Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/A2dPAuKU5h0eM1uO0FHr0MUU7Qg.roa
File: A2dPAuKU5h0eM1uO0FHr0MUU7Qg.roa (raw, json)
Hash identifier: jV5SIwkMnCw0/vrGSQY1X8Cw4sLCp3XTTsxNXwhxTjI=
Subject key identifier: 03:67:4F:02:E2:94:E6:1D:1E:33:5B:8E:D0:51:EB:D0:C5:14:ED:08
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185432D5304B932493A5D5578173FC1E15B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/A2dPAuKU5h0eM1uO0FHr0MUU7Qg.roa
Signing time: Sat 24 Dec 2022 08:08:41 +0000
ROA not before: Sat 24 Dec 2022 08:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:43:2d:53:04:b9:32:49:3a:5d:55:78:17:3f:c1:e1:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 24 08:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03674f02e294e61d1e335b8ed051ebd0c514ed08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:94:1d:a1:ee:3d:6b:e7:dd:0e:8e:23:de:a0:
4a:74:57:fb:c6:ce:d3:80:d3:a3:9c:d7:d0:d8:3d:
b6:54:3a:d3:95:6a:ce:ff:e3:23:fe:f9:d1:ad:b1:
b9:53:13:f3:e3:c1:db:43:59:2a:c3:71:5d:d0:f7:
f7:be:e7:c9:d4:fa:ff:4e:d2:c2:15:d3:20:f4:5d:
3c:6e:41:af:ae:bf:06:da:0a:75:86:6f:c9:70:22:
6a:03:b2:2e:66:79:89:0c:12:c3:c3:e5:8e:73:47:
ab:59:f6:13:fd:dd:68:5c:6a:33:43:8c:0d:8b:b6:
ff:ce:39:06:fc:04:d3:bf:5a:61:34:20:ab:9b:c6:
cb:7f:08:54:c1:a6:c1:3a:e3:70:de:8d:cc:be:a3:
26:7a:21:68:b2:4a:5c:7b:54:36:68:28:9b:c1:83:
5e:d7:c6:c8:11:c7:f9:bf:8b:29:d2:c8:f3:79:43:
d4:98:e6:15:8d:05:75:21:77:56:89:d2:a7:3b:62:
6f:4f:df:fd:b5:11:69:29:60:30:1f:a8:c5:9a:fa:
3c:4a:02:5d:6d:55:e6:d4:c2:c4:e5:21:43:0d:bb:
8d:e8:96:a9:b6:bf:b6:1b:3a:cd:27:ce:40:e0:02:
f9:72:37:68:25:fd:2e:8a:94:72:17:b2:c1:f1:e1:
3f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:67:4F:02:E2:94:E6:1D:1E:33:5B:8E:D0:51:EB:D0:C5:14:ED:08
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/A2dPAuKU5h0eM1uO0FHr0MUU7Qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b3:3b:34:5f:ef:ef:6e:d2:1b:cc:ba:44:2a:b4:98:22:6a:aa:
f9:05:eb:ee:24:51:71:c1:3d:74:d0:3b:13:61:bf:e7:9b:0b:
76:0f:57:e7:c1:f8:52:28:0e:b2:c8:8d:fc:c5:f6:db:cb:4b:
0b:db:26:5c:b1:25:be:26:40:2d:91:e6:7d:e6:d5:2e:63:c2:
c3:d5:f6:d8:1a:60:20:43:e7:af:85:18:9f:12:5a:0a:8b:36:
d2:34:c6:52:f2:c9:8b:df:3a:06:48:12:cc:a4:b0:43:62:ec:
31:7c:bd:3e:4c:66:44:05:c5:08:41:60:14:91:c2:e6:1c:09:
98:a2:ca:f7:24:f7:c0:60:ec:a6:62:df:2b:2c:ed:e1:71:58:
d9:73:9a:ff:d7:0a:4a:41:3f:8a:48:5f:16:9f:a4:78:ee:49:
ee:70:57:6a:9c:37:83:9f:99:d9:06:55:b3:60:3b:a7:81:c0:
9f:10:b7:a1:b0:52:85:d9:6e:9f:f6:24:9f:2d:ed:c0:e0:d8:
99:40:90:4d:4d:20:09:20:b0:6f:1a:48:93:4f:4b:6d:38:09:
6d:47:6c:e9:c0:0c:40:39:30:52:e9:01:63:d7:0d:23:0a:b4:
62:18:00:ac:2e:70:9e:b5:59:d2:85:30:b4:1e:73:35:13:a0:
fa:06:13:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVDLVMEuTJJOl1VeBc/weFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI0MDgwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzY3NGYwMmUyOTRlNjFkMWUzMzViOGVkMDUxZWJkMGM1MTRlZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZQdoe49a+fdDo4j3qBKdFf7xs7T
gNOjnNfQ2D22VDrTlWrO/+Mj/vnRrbG5UxPz48HbQ1kqw3Fd0Pf3vufJ1Pr/TtLC
FdMg9F08bkGvrr8G2gp1hm/JcCJqA7IuZnmJDBLDw+WOc0erWfYT/d1oXGozQ4wN
i7b/zjkG/ATTv1phNCCrm8bLfwhUwabBOuNw3o3MvqMmeiFoskpce1Q2aCibwYNe
18bIEcf5v4sp0sjzeUPUmOYVjQV1IXdWidKnO2JvT9/9tRFpKWAwH6jFmvo8SgJd
bVXm1MLE5SFDDbuN6Japtr+2GzrNJ85A4AL5cjdoJf0uipRyF7LB8eE/mQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFANnTwLilOYdHjNbjtBR69DFFO0IMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQTJkUEF1S1U1aDBlTTF1TzBGSHIwTVVVN1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALM7NF/v727SG8y6RCq0
mCJqqvkF6+4kUXHBPXTQOxNhv+ebC3YPV+fB+FIoDrLIjfzF9tvLSwvbJlyxJb4m
QC2R5n3m1S5jwsPV9tgaYCBD56+FGJ8SWgqLNtI0xlLyyYvfOgZIEsyksENi7DF8
vT5MZkQFxQhBYBSRwuYcCZiiyvck98Bg7KZi3yss7eFxWNlzmv/XCkpBP4pIXxaf
pHjuSe5wV2qcN4OfmdkGVbNgO6eBwJ8Qt6GwUoXZbp/2JJ8t7cDg2JlAkE1NIAkg
sG8aSJNPS204CW1HbOnADEA5MFLpAWPXDSMKtGIYAKwucJ61WdKFMLQeczUToPoG
EyU=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:40:43 2025 by rpki-client