Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4aZoSO6G751kCW9WZGZDptfp9js.roa
File: 4aZoSO6G751kCW9WZGZDptfp9js.roa (raw, json)
Hash identifier: mJ0k17Dkila4jtJGATw9Ap2uLk+Mzu7Pi8ZlDfD3QzU=
Subject key identifier: E1:A6:68:48:EE:86:EF:9D:64:09:6F:56:64:66:43:A6:D7:E9:F6:3B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8DB36499
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4aZoSO6G751kCW9WZGZDptfp9js.roa
Signing time: Sat 18 Jun 2022 04:09:44 +0000
ROA not before: Sat 18 Jun 2022 04:09:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:56ba:5b78/128 maxlen: 128
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
2001:67c:64:ffff:0:181:477e:58d8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2377344153 (0x8db36499)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 18 04:09:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1a66848ee86ef9d64096f56646643a6d7e9f63b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2e:18:0f:b4:5b:98:3d:13:5f:b4:33:61:bc:
9c:a1:15:f0:45:85:3e:58:ef:fa:68:32:8b:a3:1b:
82:55:25:dc:1f:ac:e6:1c:3f:99:22:8d:88:db:1c:
ec:b0:54:83:30:83:4d:55:fe:2b:a8:40:ca:51:26:
52:71:58:e3:4f:90:ab:ca:ad:f6:87:43:cb:40:0c:
bf:19:c0:31:c5:87:13:e7:3d:35:f5:22:b9:bb:51:
14:c8:87:c6:93:30:8b:01:79:e4:59:64:16:2e:8a:
6c:59:40:c6:b7:f5:93:04:e4:77:d9:e1:57:5e:df:
4c:bc:2b:d7:f0:4a:fc:ec:78:29:89:d9:34:0c:b7:
2f:42:1e:de:40:3a:a2:05:60:f5:c2:46:0a:81:9d:
5d:2c:98:13:10:6a:ed:11:97:d7:d0:73:c6:b5:57:
ca:ba:96:ff:8e:fd:ab:1a:b2:1c:06:82:71:ba:39:
4a:8e:69:08:57:62:e5:36:98:87:f4:cf:a4:39:4e:
4d:e7:bf:52:aa:02:31:71:f6:7a:99:33:13:65:c8:
6f:f5:ea:7c:00:93:64:b1:4a:76:11:7c:cf:ce:3b:
21:b7:52:c7:c6:ac:6e:e3:b7:b1:fa:48:89:9d:90:
fa:1f:23:b0:b7:e6:96:49:8a:fc:ad:5c:76:62:7b:
7e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A6:68:48:EE:86:EF:9D:64:09:6F:56:64:66:43:A6:D7:E9:F6:3B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4aZoSO6G751kCW9WZGZDptfp9js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:f4:a8:c8:b4:99:82:9a:5c:b6:94:e4:93:f3:4f:97:3d:b9:
ee:11:4b:17:be:4d:86:3a:b0:88:7f:73:4c:73:48:95:b4:42:
9d:bb:09:a4:89:b3:bc:31:48:72:1c:0b:85:f3:6e:30:d2:57:
7f:95:6d:f8:95:05:17:53:84:67:7f:55:43:ee:33:57:b8:8d:
c8:6f:93:33:e4:c1:22:66:65:b0:46:c7:6a:89:20:aa:9e:32:
15:98:25:63:68:36:21:ac:d2:3e:18:ff:d9:f6:28:70:c6:a2:
90:47:d3:c3:23:c1:e4:cf:72:1e:5e:e7:36:c3:25:82:ab:52:
b7:c3:11:ba:11:83:9d:29:53:91:ea:de:fc:1e:02:0d:c8:b4:
9d:96:96:3a:0e:3d:37:33:77:ad:a6:14:3a:0c:73:79:b9:b6:
d9:8a:4b:94:b7:0f:4e:5e:a2:51:aa:51:e4:63:b6:35:9c:0a:
5c:9b:73:57:ac:69:65:ed:11:f1:1e:a8:ec:71:f2:71:e0:4f:
4c:38:b1:06:e2:4c:10:45:80:30:78:9c:0e:b6:0b:d8:6a:23:
cc:39:4f:8c:2d:a8:63:98:80:9a:14:df:65:42:80:c0:e9:b1:
be:6d:fa:6d:47:bc:dc:78:18:4d:77:1d:de:01:e4:46:07:79:
85:76:24:fb
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAI2zZJkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MTgwNDA5NDRaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGUxYTY2ODQ4ZWU4
NmVmOWQ2NDA5NmY1NjY0NjY0M2E2ZDdlOWY2M2IwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7LhgPtFuYPRNftDNhvJyhFfBFhT5Y7/poMoujG4JVJdwf
rOYcP5kijYjbHOywVIMwg01V/iuoQMpRJlJxWONPkKvKrfaHQ8tADL8ZwDHFhxPn
PTX1Irm7URTIh8aTMIsBeeRZZBYuimxZQMa39ZME5HfZ4Vde30y8K9fwSvzseCmJ
2TQMty9CHt5AOqIFYPXCRgqBnV0smBMQau0Rl9fQc8a1V8q6lv+O/asashwGgnG6
OUqOaQhXYuU2mIf0z6Q5Tk3nv1KqAjFx9nqZMxNlyG/16nwAk2SxSnYRfM/OOyG3
UsfGrG7jt7H6SImdkPofI7C35pZJivytXHZie35/AgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQU4aZoSO6G751kCW9WZGZDptfp9jswHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS80YVpvU082Rzc1MWtDVzlXWkdaRHB0ZnA5anMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAhvSoyLSZgppctpTkk/NPlz257hFLF75Nhjqw
iH9zTHNIlbRCnbsJpImzvDFIchwLhfNuMNJXf5Vt+JUFF1OEZ39VQ+4zV7iNyG+T
M+TBImZlsEbHaokgqp4yFZglY2g2IazSPhj/2fYocMaikEfTwyPB5M9yHl7nNsMl
gqtSt8MRuhGDnSlTkere/B4CDci0nZaWOg49NzN3raYUOgxzebm22YpLlLcPTl6i
UapR5GO2NZwKXJtzV6xpZe0R8R6o7HHyceBPTDixBuJMEEWAMHicDrYL2GojzDlP
jC2oY5iAmhTfZUKAwOmxvm36bUe83HgYTXcd3gHkRgd5hXYk+w==
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:28:21 2025 by rpki-client