Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4kINBtfJQDYLd0saAv8mYNLRmTw.roa
File: 4kINBtfJQDYLd0saAv8mYNLRmTw.roa (raw, json)
Hash identifier: ZlDJD/GAy1WgaMjk03otfS+TGidNxU23mfGQt85pVw4=
Subject key identifier: E2:42:0D:06:D7:C9:40:36:0B:77:4B:1A:02:FF:26:60:D2:D1:99:3C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018370ED61786D89325D713ECA53CD3A6F12
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4kINBtfJQDYLd0saAv8mYNLRmTw.roa
Signing time: Sat 24 Sep 2022 19:15:48 +0000
ROA not before: Sat 24 Sep 2022 19:15:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:50b3:5643/128 maxlen: 128
2001:67c:64:ffff:0:183:5f81:ab13/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:70:ed:61:78:6d:89:32:5d:71:3e:ca:53:cd:3a:6f:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 24 19:15:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2420d06d7c940360b774b1a02ff2660d2d1993c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:88:1d:f3:64:a1:6c:9e:a9:6e:5a:a1:70:2d:
81:a9:69:09:f5:ae:a9:04:62:11:ce:00:5d:80:4e:
6b:3b:9a:8a:01:c0:2f:9c:fe:50:07:38:20:32:eb:
61:fb:d8:26:37:e0:75:2c:72:12:3a:a1:97:45:95:
e8:57:cd:62:a0:b8:09:7e:3b:5b:05:f3:12:a8:49:
d2:88:a9:36:dd:02:a9:d6:87:ef:19:19:67:8a:0a:
7c:e4:6b:c0:53:96:9c:54:8e:7b:ab:f5:01:84:0c:
8c:c9:0a:41:fd:a6:8a:c3:6f:08:f7:e7:66:2e:9a:
78:e2:ad:ed:fc:e6:d4:c9:9a:18:0d:1c:6a:4a:84:
02:37:12:02:28:9c:d7:52:17:e0:4d:38:45:08:02:
59:5e:e5:3a:46:f5:87:25:0c:f9:5e:8a:65:be:fe:
29:5f:2d:41:94:8f:85:fe:5f:7e:3d:86:9b:4d:09:
6f:38:d8:c5:f8:92:8f:7b:7e:8e:10:0e:78:07:b1:
15:8c:c7:ff:40:f7:bd:f9:1f:7b:46:f7:0f:ff:11:
99:61:a4:cf:ff:81:66:5e:fb:63:54:10:29:ef:30:
ec:99:b7:32:8f:5c:f6:02:a2:be:64:0e:33:30:aa:
2b:ba:b5:c9:35:d3:2d:78:05:21:d0:a7:ad:e4:cc:
a9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:42:0D:06:D7:C9:40:36:0B:77:4B:1A:02:FF:26:60:D2:D1:99:3C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4kINBtfJQDYLd0saAv8mYNLRmTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
11:2c:b5:ef:5e:a4:32:7a:49:80:ec:99:0f:ee:4a:0a:38:a4:
5b:3b:77:2f:f6:ab:23:07:dd:eb:14:ea:a1:a5:50:08:df:bf:
fb:78:c2:21:93:40:55:fe:34:7e:35:52:7e:e1:5d:2f:1b:78:
0d:eb:fe:1b:02:ea:58:b2:0b:10:89:b4:6d:23:c1:44:4f:8b:
20:84:92:0f:4b:af:70:fc:fe:aa:bf:1f:5c:7f:b3:73:f7:72:
08:95:c6:31:f0:2a:c3:39:1e:98:7c:60:c2:f8:5c:23:87:39:
50:98:a6:e2:12:28:72:d3:8d:d1:0f:f5:f0:0a:e0:05:41:be:
65:87:8b:20:88:7d:7a:33:9d:ba:a6:2f:26:64:26:b9:da:aa:
3a:36:b5:f8:98:e0:91:bd:61:71:d0:b7:b1:88:92:8d:12:8a:
6e:20:a4:ab:0a:b0:b5:28:a9:c0:4b:88:b2:d2:30:58:7e:78:
51:de:6b:6b:d5:61:22:f2:f5:95:3b:c3:25:91:10:14:27:b3:
da:16:f7:47:0a:2d:91:3f:cf:cc:1b:48:1b:a6:ef:88:99:00:
7b:4b:8b:62:8f:0b:49:c7:65:07:0b:a9:e9:fc:22:56:ed:f0:
67:63:cf:bb:00:f0:2e:85:ea:7e:61:c1:56:37:1a:32:81:7f:
52:30:20:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYNw7WF4bYkyXXE+ylPNOm8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTI0MTkxNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjQyMGQwNmQ3Yzk0MDM2MGI3NzRiMWEwMmZmMjY2MGQyZDE5OTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIgd82ShbJ6pblqhcC2BqWkJ9a6p
BGIRzgBdgE5rO5qKAcAvnP5QBzggMuth+9gmN+B1LHISOqGXRZXoV81ioLgJfjtb
BfMSqEnSiKk23QKp1ofvGRlnigp85GvAU5acVI57q/UBhAyMyQpB/aaKw28I9+dm
Lpp44q3t/ObUyZoYDRxqSoQCNxICKJzXUhfgTThFCAJZXuU6RvWHJQz5Xoplvv4p
Xy1BlI+F/l9+PYabTQlvONjF+JKPe36OEA54B7EVjMf/QPe9+R97RvcP/xGZYaTP
/4FmXvtjVBAp7zDsmbcyj1z2AqK+ZA4zMKorurXJNdMteAUh0Ket5MypfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOJCDQbXyUA2C3dLGgL/JmDS0Zk8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNGtJTkJ0ZkpRRFlMZDBzYUF2OG1ZTkxSbVR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABEste9epDJ6SYDsmQ/u
Sgo4pFs7dy/2qyMH3esU6qGlUAjfv/t4wiGTQFX+NH41Un7hXS8beA3r/hsC6liy
CxCJtG0jwURPiyCEkg9Lr3D8/qq/H1x/s3P3cgiVxjHwKsM5Hph8YML4XCOHOVCY
puISKHLTjdEP9fAK4AVBvmWHiyCIfXoznbqmLyZkJrnaqjo2tfiY4JG9YXHQt7GI
ko0Sim4gpKsKsLUoqcBLiLLSMFh+eFHea2vVYSLy9ZU7wyWREBQns9oW90cKLZE/
z8wbSBum74iZAHtLi2KPC0nHZQcLqen8Ilbt8Gdjz7sA8C6F6n5hwVY3GjKBf1Iw
IBo=
-----END CERTIFICATE-----
Generated at Thu May 1 18:44:48 2025 by rpki-client