Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9K1I17L4E34wSa-erURTtEaiQJA.roa
File: 9K1I17L4E34wSa-erURTtEaiQJA.roa (raw, json)
Hash identifier: B4bs/i7DsaWA2WIDAe+aiAKcZb5ai0eKYRuaPIfpsEU=
Subject key identifier: F4:AD:48:D7:B2:F8:13:7E:30:49:AF:9E:AD:44:53:B4:46:A2:40:90
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018401BFB7F9A562FA1424BC67F7F1F222B1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9K1I17L4E34wSa-erURTtEaiQJA.roa
Signing time: Sat 22 Oct 2022 22:10:52 +0000
ROA not before: Sat 22 Oct 2022 22:10:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:01:bf:b7:f9:a5:62:fa:14:24:bc:67:f7:f1:f2:22:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 22 22:10:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4ad48d7b2f8137e3049af9ead4453b446a24090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:cb:09:05:29:38:68:99:b7:c1:a9:ca:a6:b0:
52:60:77:c2:19:22:d2:1b:64:a1:4e:28:fb:73:09:
1d:f6:68:27:ea:84:1e:60:f9:a5:71:2d:bb:ae:94:
2b:c7:ca:02:68:c3:67:58:93:62:47:9f:43:a8:cd:
82:40:e3:d3:4b:e4:ac:6e:23:d4:5d:84:6d:74:c1:
d5:9b:37:0a:cd:93:63:e2:00:ae:81:ca:39:02:5c:
cb:16:23:17:5e:41:24:14:89:41:85:ad:7c:a6:a2:
9a:17:0f:15:d5:c7:3c:55:a0:cd:0f:05:ef:37:9a:
b2:06:87:6f:e5:3f:12:9b:58:e6:79:38:b6:6e:58:
c6:81:a2:8c:ec:ed:e8:5d:00:f2:90:f2:e6:3f:44:
2d:10:27:de:40:c6:b5:53:9f:24:a4:2f:aa:ee:dc:
2d:f2:55:27:9d:dc:b3:17:3a:9f:10:ec:f4:94:cf:
25:09:71:89:10:13:da:5a:cb:d5:5e:c3:47:3b:a8:
2e:32:cc:63:12:2d:9c:70:ab:f7:ba:4d:18:6e:27:
24:31:11:63:51:16:cf:c1:ea:b1:73:71:97:e8:68:
3e:35:25:fb:ef:fb:e3:29:0b:ec:a0:57:ac:cd:cd:
84:a8:9d:50:f9:6a:bc:93:e0:c4:de:3e:e9:54:d1:
6c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AD:48:D7:B2:F8:13:7E:30:49:AF:9E:AD:44:53:B4:46:A2:40:90
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/9K1I17L4E34wSa-erURTtEaiQJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:ae:b7:e0:3e:05:f1:2f:d4:39:aa:18:43:93:c8:44:61:e0:
dc:b6:8b:61:50:34:bc:e1:9f:5c:93:f2:c3:c4:e7:05:50:6a:
35:06:ef:e3:17:0c:82:04:51:f2:45:9e:c7:3a:28:fa:1d:18:
fd:27:58:20:46:67:04:11:65:11:8d:17:81:56:87:b0:9d:e5:
27:ec:31:3e:15:b0:ab:a2:96:da:65:02:4e:47:34:84:cb:98:
d8:bd:14:9c:0e:65:6f:9e:da:f1:b8:10:50:34:9a:e8:1c:a2:
6b:b3:0c:2c:e3:11:32:d8:52:8e:1f:58:9f:49:7d:46:c8:30:
c1:38:a7:fe:08:de:9c:5a:ad:a6:8d:ba:70:36:9c:26:92:2c:
2a:a2:d2:f6:42:9c:8e:4d:ab:3d:f2:93:7a:5e:3f:c5:7c:ce:
6e:9e:38:85:c0:96:44:ec:6f:54:02:d6:07:22:c4:5c:c2:4c:
92:7b:40:af:0f:0d:ec:ce:1a:b7:a8:2d:b9:2d:99:c2:f7:0b:
d4:bb:98:88:1d:5f:cd:65:3d:c6:12:ed:f3:fe:33:d6:2a:e8:
ca:a1:9c:e1:89:a6:4d:09:fa:2f:19:ab:85:4c:c0:a6:ca:45:
d5:61:bd:87:71:97:25:5e:81:2b:e4:f0:50:08:74:0b:4f:c2:
da:99:be:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQBv7f5pWL6FCS8Z/fx8iKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDIyMjIxMDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFkNDhkN2IyZjgxMzdlMzA0OWFmOWVhZDQ0NTNiNDQ2YTI0MDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8sJBSk4aJm3wanKprBSYHfCGSLS
G2ShTij7cwkd9mgn6oQeYPmlcS27rpQrx8oCaMNnWJNiR59DqM2CQOPTS+SsbiPU
XYRtdMHVmzcKzZNj4gCugco5AlzLFiMXXkEkFIlBha18pqKaFw8V1cc8VaDNDwXv
N5qyBodv5T8Sm1jmeTi2bljGgaKM7O3oXQDykPLmP0QtECfeQMa1U58kpC+q7twt
8lUnndyzFzqfEOz0lM8lCXGJEBPaWsvVXsNHO6guMsxjEi2ccKv3uk0YbickMRFj
URbPweqxc3GX6Gg+NSX77/vjKQvsoFeszc2EqJ1Q+Wq8k+DE3j7pVNFsqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPStSNey+BN+MEmvnq1EU7RGokCQMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvOUsxSTE3TDRFMzR3U2EtZXJVUlR0RWFpUUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHyut+A+BfEv1DmqGEOT
yERh4Ny2i2FQNLzhn1yT8sPE5wVQajUG7+MXDIIEUfJFnsc6KPodGP0nWCBGZwQR
ZRGNF4FWh7Cd5SfsMT4VsKuiltplAk5HNITLmNi9FJwOZW+e2vG4EFA0mugcomuz
DCzjETLYUo4fWJ9JfUbIMME4p/4I3pxaraaNunA2nCaSLCqi0vZCnI5Nqz3yk3pe
P8V8zm6eOIXAlkTsb1QC1gcixFzCTJJ7QK8PDezOGreoLbktmcL3C9S7mIgdX81l
PcYS7fP+M9Yq6MqhnOGJpk0J+i8Zq4VMwKbKRdVhvYdxlyVegSvk8FAIdAtPwtqZ
vkQ=
-----END CERTIFICATE-----
Generated at Sun May 4 02:36:02 2025 by rpki-client