:bb:cc:e5:34:39:f5:
1c:38:63:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYKAWcBKtBDGy6z67lmOlzjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODA5MDIwNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzY5YTFiNjdkZTRkMGMyYjg1NzYyMzI2ZTY3ZDdjYzE0MWQxMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI6XnRqsmM99ovOJ1kS+pT0Aii2/
dQjeDVYgP0OojmqVx7FfCWuhk8X5YrgqaaoNvtgKQxq1Y2hflCZjVEn8QVjf4FiP
WWBsSH5q2ue6bOInWLrfbuGDDP7cf+UAApQXuIAk3dFht2eGatko7+L6DfKZ+G1Y
D3yX4/abE1X469e29FsmuqhGdLYg40nviAgrVfTf/yq1nurAp3B1MNAkIX1tYL5p
tujAvYbkfGiD2S0fEYI2DdEdukux+GoCfTM73L59XYTo6lLvRNOpPvjSn3oPx06/
R1ylzvt1y8k7ugat5mfI+50oA+WiPl/tn1PPOs0LxuWEGOL3YtI8wlTYfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNxpobZ95NDCuFdiMm5n18wUHRGEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvM0dtaHRuM2swTUs0VjJJeWJtZlh6QlFkRVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGHWYbd0RnCGbbI6A4hL
swy/hTmLAXEjF+OLFfGmGz0yX43BRwODPw4PE2S09tYIekP4t31TZBjzFnUj9KyZ
wxMea8xA2xIkyKdS6PuDuIBhKtztgOTvXiWOU60SKgrxh1qdvRzdtPF0vhc/Ov+o
QLsqC+CmR7VC4MVv5SnE2esxlavJAqHtQGEXauhjBobkE8pDO6ee57IRt+6B/PxS
2eFJ9YhT6oOq4R6dNkkihLfXgy2b7UlBgiwMsG6y+8nBhGNRljUlacdO7rODcRQ/
TvqDT/WK4qDFw4EQ80m9yCAUODnjsNIAbxq6VQ+2as7TWeRHA+AMqLvM5TQ59Rw4
Yzs=
-----END CERTIFICATE-----
Generated at Fri May 2 14:24:46 2025 by rpki-client