Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9C28dRveT_iIMtRKySsGQ_tq1Ss.roa
File: 9C28dRveT_iIMtRKySsGQ_tq1Ss.roa (raw, json)
Hash identifier: zugbmLgt5qC5xPwqDe9MbRcqbzvrQwkCHMejbClucx8=
Subject key identifier: F4:2D:BC:75:1B:DE:4F:F8:88:32:D4:4A:C9:2B:06:43:FB:6A:D5:2B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01820E70CE1819347287E3BDBD9DE1E56D1E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9C28dRveT_iIMtRKySsGQ_tq1Ss.roa
Signing time: Sun 17 Jul 2022 23:14:09 +0000
ROA not before: Sun 17 Jul 2022 23:14:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:0e:70:ce:18:19:34:72:87:e3:bd:bd:9d:e1:e5:6d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 17 23:14:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f42dbc751bde4ff88832d44ac92b0643fb6ad52b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:45:c9:1a:21:6e:5b:3f:73:4b:68:90:35:96:
73:fb:f9:ed:79:25:59:d9:fb:49:13:6a:d5:00:5d:
58:0e:31:25:2a:9b:99:f7:42:10:fe:51:0a:a0:3f:
9a:2d:3f:8b:cf:24:fc:e9:28:59:a1:02:6b:f6:1d:
a6:58:6d:31:04:cc:ae:32:7c:f3:4f:23:ba:61:1f:
90:51:25:45:d4:c5:bc:dc:a8:6b:66:15:ae:2e:a7:
40:32:e5:cc:2e:e5:0f:55:84:9e:d5:c5:ec:d4:fd:
52:d1:20:02:42:1c:56:17:d2:3d:ff:f4:18:3e:eb:
05:2d:38:7e:45:dc:8b:23:ef:88:cb:d1:c5:81:c7:
f0:20:07:4f:d9:0f:ae:fb:c0:72:07:f4:61:d1:83:
58:c4:2f:12:28:5c:56:ea:9b:00:02:84:a2:5d:03:
20:c0:4b:9e:44:63:e0:cf:c2:8a:f8:79:5d:8d:bd:
ff:e3:2f:4d:2e:b0:f2:40:fb:ff:b2:2d:df:b7:e8:
83:df:41:ce:41:99:73:d8:1f:a7:c6:7d:c5:f3:df:
f8:b9:d7:ed:2c:50:fb:5d:95:34:c5:e9:a0:fc:a4:
42:c4:20:ab:24:7f:6a:83:1e:b7:71:82:45:ba:12:
25:a2:3d:b3:47:5f:e2:c1:50:fe:d5:a8:f3:e9:74:
69:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:2D:BC:75:1B:DE:4F:F8:88:32:D4:4A:C9:2B:06:43:FB:6A:D5:2B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9C28dRveT_iIMtRKySsGQ_tq1Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:00:e0:ab:74:b3:5b:8e:86:76:e2:d4:eb:d9:16:dd:5c:85:
2e:8f:c8:a7:ff:1c:c2:d8:ec:da:12:7a:48:94:0b:e9:b5:e9:
29:21:db:21:78:48:d9:4f:d6:54:fc:3c:de:c2:af:37:93:0c:
4a:5c:dc:f7:36:f8:e0:03:3c:1f:7f:8d:39:fb:f6:79:d6:95:
6e:f7:24:f9:67:e7:81:de:99:ec:16:6f:07:45:c4:c1:ac:40:
90:49:0e:bf:ae:d6:de:70:67:12:76:75:a1:a9:03:b2:7e:de:
48:d7:16:fb:ad:71:b2:01:db:dd:1c:4d:af:a6:36:5e:d5:d1:
9e:0d:2b:30:48:1f:d9:f4:05:a2:fd:e6:d2:c4:cf:d6:16:34:
d6:9f:c4:24:7e:ff:6c:ff:94:f5:52:ab:f2:32:14:a7:02:01:
9d:69:9b:87:ac:db:ef:ed:da:c0:c9:7d:e8:57:e4:e8:18:34:
d5:fc:9e:1f:0a:da:7d:10:e6:34:79:62:67:73:52:fb:34:97:
c6:87:16:98:5c:d9:a5:07:27:70:3c:b0:7c:55:ba:2d:2d:00:
64:5d:51:1d:31:ef:c2:0d:3b:2d:c8:d5:6f:74:4f:70:3e:bf:
e7:d0:f7:4c:3c:4a:ab:a8:69:e9:e8:a2:8f:1a:60:08:ad:1f:
29:71:27:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYIOcM4YGTRyh+O9vZ3h5W0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzE3MjMxNDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDJkYmM3NTFiZGU0ZmY4ODgzMmQ0NGFjOTJiMDY0M2ZiNmFkNTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEXJGiFuWz9zS2iQNZZz+/nteSVZ
2ftJE2rVAF1YDjElKpuZ90IQ/lEKoD+aLT+LzyT86ShZoQJr9h2mWG0xBMyuMnzz
TyO6YR+QUSVF1MW83KhrZhWuLqdAMuXMLuUPVYSe1cXs1P1S0SACQhxWF9I9//QY
PusFLTh+RdyLI++Iy9HFgcfwIAdP2Q+u+8ByB/Rh0YNYxC8SKFxW6psAAoSiXQMg
wEueRGPgz8KK+Hldjb3/4y9NLrDyQPv/si3ft+iD30HOQZlz2B+nxn3F89/4udft
LFD7XZU0xemg/KRCxCCrJH9qgx63cYJFuhIloj2zR1/iwVD+1ajz6XRp3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPQtvHUb3k/4iDLUSskrBkP7atUrMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOUMyOGRSdmVUX2lJTXRSS3lTc0dRX3RxMVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKcA4Kt0s1uOhnbi1OvZ
Ft1chS6PyKf/HMLY7NoSekiUC+m16Skh2yF4SNlP1lT8PN7CrzeTDEpc3Pc2+OAD
PB9/jTn79nnWlW73JPln54HemewWbwdFxMGsQJBJDr+u1t5wZxJ2daGpA7J+3kjX
FvutcbIB290cTa+mNl7V0Z4NKzBIH9n0BaL95tLEz9YWNNafxCR+/2z/lPVSq/Iy
FKcCAZ1pm4es2+/t2sDJfehX5OgYNNX8nh8K2n0Q5jR5YmdzUvs0l8aHFphc2aUH
J3A8sHxVui0tAGRdUR0x78INOy3I1W90T3A+v+fQ90w8Squoaenooo8aYAitHylx
Jws=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:39:10 2025 by rpki-client