Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3x3kBUmg3uuU2HovJ-E7pFHqHn0.roa
File: 3x3kBUmg3uuU2HovJ-E7pFHqHn0.roa (raw, json)
Hash identifier: oTUCZaQbXhxzgJcnHBFZddfkV7BOId7NCnTSfQkUBmM=
Subject key identifier: DF:1D:E4:05:49:A0:DE:EB:94:D8:7A:2F:27:E1:3B:A4:51:EA:1E:7D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 7D8868B3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3x3kBUmg3uuU2HovJ-E7pFHqHn0.roa
Signing time: Fri 22 Apr 2022 12:09:34 +0000
ROA not before: Fri 22 Apr 2022 12:09:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2106091699 (0x7d8868b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 22 12:09:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df1de40549a0deeb94d87a2f27e13ba451ea1e7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ea:3e:be:e7:03:b7:c6:8f:1e:7d:8c:6e:8c:
89:82:af:49:7e:ec:84:d9:30:c4:c8:18:a0:d4:fc:
48:b4:b9:2f:ed:74:a3:0a:47:20:b9:96:10:f1:85:
49:a0:58:51:14:65:37:60:66:35:28:11:f8:b1:6e:
f0:cb:f5:23:44:37:10:3c:55:01:27:0d:1b:55:cd:
c2:65:1d:61:d2:24:19:34:d4:73:d8:1c:e6:3c:01:
02:65:86:1e:90:76:31:f5:ec:91:56:37:72:dd:67:
3b:94:3c:f8:3a:7b:d7:5f:23:e8:c8:fd:45:75:b2:
81:2c:3f:25:74:2f:ba:b4:0a:7e:17:92:e0:8a:e5:
23:16:56:a9:08:de:63:4c:dc:90:02:ce:26:de:08:
ce:67:50:a6:06:ce:b9:6c:bf:03:d8:d6:5a:56:0f:
14:39:40:7d:54:a8:a0:32:aa:e2:32:6a:0c:9c:03:
46:a0:55:69:ab:4d:8d:21:50:de:32:d7:f0:5c:b6:
c4:ee:7b:76:05:b0:e0:88:15:af:17:ef:ca:9f:30:
b0:ed:a0:1a:ed:06:9e:84:cd:e5:ad:14:7e:82:3b:
69:fd:11:e1:21:d6:46:62:3e:e7:a6:96:bb:93:78:
83:cf:3f:52:9d:f6:45:8e:7b:41:d5:20:41:01:28:
2b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:1D:E4:05:49:A0:DE:EB:94:D8:7A:2F:27:E1:3B:A4:51:EA:1E:7D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3x3kBUmg3uuU2HovJ-E7pFHqHn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:f5:8d:91:db:cf:1d:0d:55:a4:5a:4f:fb:f1:ef:d8:ec:26:
a4:41:c6:7a:99:39:3d:f9:80:93:8f:d5:29:b1:6d:92:a0:b4:
6e:63:6b:dd:ba:da:57:d0:57:f1:35:e6:6d:9e:9d:f6:b5:40:
e5:4b:50:11:9d:69:9e:df:73:7e:f3:7b:fa:e3:7d:d0:c6:70:
88:02:53:32:a7:64:ba:60:d2:28:51:2e:3d:46:a6:dd:f1:8e:
36:b6:f9:2a:21:80:6c:e4:b1:c7:81:50:23:8c:3d:87:0f:e3:
2c:a6:c6:48:37:0d:a0:03:d6:1d:67:71:9e:7b:1d:dd:c5:ea:
04:c2:84:91:dd:cf:01:b6:d2:0c:fa:b9:d3:69:e3:2f:91:c3:
a1:7a:b8:7a:93:5f:13:be:75:8f:18:1c:58:8f:91:f6:30:00:
85:5c:23:a0:f6:66:2d:62:c2:6f:a3:ab:7b:1d:da:97:c6:c7:
1f:4a:82:e6:3f:38:5e:e2:6e:d6:3b:21:d3:e7:33:57:85:17:
0e:85:6b:d1:af:18:4f:da:32:27:13:58:0b:44:6b:63:95:31:
96:7c:1b:97:d8:0a:ef:9c:51:98:3a:36:44:ed:96:ef:50:ee:
c4:9f:a6:11:5b:19:a6:12:1f:b3:bc:a9:39:7f:97:ce:7c:2a:
7d:cb:55:83
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEfYhoszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQy
MjEyMDkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGYxZGU0MDU0OWEw
ZGVlYjk0ZDg3YTJmMjdlMTNiYTQ1MWVhMWU3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbqPr7nA7fGjx59jG6MiYKvSX7shNkwxMgYoNT8SLS5L+10
owpHILmWEPGFSaBYURRlN2BmNSgR+LFu8Mv1I0Q3EDxVAScNG1XNwmUdYdIkGTTU
c9gc5jwBAmWGHpB2MfXskVY3ct1nO5Q8+Dp7118j6Mj9RXWygSw/JXQvurQKfheS
4IrlIxZWqQjeY0zckALOJt4IzmdQpgbOuWy/A9jWWlYPFDlAfVSooDKq4jJqDJwD
RqBVaatNjSFQ3jLX8Fy2xO57dgWw4IgVrxfvyp8wsO2gGu0GnoTN5a0UfoI7af0R
4SHWRmI+56aWu5N4g88/Up32RY57QdUgQQEoK0ECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTfHeQFSaDe65TYei8n4TukUeoefTAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
LzN4M2tCVW1nM3V1VTJIb3ZKLUU3cEZIcUhuMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQAK9Y2R288dDVWkWk/78e/Y7CakQcZ6mTk9+YCT
j9UpsW2SoLRuY2vdutpX0FfxNeZtnp32tUDlS1ARnWme33N+83v6433QxnCIAlMy
p2S6YNIoUS49Rqbd8Y42tvkqIYBs5LHHgVAjjD2HD+MspsZINw2gA9YdZ3Geex3d
xeoEwoSR3c8BttIM+rnTaeMvkcOherh6k18TvnWPGBxYj5H2MACFXCOg9mYtYsJv
o6t7HdqXxscfSoLmPzhe4m7WOyHT5zNXhRcOhWvRrxhP2jInE1gLRGtjlTGWfBuX
2ArvnFGYOjZE7ZbvUO7En6YRWxmmEh+zvKk5f5fOfCp9y1WD
-----END CERTIFICATE-----
Generated at Fri May 2 16:10:05 2025 by rpki-client