Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ATKXy0jT9eyXT4bd4Z0eP3qNqbY.roa
File: ATKXy0jT9eyXT4bd4Z0eP3qNqbY.roa (raw, json)
Hash identifier: 0sWqoyO5ySMWC4HhxiH9/0gOARvmq4QXVHd/IkiVnAI=
Subject key identifier: 01:32:97:CB:48:D3:F5:EC:97:4F:86:DD:E1:9D:1E:3F:7A:8D:A9:B6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 72D23BF2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ATKXy0jT9eyXT4bd4Z0eP3qNqbY.roa
Signing time: Tue 15 Mar 2022 20:04:12 +0000
ROA not before: Tue 15 Mar 2022 20:04:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17f:8f2e:535a/128 maxlen: 128
2001:67c:64:ffff:0:17f:87e3:2531/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1926380530 (0x72d23bf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 15 20:04:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=013297cb48d3f5ec974f86dde19d1e3f7a8da9b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5f:e3:f1:b3:af:61:06:9c:3d:9e:46:21:95:
8d:1d:c0:c0:db:65:00:29:42:b0:0b:d5:b3:ad:d6:
8b:07:41:89:3e:75:a2:bf:c3:00:b4:24:01:dd:30:
e5:68:8d:c4:8f:9c:b5:40:45:74:3f:01:f5:29:2e:
fe:e5:28:47:ec:00:04:9d:37:27:87:55:93:b9:a7:
e0:5b:37:4a:6d:57:51:a4:38:22:e2:4c:fb:af:fe:
20:cf:ff:fc:33:9b:8f:99:37:8e:38:8e:85:76:5c:
90:4d:91:bf:b2:02:f0:56:80:73:42:54:e1:eb:f4:
dd:66:c1:e4:11:b4:e0:a1:90:cf:4a:21:02:9a:70:
30:1f:a3:5f:cf:b0:7c:5a:76:da:28:ab:9b:28:b7:
b0:1b:d4:a6:c1:a9:6e:0f:b6:52:57:de:e7:20:0e:
94:47:03:0e:08:fa:c9:aa:e6:46:bf:72:35:25:ff:
4c:74:23:8b:fb:bc:ef:fa:63:c8:f2:19:f9:ff:43:
80:60:9c:6b:44:d3:04:b9:99:49:6a:66:6b:8f:5c:
5d:1d:8d:f2:d2:b9:37:15:8e:de:7a:2e:39:e6:48:
8e:c7:3a:6f:54:18:94:be:40:0a:69:a2:85:c7:e2:
e7:5e:60:21:15:69:bc:51:e7:fe:f7:4c:a5:f0:b9:
73:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:32:97:CB:48:D3:F5:EC:97:4F:86:DD:E1:9D:1E:3F:7A:8D:A9:B6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ATKXy0jT9eyXT4bd4Z0eP3qNqbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:66:e8:dc:b3:37:fe:04:a1:00:9f:4c:2b:06:41:26:25:23:
7d:cd:07:2a:f1:d9:eb:48:09:27:e7:61:e9:d6:bf:59:42:e9:
84:66:d8:a6:8c:cb:bf:66:78:42:5a:da:58:10:35:93:3c:d1:
c4:66:a9:90:62:6e:92:07:f1:bf:a6:14:2d:d9:69:65:b2:f9:
f5:fd:92:57:d4:2d:94:1c:9a:4e:08:56:b4:4b:38:4c:76:d1:
eb:66:7e:5e:0f:2c:c7:01:95:4b:b6:88:bb:91:06:3c:a8:a9:
a3:a2:4b:c6:c1:c4:a0:36:db:3d:7d:48:77:8b:52:6f:1f:09:
69:66:6f:dd:40:32:05:28:d7:00:9e:06:93:79:67:f7:b9:30:
5a:b7:23:bb:f8:d4:40:d0:6f:2a:70:0c:82:64:da:40:15:21:
5e:b8:5e:73:e2:43:dd:57:8e:bb:af:56:40:65:f5:77:19:81:
60:9b:cf:62:66:e3:48:09:4d:8a:42:50:6f:2c:d2:c0:96:3c:
c2:26:b9:4e:45:f2:34:f5:b3:55:f9:b2:cf:64:99:72:14:7d:
ef:ea:c4:15:d2:51:73:25:7c:f3:df:64:ac:3a:af:ce:64:e9:
b3:55:58:a8:52:33:ca:44:dd:7c:51:ef:ce:5b:11:d0:fb:d9:
73:5f:91:23
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEctI78jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMx
NTIwMDQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDEzMjk3Y2I0OGQz
ZjVlYzk3NGY4NmRkZTE5ZDFlM2Y3YThkYTliNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpf4/Gzr2EGnD2eRiGVjR3AwNtlAClCsAvVs63WiwdBiT51
or/DALQkAd0w5WiNxI+ctUBFdD8B9Sku/uUoR+wABJ03J4dVk7mn4Fs3Sm1XUaQ4
IuJM+6/+IM///DObj5k3jjiOhXZckE2Rv7IC8FaAc0JU4ev03WbB5BG04KGQz0oh
AppwMB+jX8+wfFp22iirmyi3sBvUpsGpbg+2Ulfe5yAOlEcDDgj6yarmRr9yNSX/
THQji/u87/pjyPIZ+f9DgGCca0TTBLmZSWpma49cXR2N8tK5NxWO3nouOeZIjsc6
b1QYlL5ACmmihcfi515gIRVpvFHn/vdMpfC5c68CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQBMpfLSNP17JdPht3hnR4/eo2ptjAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L0FUS1h5MGpUOWV5WFQ0YmQ0WjBlUDNxTnFiWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQClZujcszf+BKEAn0wrBkEmJSN9zQcq8dnrSAkn
52Hp1r9ZQumEZtimjMu/ZnhCWtpYEDWTPNHEZqmQYm6SB/G/phQt2Wllsvn1/ZJX
1C2UHJpOCFa0SzhMdtHrZn5eDyzHAZVLtoi7kQY8qKmjokvGwcSgNts9fUh3i1Jv
HwlpZm/dQDIFKNcAngaTeWf3uTBatyO7+NRA0G8qcAyCZNpAFSFeuF5z4kPdV467
r1ZAZfV3GYFgm89iZuNICU2KQlBvLNLAljzCJrlORfI09bNV+bLPZJlyFH3v6sQV
0lFzJXzz32SsOq/OZOmzVVioUjPKRN18Ue/OWxHQ+9lzX5Ej
-----END CERTIFICATE-----
Generated at Thu May 1 00:59:06 2025 by rpki-client