Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4046AaRHjgvadCZeQ22lYYJeGEs.roa
File: 4046AaRHjgvadCZeQ22lYYJeGEs.roa (raw, json)
Hash identifier: keJLb6My2Njtq+8h39MlTTkcnCJT7CQXb7hdK7LYK7I=
Subject key identifier: E3:4E:3A:01:A4:47:8E:0B:DA:74:26:5E:43:6D:A5:61:82:5E:18:4B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01853195E735E085608F4E734388067A25BE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4046AaRHjgvadCZeQ22lYYJeGEs.roa
Signing time: Tue 20 Dec 2022 22:09:45 +0000
ROA not before: Tue 20 Dec 2022 22:09:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:31:95:e7:35:e0:85:60:8f:4e:73:43:88:06:7a:25:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 20 22:09:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e34e3a01a4478e0bda74265e436da561825e184b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f5:b8:c1:09:03:08:6b:0f:c2:34:e9:45:05:
5b:ff:02:15:1f:3a:c5:a3:40:14:ef:15:49:40:64:
49:f8:a0:e6:fd:0a:c9:d8:6a:a7:c0:23:19:a4:85:
dd:5c:b3:74:6e:13:44:f7:d7:32:d4:4f:a1:c5:be:
57:c4:47:b3:de:42:b6:04:bf:37:80:09:58:2d:a2:
28:8d:08:32:6c:bb:48:48:5a:57:6e:75:cd:c9:19:
7d:d6:7b:c3:8e:3b:6c:fe:14:16:4d:d6:07:76:4f:
8a:e8:83:21:6e:2a:fa:90:89:96:8a:6b:8f:34:81:
b7:77:3d:5a:6d:93:df:b6:7c:88:7e:5f:90:a2:6a:
87:e9:98:46:6c:41:7b:57:a1:a8:e9:05:cc:ec:74:
2f:9b:92:31:39:a0:2d:4e:a6:04:11:fd:5a:9b:cd:
c7:b9:69:90:6a:b5:b8:8b:86:ea:28:51:9c:bd:97:
4e:4d:f4:90:ff:60:1d:90:c2:d8:40:af:8c:ba:6e:
91:a4:49:3e:67:01:c0:1a:32:d9:b7:1d:38:61:32:
d1:98:63:57:5f:bc:a9:49:44:dd:e0:61:9c:27:4c:
32:de:c9:a8:1c:7b:56:39:8a:f6:87:e0:dd:61:e1:
f4:7c:1a:da:65:89:b4:e4:64:2f:df:b8:69:4c:4f:
ca:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:4E:3A:01:A4:47:8E:0B:DA:74:26:5E:43:6D:A5:61:82:5E:18:4B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4046AaRHjgvadCZeQ22lYYJeGEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0b:1a:24:a1:b9:7d:2c:1a:14:a8:cd:35:b6:e7:49:e5:10:91:
dd:c5:49:e1:78:12:40:e9:f8:96:5c:94:14:50:b9:ca:54:27:
16:b3:76:d9:f6:dd:ec:31:aa:c3:0f:7d:4c:ae:06:fa:0b:0c:
5b:87:1b:64:6b:a1:92:98:63:6f:24:13:ff:54:1c:44:19:4f:
79:23:75:14:b8:2b:e3:28:b7:59:4c:3b:d2:c7:78:52:d8:3e:
91:3e:67:07:c3:0f:1b:3a:58:31:da:df:16:70:37:88:3b:6b:
07:35:6b:94:2c:b4:8e:85:c5:8d:98:f6:fd:90:f4:d5:47:8d:
04:ed:51:d0:31:2e:8b:f9:29:52:ab:6a:3d:bf:d1:21:eb:a7:
74:92:c8:f1:a2:58:c3:25:b8:45:17:40:a3:79:09:b2:a9:43:
a2:eb:f5:e4:db:45:fd:02:1d:b8:ee:f1:12:5d:e9:fe:c6:fd:
ba:7e:a9:05:f0:c4:70:59:e4:f7:d3:67:06:f3:68:d4:db:4c:
0c:e3:aa:47:dd:a1:e3:97:36:c1:0b:1c:22:79:81:71:e8:28:
5b:b0:e5:d9:a2:75:c8:51:f3:9a:bd:38:42:ed:b1:84:b2:fb:
80:b6:d4:43:b1:d3:24:4a:c3:4f:9c:a6:f1:cb:16:27:ba:80:
bc:f6:2a:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUxlec14IVgj05zQ4gGeiW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjIwMjIwOTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzRlM2EwMWE0NDc4ZTBiZGE3NDI2NWU0MzZkYTU2MTgyNWUxODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/W4wQkDCGsPwjTpRQVb/wIVHzrF
o0AU7xVJQGRJ+KDm/QrJ2GqnwCMZpIXdXLN0bhNE99cy1E+hxb5XxEez3kK2BL83
gAlYLaIojQgybLtISFpXbnXNyRl91nvDjjts/hQWTdYHdk+K6IMhbir6kImWimuP
NIG3dz1abZPftnyIfl+QomqH6ZhGbEF7V6Go6QXM7HQvm5IxOaAtTqYEEf1am83H
uWmQarW4i4bqKFGcvZdOTfSQ/2AdkMLYQK+Mum6RpEk+ZwHAGjLZtx04YTLRmGNX
X7ypSUTd4GGcJ0wy3smoHHtWOYr2h+DdYeH0fBraZYm05GQv37hpTE/KiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFONOOgGkR44L2nQmXkNtpWGCXhhLMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNDA0NkFhUkhqZ3ZhZENaZVEyMmxZWUplR0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAsaJKG5fSwaFKjNNbbn
SeUQkd3FSeF4EkDp+JZclBRQucpUJxazdtn23ewxqsMPfUyuBvoLDFuHG2RroZKY
Y28kE/9UHEQZT3kjdRS4K+Mot1lMO9LHeFLYPpE+ZwfDDxs6WDHa3xZwN4g7awc1
a5QstI6FxY2Y9v2Q9NVHjQTtUdAxLov5KVKraj2/0SHrp3SSyPGiWMMluEUXQKN5
CbKpQ6Lr9eTbRf0CHbju8RJd6f7G/bp+qQXwxHBZ5PfTZwbzaNTbTAzjqkfdoeOX
NsELHCJ5gXHoKFuw5dmidchR85q9OELtsYSy+4C21EOx0yRKw0+cpvHLFie6gLz2
KlU=
-----END CERTIFICATE-----
Generated at Thu May 1 22:20:46 2025 by rpki-client