Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AhT8XbQqY6a4y3mP5VYmNyyOj-A.roa
File: AhT8XbQqY6a4y3mP5VYmNyyOj-A.roa (raw, json)
Hash identifier: 6KVBbr90op2uPCG6t+dJl9AhZ5wm/tWnn03KdN8jmPg=
Subject key identifier: 02:14:FC:5D:B4:2A:63:A6:B8:CB:79:8F:E5:56:26:37:2C:8E:8F:E0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 84343C17
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AhT8XbQqY6a4y3mP5VYmNyyOj-A.roa
Signing time: Sun 15 May 2022 08:09:41 +0000
ROA not before: Sun 15 May 2022 08:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2218015767 (0x84343c17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 15 08:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0214fc5db42a63a6b8cb798fe55626372c8e8fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d2:fe:c5:8e:40:d4:81:80:b7:07:2b:fc:12:
59:5a:fc:16:72:23:1c:6f:cc:59:53:cc:28:1b:d4:
e8:0e:af:81:b3:5e:59:7b:57:dc:ae:7a:97:d0:f2:
bc:c4:c5:ea:a3:48:18:5b:9a:89:8f:a6:c1:fd:a2:
c8:21:e5:ec:94:83:b6:2e:b2:52:af:d1:e1:d0:d5:
ac:33:9b:ac:20:52:50:e4:ff:0d:b4:93:4d:87:d3:
89:1f:9d:b8:be:3f:ad:66:f4:bd:83:24:53:6d:46:
b6:d8:2f:dd:d5:ca:6a:9f:7a:95:cc:e1:35:c6:2f:
1f:dc:19:89:e5:2e:e5:5e:73:af:20:8c:40:92:bc:
60:17:19:5f:76:0d:5c:33:73:ff:7e:79:78:59:2b:
c0:a9:c2:bb:ed:63:ca:5c:04:cc:b7:dc:cc:ca:39:
47:c3:ad:f9:3c:14:75:32:93:6a:d3:0a:56:0d:a0:
9d:9d:f6:0a:38:cb:18:22:e0:8e:a6:84:11:e3:bf:
cc:19:91:3c:9c:68:6a:4e:e2:76:dd:97:34:df:a7:
49:4f:b2:e2:05:6e:de:42:e5:34:9d:ad:60:d1:d4:
3b:5d:b9:ed:0e:ab:1e:e9:62:fd:1d:41:7c:25:3d:
61:e0:cd:1f:1b:17:da:17:29:9e:49:d1:57:d9:24:
13:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:14:FC:5D:B4:2A:63:A6:B8:CB:79:8F:E5:56:26:37:2C:8E:8F:E0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AhT8XbQqY6a4y3mP5VYmNyyOj-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:49:4d:69:f6:a5:78:36:5b:f6:06:9e:8c:61:69:51:7f:e7:
c2:52:35:2a:96:12:28:69:33:b1:11:3d:22:8c:c0:82:de:9a:
46:cd:86:43:51:cd:41:2e:09:c8:4f:af:1d:d9:7a:0a:c8:3a:
5e:32:2d:05:e2:26:ae:f4:4b:b6:ec:2e:6f:68:23:fc:35:67:
26:d3:70:2a:e2:f3:14:49:59:65:0f:5c:ad:10:d7:f8:ba:94:
e2:3c:5f:09:0b:04:c3:e2:be:63:81:7c:93:0a:27:18:ab:5f:
17:09:79:ad:a1:f2:7f:a8:30:80:fb:a3:98:4c:cc:b0:88:ed:
7f:35:f0:6d:f1:06:1d:ac:a4:b4:0a:fb:b5:b3:1d:d1:e8:b7:
a6:de:de:62:5e:28:57:b9:c2:60:48:9e:a1:c2:80:85:48:4e:
3f:be:17:6c:55:1d:c6:5e:ed:5b:3a:c2:19:de:41:15:09:1a:
ce:40:9f:c5:23:b4:c7:0f:e3:a6:10:cc:8b:09:e6:be:63:7b:
b0:91:63:ae:fe:17:d2:f9:bf:d7:24:47:77:bb:64:05:70:6b:
47:5c:a6:b4:56:89:91:49:b3:a0:fb:05:75:32:96:02:98:85:
b5:dc:55:77:d9:62:04:7b:c9:7d:6e:d0:ed:0b:9a:22:52:d6:
b8:d0:c0:a2
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIQ0PBcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MTUwODA5NDFaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDAyMTRmYzVkYjQy
YTYzYTZiOGNiNzk4ZmU1NTYyNjM3MmM4ZThmZTAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDC0v7FjkDUgYC3Byv8Ella/BZyIxxvzFlTzCgb1OgOr4Gz
Xll7V9yuepfQ8rzExeqjSBhbmomPpsH9osgh5eyUg7YuslKv0eHQ1awzm6wgUlDk
/w20k02H04kfnbi+P61m9L2DJFNtRrbYL93VymqfepXM4TXGLx/cGYnlLuVec68g
jECSvGAXGV92DVwzc/9+eXhZK8CpwrvtY8pcBMy33MzKOUfDrfk8FHUyk2rTClYN
oJ2d9go4yxgi4I6mhBHjv8wZkTycaGpO4nbdlzTfp0lPsuIFbt5C5TSdrWDR1Dtd
ue0Oqx7pYv0dQXwlPWHgzR8bF9oXKZ5J0VfZJBNvAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUAhT8XbQqY6a4y3mP5VYmNyyOj+AwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9BaFQ4WGJRcVk2YTR5M21QNVZZbU55eU9qLUEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAKklNafaleDZb9gaejGFpUX/nwlI1KpYSKGkz
sRE9IozAgt6aRs2GQ1HNQS4JyE+vHdl6Csg6XjItBeImrvRLtuwub2gj/DVnJtNw
KuLzFElZZQ9crRDX+LqU4jxfCQsEw+K+Y4F8kwonGKtfFwl5raHyf6gwgPujmEzM
sIjtfzXwbfEGHayktAr7tbMd0ei3pt7eYl4oV7nCYEieocKAhUhOP74XbFUdxl7t
WzrCGd5BFQkazkCfxSO0xw/jphDMiwnmvmN7sJFjrv4X0vm/1yRHd7tkBXBrR1ym
tFaJkUmzoPsFdTKWApiFtdxVd9liBHvJfW7Q7QuaIlLWuNDAog==
-----END CERTIFICATE-----
Generated at Fri May 2 02:43:39 2025 by rpki-client