Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AaP7iElM_rkQ3XCkW6OtjSEZmD0.roa
File: AaP7iElM_rkQ3XCkW6OtjSEZmD0.roa (raw, json)
Hash identifier: QEC6hn5eZ4xWlETfd0axLz/9hvKQlozoHq9NlprW+Po=
Subject key identifier: 01:A3:FB:88:49:4C:FE:B9:10:DD:70:A4:5B:A3:AD:8D:21:19:98:3D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856F622955C4F78244B609896368EA19C3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AaP7iElM_rkQ3XCkW6OtjSEZmD0.roa
Signing time: Sun 01 Jan 2023 22:09:42 +0000
ROA not before: Sun 01 Jan 2023 22:09:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:62:29:55:c4:f7:82:44:b6:09:89:63:68:ea:19:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 1 22:09:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01a3fb88494cfeb910dd70a45ba3ad8d2119983d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:48:4f:9a:7b:63:2e:35:3a:51:c9:e1:70:34:
51:29:15:5d:5f:20:16:bd:3f:82:f5:ee:c4:4a:89:
92:30:b0:70:cc:dd:75:5f:4f:27:30:31:d1:39:b5:
29:ad:89:7a:05:1c:9e:97:54:37:f8:e2:58:50:1e:
31:c2:12:0c:47:9d:25:3d:70:de:98:bd:bb:21:8e:
2d:be:08:30:5c:33:47:bb:80:ba:a3:5f:f8:a7:c1:
d4:60:3b:d8:23:df:5c:63:3d:e2:9d:44:5d:e1:7d:
4a:fb:c0:21:c1:09:f7:b4:44:2a:af:7f:a4:70:b8:
a0:40:4a:07:1a:20:2e:ba:d1:c3:5b:c3:e0:f1:7e:
2b:ce:32:fa:a3:e7:2c:0a:84:84:67:49:f9:79:98:
21:5f:07:4a:5f:5a:77:6d:1b:0e:97:a2:ec:71:12:
90:6c:f3:29:2e:2c:d1:ef:9a:aa:30:9a:54:37:dd:
db:ce:f9:8b:16:f6:17:70:6c:63:b8:48:89:6c:41:
d1:13:92:8a:34:1f:83:50:f0:0a:e5:88:cf:21:71:
7c:1b:e6:92:50:e2:9b:e6:bf:de:74:a8:fe:5b:b2:
b2:76:9a:9f:5e:90:64:ec:07:03:6b:01:91:a5:16:
97:4b:80:ca:5f:36:82:ca:a1:22:c0:d4:3c:8b:26:
c0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A3:FB:88:49:4C:FE:B9:10:DD:70:A4:5B:A3:AD:8D:21:19:98:3D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AaP7iElM_rkQ3XCkW6OtjSEZmD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:ec:ae:30:62:21:f1:56:99:f1:58:f8:9e:63:c7:56:ca:99:
6f:26:07:c3:00:a4:1b:0c:63:0d:f1:28:52:16:8f:d9:f6:36:
cf:29:5c:4c:30:4c:0c:a4:a9:54:6c:84:82:c3:37:e0:32:2e:
44:11:5d:fe:fb:55:45:f8:88:6f:5c:4d:b7:0e:05:ac:3c:22:
e5:b0:b6:4e:8b:10:47:9b:51:b1:fd:c3:59:0f:2f:d6:75:90:
56:d7:43:cd:cc:84:3d:d0:a0:de:20:39:03:bf:ed:ed:b2:97:
41:a4:6e:94:23:46:17:4c:2e:83:40:ec:45:5a:64:aa:3a:6e:
2d:b1:1e:80:5c:60:54:ba:0c:23:0b:f9:40:ef:ab:5a:d4:8d:
48:e4:1c:00:1b:0d:f0:17:dc:80:5a:e9:35:de:6d:88:14:41:
73:b5:ff:d0:af:b9:3a:0c:77:48:14:30:a4:a0:a2:93:2c:bd:
a8:56:8d:58:b9:20:37:ac:73:06:a1:89:e1:3f:c7:1a:52:be:
e0:af:44:d1:45:6d:a1:72:ab:a0:49:78:95:f5:6e:5d:e8:5c:
7e:c8:c8:b4:72:1b:4d:5d:53:d0:20:c4:78:86:3c:07:7c:c2:
a8:df:da:21:9a:9b:09:7c:2a:0b:5b:f1:70:bf:3a:eb:8d:6d:
a8:9f:6a:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvYilVxPeCRLYJiWNo6hnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAxMjIwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWEzZmI4ODQ5NGNmZWI5MTBkZDcwYTQ1YmEzYWQ4ZDIxMTk5ODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEhPmntjLjU6UcnhcDRRKRVdXyAW
vT+C9e7ESomSMLBwzN11X08nMDHRObUprYl6BRyel1Q3+OJYUB4xwhIMR50lPXDe
mL27IY4tvggwXDNHu4C6o1/4p8HUYDvYI99cYz3inURd4X1K+8AhwQn3tEQqr3+k
cLigQEoHGiAuutHDW8Pg8X4rzjL6o+csCoSEZ0n5eZghXwdKX1p3bRsOl6LscRKQ
bPMpLizR75qqMJpUN93bzvmLFvYXcGxjuEiJbEHRE5KKNB+DUPAK5YjPIXF8G+aS
UOKb5r/edKj+W7KydpqfXpBk7AcDawGRpRaXS4DKXzaCyqEiwNQ8iybAbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAGj+4hJTP65EN1wpFujrY0hGZg9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQWFQN2lFbE1fcmtRM1hDa1c2T3RqU0VabUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFbsrjBiIfFWmfFY+J5j
x1bKmW8mB8MApBsMYw3xKFIWj9n2Ns8pXEwwTAykqVRshILDN+AyLkQRXf77VUX4
iG9cTbcOBaw8IuWwtk6LEEebUbH9w1kPL9Z1kFbXQ83MhD3QoN4gOQO/7e2yl0Gk
bpQjRhdMLoNA7EVaZKo6bi2xHoBcYFS6DCML+UDvq1rUjUjkHAAbDfAX3IBa6TXe
bYgUQXO1/9CvuToMd0gUMKSgopMsvahWjVi5IDescwahieE/xxpSvuCvRNFFbaFy
q6BJeJX1bl3oXH7IyLRyG01dU9AgxHiGPAd8wqjf2iGamwl8Kgtb8XC/OuuNbaif
agM=
-----END CERTIFICATE-----
Generated at Thu May 1 03:13:21 2025 by rpki-client