Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ANmr9y6kW_z3pDvxPi6DFnRcmBw.roa
File: ANmr9y6kW_z3pDvxPi6DFnRcmBw.roa (raw, json)
Hash identifier: eXdlRVytp/2QaL71NAFAJSr4LqSgN+imXD+xquzmNew=
Subject key identifier: 00:D9:AB:F7:2E:A4:5B:FC:F7:A4:3B:F1:3E:2E:83:16:74:5C:98:1C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182D10EF994EAAECAC4FA36C5217F25CE04
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ANmr9y6kW_z3pDvxPi6DFnRcmBw.roa
Signing time: Wed 24 Aug 2022 18:13:15 +0000
ROA not before: Wed 24 Aug 2022 18:13:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d1:0e:f9:94:ea:ae:ca:c4:fa:36:c5:21:7f:25:ce:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 24 18:13:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00d9abf72ea45bfcf7a43bf13e2e8316745c981c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e7:40:7e:76:ce:2a:78:6e:ef:11:85:a5:6d:
71:77:d5:ba:f2:a2:1e:71:1c:20:06:c4:56:c7:b3:
05:cd:4c:f3:1d:d1:9e:bf:64:68:3a:b7:92:76:7e:
cc:1c:97:e4:ea:0b:8f:35:fe:aa:39:d6:30:d9:36:
7d:08:d2:2d:56:a3:fc:7c:1c:8a:ff:4f:73:0e:3d:
07:02:89:98:0e:6b:ae:d5:48:a2:19:9b:36:99:6e:
c8:bc:aa:de:4e:27:7c:88:44:d3:56:f3:c2:ed:c3:
ea:6b:8b:ee:92:61:5a:1e:33:2f:74:2a:f0:f5:28:
cf:8c:e4:3a:92:b1:8c:4f:49:74:5b:00:db:d1:a6:
e9:23:9a:30:db:27:fd:d5:39:37:6b:59:6c:fb:78:
05:71:f7:ca:cc:09:03:8b:80:e1:5f:c5:2e:a9:5c:
ad:1d:7e:e8:b8:87:e9:8f:61:0e:d7:6c:57:4c:8e:
20:82:72:7e:8e:c5:02:7b:7c:78:e6:73:6b:a3:91:
83:16:2c:8f:ff:3a:d4:9d:e9:5a:7d:5d:a7:7d:52:
bb:94:db:c6:a3:2b:dc:f0:a9:0e:30:8f:d8:1b:8d:
70:26:9f:ab:75:d2:e5:a7:41:6c:4a:cb:8b:3c:ea:
13:00:64:ee:b0:62:0a:61:30:a3:02:d0:aa:73:f2:
0e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:D9:AB:F7:2E:A4:5B:FC:F7:A4:3B:F1:3E:2E:83:16:74:5C:98:1C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ANmr9y6kW_z3pDvxPi6DFnRcmBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7a:d5:0f:7a:1b:4e:d4:ad:7f:d2:b8:18:3e:36:e9:e6:e1:39:
12:5e:32:c2:94:74:84:71:57:61:f1:31:1b:41:4f:00:21:48:
b9:c3:cf:36:72:ec:80:96:f6:34:1c:9f:36:83:f5:31:31:0b:
8c:52:7a:2a:97:1a:3b:b9:a4:e9:3c:69:50:51:38:b4:d3:73:
b9:e7:69:aa:33:bc:e8:81:f5:cf:9c:af:8b:f6:e5:bf:ee:4e:
8a:cd:19:02:f3:19:36:0b:ac:3e:54:74:7b:07:78:73:7e:3a:
93:31:a0:e6:de:32:84:e1:e2:20:d4:01:ef:33:6f:81:97:f1:
da:f1:f0:c1:00:71:c8:ef:12:0d:d5:f0:c2:e2:5e:0b:fc:e9:
c3:1d:4c:2b:7b:bd:f7:66:fd:72:07:27:8e:04:16:dd:fd:83:
52:95:12:fd:d5:fc:0d:71:00:b1:51:04:70:fa:59:e3:93:1f:
87:96:30:58:e9:cf:8f:d7:ce:bb:d6:58:8d:30:45:45:93:2f:
17:58:0a:36:85:70:2d:2e:14:37:f0:98:18:43:02:9c:32:da:
ab:96:14:62:49:20:9d:01:5b:91:a0:ce:9e:97:64:4c:4e:0f:
39:fb:8a:c8:84:13:68:9e:e9:88:21:74:46:fb:43:51:59:bb:
e9:af:b4:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYLRDvmU6q7KxPo2xSF/Jc4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODI0MTgxMzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGQ5YWJmNzJlYTQ1YmZjZjdhNDNiZjEzZTJlODMxNjc0NWM5ODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOdAfnbOKnhu7xGFpW1xd9W68qIe
cRwgBsRWx7MFzUzzHdGev2RoOreSdn7MHJfk6guPNf6qOdYw2TZ9CNItVqP8fByK
/09zDj0HAomYDmuu1UiiGZs2mW7IvKreTid8iETTVvPC7cPqa4vukmFaHjMvdCrw
9SjPjOQ6krGMT0l0WwDb0abpI5ow2yf91Tk3a1ls+3gFcffKzAkDi4DhX8UuqVyt
HX7ouIfpj2EO12xXTI4ggnJ+jsUCe3x45nNro5GDFiyP/zrUnelafV2nfVK7lNvG
oyvc8KkOMI/YG41wJp+rddLlp0FsSsuLPOoTAGTusGIKYTCjAtCqc/IOoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFADZq/cupFv896Q78T4ugxZ0XJgcMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQU5tcjl5NmtXX3ozcER2eFBpNkRGblJjbUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHrVD3obTtStf9K4GD42
6ebhORJeMsKUdIRxV2HxMRtBTwAhSLnDzzZy7ICW9jQcnzaD9TExC4xSeiqXGju5
pOk8aVBROLTTc7nnaaozvOiB9c+cr4v25b/uTorNGQLzGTYLrD5UdHsHeHN+OpMx
oObeMoTh4iDUAe8zb4GX8drx8MEAccjvEg3V8MLiXgv86cMdTCt7vfdm/XIHJ44E
Ft39g1KVEv3V/A1xALFRBHD6WeOTH4eWMFjpz4/XzrvWWI0wRUWTLxdYCjaFcC0u
FDfwmBhDApwy2quWFGJJIJ0BW5Ggzp6XZExODzn7isiEE2ie6YghdEb7Q1FZu+mv
tAs=
-----END CERTIFICATE-----
Generated at Thu May 1 20:24:34 2025 by rpki-client