Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4pTwUl4DERitlbh38iCPSDLuLCc.roa
File: 4pTwUl4DERitlbh38iCPSDLuLCc.roa (raw, json)
Hash identifier: 9LJJA2BQa4JOgvME9ixd44jmhGEhmn2vZhAFJpDceho=
Subject key identifier: E2:94:F0:52:5E:03:11:18:AD:95:B8:77:F2:20:8F:48:32:EE:2C:27
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184A8EA9344182B29D7CDAC255054CD2D72
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4pTwUl4DERitlbh38iCPSDLuLCc.roa
Signing time: Thu 24 Nov 2022 09:14:16 +0000
ROA not before: Thu 24 Nov 2022 09:14:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:9f03:9814/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a8:ea:93:44:18:2b:29:d7:cd:ac:25:50:54:cd:2d:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 24 09:14:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e294f0525e031118ad95b877f2208f4832ee2c27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:be:e8:69:65:ad:04:01:22:a3:88:60:5d:79:
1e:ae:9b:ab:de:db:48:77:5f:15:19:d9:08:16:95:
06:5b:06:dd:81:e4:47:0e:e4:95:c6:80:3b:d9:53:
fd:81:dc:0d:9e:fc:fe:1f:f3:f4:ff:8d:61:d8:fc:
e7:45:5c:83:04:fe:13:5f:d7:c0:7d:d6:a3:fb:48:
88:64:07:b9:93:ee:e6:b4:6d:97:50:c0:41:0c:ec:
13:25:46:6e:34:ec:f5:82:ce:11:88:02:6b:e9:3f:
fe:47:61:ed:ed:6d:5c:ed:11:05:17:6c:9a:48:91:
50:b3:d6:05:f6:bf:7d:44:ca:46:46:5f:66:de:17:
c9:70:d8:8b:20:ba:98:a6:e3:15:22:ad:3e:6a:fa:
2c:66:ba:a6:f1:fc:6b:f8:81:51:f0:61:ab:8f:e0:
6c:f0:5b:6f:5e:eb:a3:4e:cf:22:89:29:07:62:07:
7b:e7:ab:55:c8:7f:67:f2:e2:5f:c5:5b:66:ed:d0:
71:aa:86:f8:0b:fd:b6:eb:18:7c:7c:f1:7c:f8:07:
cf:51:8d:b6:30:4f:3b:37:08:0e:20:0c:d8:d5:e4:
3f:a9:22:78:e5:2a:ed:25:2c:d0:3e:10:f9:31:e4:
a4:7c:29:6a:ba:18:00:ff:d2:44:60:3d:a8:83:00:
2e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:94:F0:52:5E:03:11:18:AD:95:B8:77:F2:20:8F:48:32:EE:2C:27
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/4pTwUl4DERitlbh38iCPSDLuLCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:e1:05:f3:59:d3:5c:b1:13:6b:f6:05:a4:9c:f7:58:e7:f2:
19:51:41:2a:63:6c:8d:d6:35:f1:29:3f:8b:3b:a8:65:ab:4e:
95:88:26:19:c7:ce:9f:8e:a3:5f:df:a4:84:8a:86:31:ef:bf:
5f:7e:18:71:1b:fb:e7:b5:e1:32:3f:3c:88:7b:45:bd:84:ea:
77:29:e2:f3:7c:94:bd:d1:36:7d:94:e9:5b:0b:40:95:f9:33:
37:4d:b9:51:ef:4a:a9:1f:9d:da:5c:36:d9:a7:ed:b6:1c:51:
31:83:93:d6:5f:e9:80:24:68:d0:be:fb:b7:eb:f8:9e:94:ad:
02:2e:93:9a:88:14:86:5b:9c:9d:67:66:f6:e4:ab:bc:97:93:
65:ee:28:26:34:0b:33:ab:59:ce:fe:09:19:45:96:da:43:4e:
46:c7:55:86:7a:ad:cc:8b:dc:fe:fa:ec:1d:cb:4d:b0:28:6b:
fd:98:81:44:f7:5c:fa:86:55:eb:b6:4e:c1:bf:a9:63:35:5a:
8b:e2:36:bd:93:1f:a9:be:51:55:aa:dc:ad:57:24:56:39:5f:
d3:6e:7c:52:12:37:43:0f:eb:b3:ce:84:89:ad:07:7a:96:24:
ee:61:d8:42:e5:cf:42:9f:ad:3d:7f:19:2e:59:a7:4d:70:9c:
e1:a4:72:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYSo6pNEGCsp182sJVBUzS1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTI0MDkxNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjk0ZjA1MjVlMDMxMTE4YWQ5NWI4NzdmMjIwOGY0ODMyZWUyYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp77oaWWtBAEio4hgXXkerpur3ttI
d18VGdkIFpUGWwbdgeRHDuSVxoA72VP9gdwNnvz+H/P0/41h2PznRVyDBP4TX9fA
fdaj+0iIZAe5k+7mtG2XUMBBDOwTJUZuNOz1gs4RiAJr6T/+R2Ht7W1c7REFF2ya
SJFQs9YF9r99RMpGRl9m3hfJcNiLILqYpuMVIq0+avosZrqm8fxr+IFR8GGrj+Bs
8FtvXuujTs8iiSkHYgd756tVyH9n8uJfxVtm7dBxqob4C/226xh8fPF8+AfPUY22
ME87NwgOIAzY1eQ/qSJ45SrtJSzQPhD5MeSkfClquhgA/9JEYD2ogwAukwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOKU8FJeAxEYrZW4d/Igj0gy7iwnMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNHBUd1VsNERFUml0bGJoMzhpQ1BTREx1TENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABPhBfNZ01yxE2v2BaSc
91jn8hlRQSpjbI3WNfEpP4s7qGWrTpWIJhnHzp+Oo1/fpISKhjHvv19+GHEb++e1
4TI/PIh7Rb2E6ncp4vN8lL3RNn2U6VsLQJX5MzdNuVHvSqkfndpcNtmn7bYcUTGD
k9Zf6YAkaNC++7fr+J6UrQIuk5qIFIZbnJ1nZvbkq7yXk2XuKCY0CzOrWc7+CRlF
ltpDTkbHVYZ6rcyL3P767B3LTbAoa/2YgUT3XPqGVeu2TsG/qWM1WoviNr2TH6m+
UVWq3K1XJFY5X9NufFISN0MP67POhImtB3qWJO5h2ELlz0KfrT1/GS5Zp01wnOGk
cic=
-----END CERTIFICATE-----
Generated at Thu May 1 00:09:37 2025 by rpki-client