Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/67InXd4j0pgOu1jWOyH8_S7JgnU.roa
File: 67InXd4j0pgOu1jWOyH8_S7JgnU.roa (raw, json)
Hash identifier: xckunsIQQtGeB0oQmQNcKMYGxoermoqo5tT1nj1al7M=
Subject key identifier: EB:B2:27:5D:DE:23:D2:98:0E:BB:58:D6:3B:21:FC:FD:2E:C9:82:75
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183E1C4E1E40F4A04DA0F6ECA1278D71A97
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/67InXd4j0pgOu1jWOyH8_S7JgnU.roa
Signing time: Sun 16 Oct 2022 17:08:39 +0000
ROA not before: Sun 16 Oct 2022 17:08:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:e1c0:ee2b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e1:c4:e1:e4:0f:4a:04:da:0f:6e:ca:12:78:d7:1a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 16 17:08:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ebb2275dde23d2980ebb58d63b21fcfd2ec98275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:77:05:f7:8c:b0:03:99:69:bc:ce:d2:20:67:
d5:5d:47:42:d4:e8:84:e7:e1:e6:fc:a9:f2:5d:ca:
a1:cd:34:98:3b:d0:80:5d:d1:3a:9f:cb:29:e8:48:
31:61:b9:9e:40:c0:b0:6a:32:24:5d:19:20:d1:3c:
b8:ab:fc:e2:21:26:f0:c5:3f:b7:69:59:6f:b5:06:
52:ee:8e:a1:b6:20:b3:25:63:3d:91:c0:5f:03:c8:
8f:ee:33:12:10:74:4d:49:2b:76:3a:2d:77:fd:2c:
c6:a6:fc:5d:4c:d2:1a:55:46:d4:37:c6:66:2a:6d:
e0:de:e8:f5:7e:ee:b8:df:61:af:0b:d6:ed:e6:69:
38:46:ca:46:c0:a9:65:4d:57:8c:a0:4b:2f:d8:89:
b5:67:74:ae:ae:29:e0:19:5a:8f:fd:9f:25:d2:2d:
0f:1c:3b:b9:00:9e:4d:0f:96:72:95:b8:eb:b2:d7:
70:b1:a7:f8:b6:57:3c:4b:d7:b3:31:55:09:58:c8:
45:2c:90:40:8a:1d:dd:1b:e2:f9:70:b2:e8:7d:ba:
5e:61:31:84:64:b0:5a:05:f3:79:b6:28:1c:ac:cc:
4b:bc:90:a4:91:5b:ef:02:19:6c:82:d2:68:b8:d1:
3f:ea:30:38:c2:20:0a:86:10:a5:c4:1d:9f:2e:c1:
1f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B2:27:5D:DE:23:D2:98:0E:BB:58:D6:3B:21:FC:FD:2E:C9:82:75
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/67InXd4j0pgOu1jWOyH8_S7JgnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b4:02:5b:a3:ad:30:19:db:25:c9:44:24:91:32:1b:a5:35:52:
6c:ae:56:df:05:13:92:74:2a:5a:29:96:f6:0b:4e:66:a9:ba:
02:b9:d6:7d:e7:e7:2b:79:fa:cd:70:a7:54:a6:06:15:3d:a6:
f5:d4:33:3f:d4:94:3e:a0:6c:fb:9f:30:fa:46:92:2e:85:2c:
71:e3:ec:36:40:14:8d:f9:a2:53:5a:ae:40:da:9b:5e:25:ff:
62:2d:92:89:1f:07:13:2f:d8:19:05:23:d1:b0:17:7b:b2:45:
d3:da:97:fd:22:e8:5c:c3:c1:44:c4:df:58:f9:ac:fb:3c:f0:
67:6d:de:59:02:e3:84:7f:90:ac:a2:ab:54:84:d4:20:a1:3d:
17:03:25:5b:67:a3:fc:e9:4e:0f:94:aa:3c:85:ad:e9:f9:10:
bf:2f:3c:28:01:36:10:7f:f4:bb:3c:83:27:b6:f0:db:ba:de:
ed:07:12:5a:71:17:91:10:a1:37:77:b0:8f:1f:ca:0b:0b:ea:
bf:38:03:30:14:a4:9a:68:e7:d0:e7:5f:e4:12:6c:e4:0e:4e:
53:d3:bf:7d:b1:6b:02:67:c0:0a:d8:47:f3:3e:35:fc:03:13:
ef:a9:51:df:40:53:dc:5c:96:ee:76:c0:95:4f:38:25:a1:f6:
d5:d8:57:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYPhxOHkD0oE2g9uyhJ41xqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDE2MTcwODM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmIyMjc1ZGRlMjNkMjk4MGViYjU4ZDYzYjIxZmNmZDJlYzk4Mjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqncF94ywA5lpvM7SIGfVXUdC1OiE
5+Hm/KnyXcqhzTSYO9CAXdE6n8sp6EgxYbmeQMCwajIkXRkg0Ty4q/ziISbwxT+3
aVlvtQZS7o6htiCzJWM9kcBfA8iP7jMSEHRNSSt2Oi13/SzGpvxdTNIaVUbUN8Zm
Km3g3uj1fu6432GvC9bt5mk4RspGwKllTVeMoEsv2Im1Z3SuringGVqP/Z8l0i0P
HDu5AJ5ND5Zylbjrstdwsaf4tlc8S9ezMVUJWMhFLJBAih3dG+L5cLLofbpeYTGE
ZLBaBfN5tigcrMxLvJCkkVvvAhlsgtJouNE/6jA4wiAKhhClxB2fLsEfQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOuyJ13eI9KYDrtY1jsh/P0uyYJ1MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvNjdJblhkNGowcGdPdTFqV095SDhfUzdKZ25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALQCW6OtMBnbJclEJJEy
G6U1UmyuVt8FE5J0KloplvYLTmapugK51n3n5yt5+s1wp1SmBhU9pvXUMz/UlD6g
bPufMPpGki6FLHHj7DZAFI35olNarkDam14l/2ItkokfBxMv2BkFI9GwF3uyRdPa
l/0i6FzDwUTE31j5rPs88Gdt3lkC44R/kKyiq1SE1CChPRcDJVtno/zpTg+UqjyF
ren5EL8vPCgBNhB/9Ls8gye28Nu63u0HElpxF5EQoTd3sI8fygsL6r84AzAUpJpo
59DnX+QSbOQOTlPTv32xawJnwArYR/M+NfwDE++pUd9AU9xclu52wJVPOCWh9tXY
V/I=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:34:54 2025 by rpki-client