Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AqFguJ-UpQy-y63M3-t0xaubJsU.roa
File: AqFguJ-UpQy-y63M3-t0xaubJsU.roa (raw, json)
Hash identifier: X/E8cmC7pV0ymjabz3kX4zXO4j8KCy3yjegjFeeaaKo=
Subject key identifier: 02:A1:60:B8:9F:94:A5:0C:BE:CB:AD:CC:DF:EB:74:C5:AB:9B:26:C5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184FC291047F7531D870881545658B0664D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AqFguJ-UpQy-y63M3-t0xaubJsU.roa
Signing time: Sat 10 Dec 2022 13:11:00 +0000
ROA not before: Sat 10 Dec 2022 13:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:fc:29:10:47:f7:53:1d:87:08:81:54:56:58:b0:66:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 10 13:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02a160b89f94a50cbecbadccdfeb74c5ab9b26c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:46:f6:9a:00:e8:2c:92:64:63:53:3a:4f:ec:
97:98:47:1a:79:38:0a:64:e7:fe:7d:f5:ea:e9:9b:
a4:b9:1b:6f:b9:3f:c1:ee:54:bf:42:4d:7d:13:95:
5a:fc:57:ea:62:36:b2:ec:5f:02:30:a2:89:f8:9d:
83:de:ea:65:0a:0b:92:fd:31:e6:33:a7:46:d8:da:
4e:0c:49:7a:a5:9e:8a:c5:20:0a:59:40:c6:f2:af:
d7:87:0c:80:19:09:83:d7:35:a4:ab:21:cc:8d:4e:
d8:43:23:d3:25:0f:86:41:ad:10:25:bd:aa:43:a8:
5e:53:90:39:10:2c:c9:eb:a8:07:bf:89:9a:e0:5e:
56:9b:4b:87:4a:06:81:69:66:65:72:d8:57:27:e7:
19:28:62:a3:1a:96:fc:e0:9c:9b:b8:5d:b7:a1:71:
5f:b4:12:e4:00:a7:68:af:ef:99:b6:7f:5e:ce:6f:
3f:10:ce:3b:53:ca:03:3a:69:db:35:2f:b3:f0:5e:
30:53:bb:66:6f:1c:cf:fa:f7:ff:fb:ba:6b:4d:93:
6c:7f:58:14:f4:98:70:ef:1a:ac:6a:63:fb:d0:bf:
cd:24:b1:f8:a1:46:f5:94:84:f1:e5:a4:0d:ac:0b:
b3:27:e0:d5:e4:5d:83:18:98:77:7a:6e:b1:c7:22:
a1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A1:60:B8:9F:94:A5:0C:BE:CB:AD:CC:DF:EB:74:C5:AB:9B:26:C5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AqFguJ-UpQy-y63M3-t0xaubJsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:b1:8e:9e:78:1f:f0:ad:f6:8c:fc:3c:f8:f8:fb:86:58:cb:
ba:b9:3e:cc:4e:73:d4:60:62:64:e4:45:9c:17:da:e2:1a:03:
22:f9:11:b7:e8:dd:20:ef:6d:70:9f:73:eb:fa:c9:f4:c5:47:
27:17:61:4d:62:17:66:ff:a2:b9:e7:f7:1e:7d:f9:13:c3:32:
71:8d:3b:8b:3a:95:af:70:39:46:59:52:f5:be:36:5b:50:3a:
02:c0:09:48:78:07:a7:af:1e:66:ca:29:de:03:89:74:66:79:
ce:fd:a4:5d:3a:af:44:0e:95:2e:14:27:f2:15:57:6d:e7:bc:
34:fd:ce:d7:08:a3:18:d6:8f:6a:ce:14:8e:e4:a3:f8:c7:52:
46:39:c7:98:b7:5e:b8:d8:a5:25:1d:75:b5:17:55:7e:97:c2:
31:ae:2b:0c:d1:7c:f6:53:c3:54:b7:c0:f3:b8:29:fc:80:84:
9a:93:e8:5c:28:61:4d:9e:c3:fd:63:62:51:d3:e3:4a:df:37:
d2:e5:3c:9d:cf:91:b1:52:85:66:69:df:29:46:74:a8:cd:31:
a9:c2:0e:11:d3:c7:92:36:a1:94:b6:1d:1b:f0:dd:52:6f:51:
a5:99:02:72:64:c3:07:00:cb:e4:d1:b3:19:25:b5:cf:3e:2d:
35:4d:b6:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYT8KRBH91MdhwiBVFZYsGZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjEwMTMxMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmExNjBiODlmOTRhNTBjYmVjYmFkY2NkZmViNzRjNWFiOWIyNmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0b2mgDoLJJkY1M6T+yXmEcaeTgK
ZOf+ffXq6ZukuRtvuT/B7lS/Qk19E5Va/FfqYjay7F8CMKKJ+J2D3uplCguS/THm
M6dG2NpODEl6pZ6KxSAKWUDG8q/XhwyAGQmD1zWkqyHMjU7YQyPTJQ+GQa0QJb2q
Q6heU5A5ECzJ66gHv4ma4F5Wm0uHSgaBaWZlcthXJ+cZKGKjGpb84JybuF23oXFf
tBLkAKdor++Ztn9ezm8/EM47U8oDOmnbNS+z8F4wU7tmbxzP+vf/+7prTZNsf1gU
9Jhw7xqsamP70L/NJLH4oUb1lITx5aQNrAuzJ+DV5F2DGJh3em6xxyKhuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAKhYLiflKUMvsutzN/rdMWrmybFMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQXFGZ3VKLVVwUXkteTYzTTMtdDB4YXViSnNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI6xjp54H/Ct9oz8PPj4
+4ZYy7q5PsxOc9RgYmTkRZwX2uIaAyL5Ebfo3SDvbXCfc+v6yfTFRycXYU1iF2b/
ornn9x59+RPDMnGNO4s6la9wOUZZUvW+NltQOgLACUh4B6evHmbKKd4DiXRmec79
pF06r0QOlS4UJ/IVV23nvDT9ztcIoxjWj2rOFI7ko/jHUkY5x5i3XrjYpSUddbUX
VX6XwjGuKwzRfPZTw1S3wPO4KfyAhJqT6FwoYU2ew/1jYlHT40rfN9LlPJ3PkbFS
hWZp3ylGdKjNManCDhHTx5I2oZS2HRvw3VJvUaWZAnJkwwcAy+TRsxkltc8+LTVN
tq4=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:00:14 2025 by rpki-client