Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CGHjtjIgPiHPYwcAg1XvrUZxs6c.roa
File: CGHjtjIgPiHPYwcAg1XvrUZxs6c.roa (raw, json)
Hash identifier: 4cMR4QZE/5D6BGaiyj1EF5q4FGmssmLd6juoTXhfvnA=
Subject key identifier: 08:61:E3:B6:32:20:3E:21:CF:63:07:00:83:55:EF:AD:46:71:B3:A7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 918E8128
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CGHjtjIgPiHPYwcAg1XvrUZxs6c.roa
Signing time: Fri 01 Jul 2022 20:11:25 +0000
ROA not before: Fri 01 Jul 2022 20:11:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2442035496 (0x918e8128)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 1 20:11:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0861e3b632203e21cf6307008355efad4671b3a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0a:3a:b6:8e:0a:3d:8c:c5:da:40:19:1f:e9:
ee:99:17:aa:4d:c3:fc:51:01:52:bb:e6:8c:68:af:
15:74:58:78:ba:4a:b8:6e:17:94:ad:96:24:ce:c0:
bd:3a:13:64:27:9e:f5:24:57:c4:94:9b:5c:e8:32:
a3:9f:1f:03:b3:e5:8c:22:6b:1c:25:7e:bf:13:fb:
61:07:0c:d2:16:45:2c:6a:ed:fc:7b:d6:4c:9d:0c:
95:45:36:35:6e:12:81:16:98:19:65:a7:23:15:8a:
a2:13:b7:86:93:c1:13:03:4d:19:8f:1f:3e:29:d4:
07:f0:fa:bf:d8:a3:c4:5a:d3:49:f0:9f:99:5d:8b:
b3:93:64:8f:e2:f1:43:9e:ff:c3:08:87:02:0c:f8:
82:96:da:1f:4e:0e:57:a2:b4:13:1a:90:d8:fc:31:
88:74:41:b0:a1:98:24:89:42:39:16:d3:f5:96:7f:
24:21:20:aa:76:68:8f:69:08:23:86:c3:c3:e5:be:
33:65:19:04:ca:eb:78:2c:6c:4b:cf:7f:8e:84:9f:
10:7f:0e:17:5f:4f:25:7b:09:99:d3:32:46:57:2b:
0b:51:b0:46:03:77:5a:03:39:e1:13:3b:08:e9:b2:
23:21:d0:91:9f:72:19:f7:22:0f:1b:d8:1c:a9:40:
79:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:61:E3:B6:32:20:3E:21:CF:63:07:00:83:55:EF:AD:46:71:B3:A7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CGHjtjIgPiHPYwcAg1XvrUZxs6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:98:3f:bf:e1:54:c7:27:56:4a:66:a2:a6:de:dd:ca:65:35:
bb:73:42:bc:d8:73:6b:c4:a8:d0:c9:92:f1:b7:d0:6f:a6:cc:
12:ce:73:27:c9:3d:b0:c2:fa:b6:47:0f:4a:8a:7e:17:9b:e5:
a5:7d:e2:44:68:5c:87:41:8b:5a:ba:26:89:c3:37:b9:bf:85:
2b:e2:a5:4c:14:3e:90:19:09:c3:0d:b3:71:48:1d:2c:e6:7d:
15:af:be:45:8a:dc:d9:bf:ba:5a:13:cb:cc:a3:8d:b7:d7:a1:
9d:6c:8e:19:78:94:39:ae:49:cc:0c:15:8c:0e:c2:fc:2c:ac:
c4:77:95:7e:57:c3:92:dc:61:d0:b7:f5:7f:f9:13:7c:37:f9:
ba:3f:ff:6d:36:ad:ea:56:2c:87:51:41:53:98:9c:ba:c2:48:
32:ee:cb:c3:01:5a:8b:22:47:99:65:90:e0:57:ae:99:f0:dd:
1f:e2:d3:06:ca:ce:6c:4a:30:db:a3:89:04:2d:a2:40:cc:90:
52:81:f8:7f:02:7b:ee:3b:74:d5:80:ec:bb:6f:15:8d:26:90:
4f:db:10:f5:9b:63:f7:8e:0a:5d:4a:b8:c6:32:13:1f:38:f0:
70:6d:54:dd:73:6a:fe:60:eb:9f:4e:aa:ea:9b:8b:f2:a5:20:
9a:dc:a7:58
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAJGOgSgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA3
MDEyMDExMjVaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDA4NjFlM2I2MzIy
MDNlMjFjZjYzMDcwMDgzNTVlZmFkNDY3MWIzYTcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCECjq2jgo9jMXaQBkf6e6ZF6pNw/xRAVK75oxorxV0WHi6
SrhuF5StliTOwL06E2QnnvUkV8SUm1zoMqOfHwOz5Ywiaxwlfr8T+2EHDNIWRSxq
7fx71kydDJVFNjVuEoEWmBllpyMViqITt4aTwRMDTRmPHz4p1Afw+r/Yo8Ra00nw
n5ldi7OTZI/i8UOe/8MIhwIM+IKW2h9ODleitBMakNj8MYh0QbChmCSJQjkW0/WW
fyQhIKp2aI9pCCOGw8PlvjNlGQTK63gsbEvPf46EnxB/DhdfTyV7CZnTMkZXKwtR
sEYDd1oDOeETOwjpsiMh0JGfchn3Ig8b2BypQHk7AgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUCGHjtjIgPiHPYwcAg1XvrUZxs6cwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9DR0hqdGpJZ1BpSFBZd2NBZzFYdnJVWnhzNmMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAdpg/v+FUxydWSmaipt7dymU1u3NCvNhza8So
0MmS8bfQb6bMEs5zJ8k9sML6tkcPSop+F5vlpX3iRGhch0GLWromicM3ub+FK+Kl
TBQ+kBkJww2zcUgdLOZ9Fa++RYrc2b+6WhPLzKONt9ehnWyOGXiUOa5JzAwVjA7C
/CysxHeVflfDktxh0Lf1f/kTfDf5uj//bTat6lYsh1FBU5icusJIMu7LwwFaiyJH
mWWQ4FeumfDdH+LTBsrObEow26OJBC2iQMyQUoH4fwJ77jt01YDsu28VjSaQT9sQ
9Ztj944KXUq4xjITHzjwcG1U3XNq/mDrn06q6puL8qUgmtynWA==
-----END CERTIFICATE-----
Generated at Thu May 1 02:53:30 2025 by rpki-client