Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CbAb7O57lO7-oB3WOip0DRtaQqU.roa
File: CbAb7O57lO7-oB3WOip0DRtaQqU.roa (raw, json)
Hash identifier: PLEU/yO7ZMrAwb44JXsFcK2SgauaTe25AzoWb0GrVQA=
Subject key identifier: 09:B0:1B:EC:EE:7B:94:EE:FE:A0:1D:D6:3A:2A:74:0D:1B:5A:42:A5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 7CEB092F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CbAb7O57lO7-oB3WOip0DRtaQqU.roa
Signing time: Wed 20 Apr 2022 09:10:15 +0000
ROA not before: Wed 20 Apr 2022 09:10:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2095778095 (0x7ceb092f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 20 09:10:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09b01becee7b94eefea01dd63a2a740d1b5a42a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:90:57:c9:da:ee:45:2b:0a:a5:a3:08:ca:7a:
02:c0:b3:34:fd:2d:22:0a:b0:0c:22:f9:04:be:11:
6f:fd:42:95:21:06:dc:e1:81:bf:55:ca:c1:a9:4e:
28:b8:8a:73:c4:a4:b6:f5:8c:79:43:60:1b:63:96:
2b:5f:4f:b9:18:c8:0e:c7:ca:09:3b:43:df:fd:41:
d4:29:63:39:40:e1:38:39:c5:e7:1e:60:2b:ae:cc:
83:66:07:85:35:80:52:ff:33:ed:d0:ad:ed:9a:51:
76:51:6b:01:bb:a0:c0:ef:3a:c7:ae:e2:33:8b:fd:
9b:f0:14:3f:13:93:2e:bf:19:93:a0:c0:df:75:44:
f4:17:fd:81:1c:14:bd:80:53:1a:76:be:a3:98:2c:
9c:f2:a0:13:f2:ac:98:2d:8e:34:a7:1e:d3:a1:fe:
c2:29:6b:7f:01:0b:06:eb:f7:d7:6e:6a:39:a5:ba:
89:f7:cc:ec:95:36:89:09:3b:31:02:63:09:47:2e:
ac:22:df:00:b6:90:85:0a:91:02:c2:f2:d4:72:fe:
2d:fe:f2:6b:7a:31:d6:20:36:0f:5d:75:61:2b:cb:
a7:8f:5e:a1:2c:05:5f:a8:ce:08:7f:65:81:cf:03:
b7:6b:51:81:d3:70:54:05:fd:10:3e:eb:69:af:99:
51:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B0:1B:EC:EE:7B:94:EE:FE:A0:1D:D6:3A:2A:74:0D:1B:5A:42:A5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/CbAb7O57lO7-oB3WOip0DRtaQqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:d7:8f:23:32:6e:fa:02:7e:be:4f:03:53:91:20:98:a5:76:
41:24:1e:ab:15:11:85:fd:5a:98:63:23:ee:6a:bd:30:02:08:
09:d1:7f:da:80:21:f6:c7:56:10:84:92:18:09:54:73:ac:2b:
44:1d:d9:53:4b:4b:8e:ee:74:1c:63:b7:48:34:5b:74:76:90:
ce:35:82:de:b1:d9:3a:df:74:de:79:6a:f7:7c:63:1b:f6:01:
b1:a3:ca:94:ab:db:0e:dd:7c:99:b8:63:a6:60:80:2a:26:fa:
20:72:b0:60:6a:c0:4a:fe:62:b8:f7:e4:e0:70:cc:57:ea:99:
73:2a:6c:57:f4:a8:92:28:c3:08:7b:55:1a:9c:a6:2a:34:cb:
bd:bf:9c:b6:f0:02:72:48:88:de:3e:06:58:c4:ab:f6:89:49:
e9:6b:4f:a8:6b:55:89:d5:70:76:c6:c7:04:d0:ce:3d:06:81:
bf:90:0e:2b:44:c2:75:45:ed:57:55:86:e6:92:b6:70:8b:ec:
65:1c:a0:e7:59:07:a3:91:70:37:3f:04:84:16:89:3a:d1:c9:
88:b5:65:28:04:1b:5d:8c:74:d7:ed:6b:01:2e:b4:d1:56:eb:
48:6b:c3:a8:b8:13:8d:21:6b:9b:05:8a:c2:15:a3:4c:d1:7e:
3d:97:d2:fb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEfOsJLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQy
MDA5MTAxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDliMDFiZWNlZTdi
OTRlZWZlYTAxZGQ2M2EyYTc0MGQxYjVhNDJhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMiQV8na7kUrCqWjCMp6AsCzNP0tIgqwDCL5BL4Rb/1ClSEG
3OGBv1XKwalOKLiKc8SktvWMeUNgG2OWK19PuRjIDsfKCTtD3/1B1CljOUDhODnF
5x5gK67Mg2YHhTWAUv8z7dCt7ZpRdlFrAbugwO86x67iM4v9m/AUPxOTLr8Zk6DA
33VE9Bf9gRwUvYBTGna+o5gsnPKgE/KsmC2ONKce06H+wilrfwELBuv3125qOaW6
iffM7JU2iQk7MQJjCUcurCLfALaQhQqRAsLy1HL+Lf7ya3ox1iA2D111YSvLp49e
oSwFX6jOCH9lgc8Dt2tRgdNwVAX9ED7raa+ZUX8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQJsBvs7nuU7v6gHdY6KnQNG1pCpTAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L0NiQWI3TzU3bE83LW9CM1dPaXAwRFJ0YVFxVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBk148jMm76An6+TwNTkSCYpXZBJB6rFRGF/VqY
YyPuar0wAggJ0X/agCH2x1YQhJIYCVRzrCtEHdlTS0uO7nQcY7dINFt0dpDONYLe
sdk633TeeWr3fGMb9gGxo8qUq9sO3XyZuGOmYIAqJvogcrBgasBK/mK49+TgcMxX
6plzKmxX9KiSKMMIe1UanKYqNMu9v5y28AJySIjePgZYxKv2iUnpa0+oa1WJ1XB2
xscE0M49BoG/kA4rRMJ1Re1XVYbmkrZwi+xlHKDnWQejkXA3PwSEFok60cmItWUo
BBtdjHTX7WsBLrTRVutIa8OouBONIWubBYrCFaNM0X49l9L7
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:20:31 2025 by rpki-client