Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AzJnCS-UqK2qinrRaPwwVnEwRPk.roa
File: AzJnCS-UqK2qinrRaPwwVnEwRPk.roa (raw, json)
Hash identifier: R0lQnKj1lIhl8/QuOH0RT5T8zu9mqUQ7/9O0gesEnrE=
Subject key identifier: 03:32:67:09:2F:94:A8:AD:AA:8A:7A:D1:68:FC:30:56:71:30:44:F9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185B69F40EB6581721A30E1E528C40EBA16
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AzJnCS-UqK2qinrRaPwwVnEwRPk.roa
Signing time: Sun 15 Jan 2023 18:09:28 +0000
ROA not before: Sun 15 Jan 2023 18:09:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b6:9f:40:eb:65:81:72:1a:30:e1:e5:28:c4:0e:ba:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 15 18:09:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=033267092f94a8adaa8a7ad168fc3056713044f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:12:26:92:0b:81:72:22:eb:5d:f8:c2:eb:94:
2a:b5:ee:d4:df:2b:c6:66:e4:bd:79:cb:fa:81:c6:
e5:67:c0:0b:bf:5b:7a:aa:78:0f:c4:95:c8:cb:34:
54:df:11:1c:8f:1d:43:80:9e:f8:a4:da:9e:fb:7b:
ee:82:27:a7:14:b0:ac:96:a8:73:35:37:a2:b3:9b:
c8:b4:e1:43:86:9a:9e:22:6b:8b:c8:ef:e9:da:7e:
f9:13:44:d1:5d:64:2a:40:de:fb:a1:63:8c:d7:1e:
b8:32:66:4a:ea:f8:dc:3e:c0:d4:35:bb:b4:a4:00:
d1:a0:ad:46:31:7e:90:b6:ac:ec:be:5e:2d:76:de:
25:1b:28:90:76:a1:2e:89:4e:bc:ba:68:79:80:bb:
af:8d:a9:b7:3b:fa:02:55:7b:b4:46:f2:59:50:d5:
90:5c:6b:51:db:0c:1d:36:71:7a:53:78:88:cc:4e:
28:e1:c9:bf:32:db:23:8c:e3:a3:fb:34:a4:34:2a:
9c:51:25:75:ea:6d:68:ec:89:cb:55:03:72:a1:3f:
92:02:5a:58:76:8b:9d:d6:e6:77:0c:3a:fc:de:49:
1a:69:5c:75:03:36:7b:8c:80:c3:42:a4:94:4d:9f:
ae:32:9d:d9:33:85:73:a1:9d:67:f6:90:83:55:88:
cd:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:32:67:09:2F:94:A8:AD:AA:8A:7A:D1:68:FC:30:56:71:30:44:F9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AzJnCS-UqK2qinrRaPwwVnEwRPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:df:3c:67:0b:70:f7:95:4c:d1:18:8c:de:bc:e1:d3:23:58:
53:49:a5:d0:4f:57:39:45:ca:be:84:94:6e:a9:fa:51:49:1f:
85:bb:f2:b1:06:6a:27:f8:12:ab:7d:e2:9f:82:4c:48:6d:6c:
fe:5d:10:28:11:f1:98:27:c4:eb:42:74:eb:ec:53:04:4a:f4:
0d:de:50:cb:f8:3d:98:98:71:80:36:03:d4:09:5f:c3:a6:0c:
9a:40:24:7c:25:97:9d:08:56:5a:c7:1d:90:91:0a:c8:84:e8:
1b:df:ec:77:e8:24:d7:26:8c:c9:ca:b5:ce:cd:b8:ff:a1:d6:
80:30:4c:8a:3d:07:72:1d:e7:e5:19:7c:ce:6d:ed:39:59:af:
35:a9:6b:c7:dc:2a:78:f9:15:59:00:44:27:d6:92:d9:3c:eb:
b8:8f:b7:1b:b2:9a:07:eb:e2:9b:62:a8:05:0c:e2:cb:26:29:
2a:a8:68:4a:23:48:35:0a:a5:8d:2a:62:4c:6b:60:13:50:72:
45:c6:48:81:46:3a:ff:84:94:40:28:80:3d:b3:dd:2c:de:43:
ac:79:25:55:65:20:1d:27:5e:3c:a8:e5:dd:de:a3:0d:18:69:
b7:5d:15:31:1a:1b:8c:d6:a5:3a:54:44:d3:a8:93:b4:8c:55:
da:bd:c7:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYW2n0DrZYFyGjDh5SjEDroWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTE1MTgwOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzMyNjcwOTJmOTRhOGFkYWE4YTdhZDE2OGZjMzA1NjcxMzA0NGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhImkguBciLrXfjC65Qqte7U3yvG
ZuS9ecv6gcblZ8ALv1t6qngPxJXIyzRU3xEcjx1DgJ74pNqe+3vugienFLCslqhz
NTeis5vItOFDhpqeImuLyO/p2n75E0TRXWQqQN77oWOM1x64MmZK6vjcPsDUNbu0
pADRoK1GMX6Qtqzsvl4tdt4lGyiQdqEuiU68umh5gLuvjam3O/oCVXu0RvJZUNWQ
XGtR2wwdNnF6U3iIzE4o4cm/MtsjjOOj+zSkNCqcUSV16m1o7InLVQNyoT+SAlpY
doud1uZ3DDr83kkaaVx1AzZ7jIDDQqSUTZ+uMp3ZM4VzoZ1n9pCDVYjN+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAMyZwkvlKitqop60Wj8MFZxMET5MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQXpKbkNTLVVxSzJxaW5yUmFQd3dWbkV3UlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH/fPGcLcPeVTNEYjN68
4dMjWFNJpdBPVzlFyr6ElG6p+lFJH4W78rEGaif4Eqt94p+CTEhtbP5dECgR8Zgn
xOtCdOvsUwRK9A3eUMv4PZiYcYA2A9QJX8OmDJpAJHwll50IVlrHHZCRCsiE6Bvf
7HfoJNcmjMnKtc7NuP+h1oAwTIo9B3Id5+UZfM5t7TlZrzWpa8fcKnj5FVkARCfW
ktk867iPtxuymgfr4ptiqAUM4ssmKSqoaEojSDUKpY0qYkxrYBNQckXGSIFGOv+E
lEAogD2z3SzeQ6x5JVVlIB0nXjyo5d3eow0YabddFTEaG4zWpTpURNOok7SMVdq9
x6Q=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:36:52 2025 by rpki-client