Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4hz1i9WxFryjAXiLFuKJ5uHMuOY.roa
File: 4hz1i9WxFryjAXiLFuKJ5uHMuOY.roa (raw, json)
Hash identifier: x8f5KUDu9VNQ5hEtK6FwUk8UNZ1Q6Pe4bBcLpO+SX08=
Subject key identifier: E2:1C:F5:8B:D5:B1:16:BC:A3:01:78:8B:16:E2:89:E6:E1:CC:B8:E6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018526D6960FFD5E08A03CFCA67A114A0B28
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4hz1i9WxFryjAXiLFuKJ5uHMuOY.roa
Signing time: Sun 18 Dec 2022 20:04:35 +0000
ROA not before: Sun 18 Dec 2022 20:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:26d6:4908/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:26:d6:96:0f:fd:5e:08:a0:3c:fc:a6:7a:11:4a:0b:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 18 20:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e21cf58bd5b116bca301788b16e289e6e1ccb8e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a3:ae:76:d2:35:43:4d:7c:4c:a0:1d:33:79:
e6:ac:01:41:a7:4c:d6:f8:97:43:86:13:77:e1:4c:
8a:c4:69:aa:b3:2f:a4:42:20:68:78:a3:74:05:fc:
fb:28:8e:cc:10:b9:a8:e6:57:e5:b1:a1:bc:18:f3:
bb:b9:b9:aa:ba:48:34:88:17:4e:f5:e8:78:e1:77:
df:f5:95:b5:5d:b4:a6:b3:a6:88:f6:89:4e:93:b1:
36:7c:d9:cd:0d:79:b4:30:d5:8b:c3:c9:a9:79:b0:
9e:38:98:fa:fb:59:e0:8a:96:4e:cd:c3:fd:24:fd:
55:49:eb:4c:f7:dd:8b:ca:3f:48:fa:35:7e:ed:ea:
81:30:8f:af:67:7b:8f:18:3f:3b:f6:26:eb:ed:93:
9a:c7:61:f9:01:62:23:19:ba:30:6e:b1:6c:06:7d:
a3:c8:25:a8:01:65:d0:4b:16:26:5e:20:a0:ec:db:
82:2e:ac:f7:86:66:41:08:1d:28:b7:5e:e3:67:85:
9e:3f:13:eb:d6:9a:6b:90:c7:11:b2:00:40:40:a9:
d1:9f:41:c1:14:5b:ee:c3:4c:bf:b0:a8:d9:bd:f1:
f0:94:c6:e1:55:42:e9:f2:77:69:88:60:11:fe:d9:
73:b4:f7:5c:fe:ce:23:dc:1d:5d:a1:e1:69:33:7e:
27:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:1C:F5:8B:D5:B1:16:BC:A3:01:78:8B:16:E2:89:E6:E1:CC:B8:E6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4hz1i9WxFryjAXiLFuKJ5uHMuOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:b9:12:fb:13:7e:84:2d:1b:6c:41:1e:d2:41:62:30:2b:df:
1a:aa:41:2f:a9:80:3a:08:3c:06:fa:1f:7e:31:19:bf:22:66:
77:8d:e4:e8:bd:15:e8:55:4c:6f:b9:13:42:42:9e:0c:4e:f1:
08:2f:2d:cd:66:8e:89:50:b2:91:43:66:30:ce:26:d5:d1:b1:
2e:3d:82:ba:ec:18:f1:f1:7c:2f:d7:c9:4e:2c:df:53:a5:e6:
54:14:9a:44:ea:66:3d:0a:c6:fa:53:59:85:56:21:67:d6:38:
32:df:c7:40:36:ff:41:e9:cc:5b:dc:3e:71:bc:db:ee:1e:5a:
73:b6:cf:c6:3b:0d:3c:60:6a:5f:77:68:1c:a2:fc:39:c6:50:
23:33:70:c7:ae:7f:38:40:b7:57:23:6f:52:0f:0f:ea:aa:f3:
62:a1:a1:5e:5e:b8:6a:54:a9:2c:2f:da:05:00:01:48:44:f4:
97:cb:6f:a7:45:4c:66:bc:34:b9:98:6a:2b:ca:35:d5:d6:ce:
e2:8c:e4:1a:cd:1d:0a:73:25:c2:3a:76:5a:61:82:34:1b:c8:
94:5e:31:46:97:a9:3e:58:23:32:d4:da:87:65:fd:d1:93:c0:
b7:6b:5b:01:17:8d:5e:40:0c:84:18:a5:df:c9:54:c5:ab:80:
8c:f8:23:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUm1pYP/V4IoDz8pnoRSgsoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE4MjAwNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjFjZjU4YmQ1YjExNmJjYTMwMTc4OGIxNmUyODllNmUxY2NiOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaOudtI1Q018TKAdM3nmrAFBp0zW
+JdDhhN34UyKxGmqsy+kQiBoeKN0Bfz7KI7MELmo5lflsaG8GPO7ubmqukg0iBdO
9eh44Xff9ZW1XbSms6aI9olOk7E2fNnNDXm0MNWLw8mpebCeOJj6+1ngipZOzcP9
JP1VSetM992Lyj9I+jV+7eqBMI+vZ3uPGD879ibr7ZOax2H5AWIjGbowbrFsBn2j
yCWoAWXQSxYmXiCg7NuCLqz3hmZBCB0ot17jZ4WePxPr1pprkMcRsgBAQKnRn0HB
FFvuw0y/sKjZvfHwlMbhVULp8ndpiGAR/tlztPdc/s4j3B1doeFpM34nRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOIc9YvVsRa8owF4ixbiiebhzLjmMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNGh6MWk5V3hGcnlqQVhpTEZ1S0o1dUhNdU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGm5EvsTfoQtG2xBHtJB
YjAr3xqqQS+pgDoIPAb6H34xGb8iZneN5Oi9FehVTG+5E0JCngxO8QgvLc1mjolQ
spFDZjDOJtXRsS49grrsGPHxfC/XyU4s31Ol5lQUmkTqZj0KxvpTWYVWIWfWODLf
x0A2/0HpzFvcPnG82+4eWnO2z8Y7DTxgal93aByi/DnGUCMzcMeufzhAt1cjb1IP
D+qq82KhoV5euGpUqSwv2gUAAUhE9JfLb6dFTGa8NLmYaivKNdXWzuKM5BrNHQpz
JcI6dlphgjQbyJReMUaXqT5YIzLU2odl/dGTwLdrWwEXjV5ADIQYpd/JVMWrgIz4
Iww=
-----END CERTIFICATE-----
Generated at Thu May 1 00:09:16 2025 by rpki-client