Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/D3s3JEDcfo0q0FQM0BR8_-HW20Q.roa
File: D3s3JEDcfo0q0FQM0BR8_-HW20Q.roa (raw, json)
Hash identifier: cdltI1hqWnV+qnPPk/bPrEU2ktvgG0LwkeUbN1cJPsQ=
Subject key identifier: 0F:7B:37:24:40:DC:7E:8D:2A:D0:54:0C:D0:14:7C:FF:E1:D6:DB:44
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 89004D44
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/D3s3JEDcfo0q0FQM0BR8_-HW20Q.roa
Signing time: Wed 01 Jun 2022 12:09:20 +0000
ROA not before: Wed 01 Jun 2022 12:09:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
2001:67c:64:ffff:0:180:ff9c:1e7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2298498372 (0x89004d44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 1 12:09:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f7b372440dc7e8d2ad0540cd0147cffe1d6db44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:fd:5a:84:14:20:2b:0a:0d:9b:f5:28:5f:ef:
3f:fb:0d:32:f8:e0:18:e5:fc:bb:0b:c8:bd:e1:19:
76:36:25:fc:24:1d:9c:03:9c:43:1a:a6:70:d1:3f:
8b:6b:1a:a9:c9:ad:a2:2f:f9:28:ee:8b:42:71:92:
b5:1d:b2:7b:86:86:1d:8b:09:3c:fa:69:61:f3:7b:
c1:77:0f:8b:16:0b:0a:cb:5b:d9:77:9e:90:06:73:
46:d9:53:ff:dd:98:14:68:c1:d0:d2:3f:03:12:a4:
e3:55:6e:d0:8f:20:1d:3d:41:60:6c:11:56:38:50:
da:b1:68:b8:bf:83:34:00:17:1f:12:b5:ad:30:67:
8c:ac:79:d1:ad:6a:b3:f5:4f:4b:ce:15:0a:6a:c4:
41:2f:60:2b:c4:bb:2d:22:6e:b0:12:57:7d:6c:56:
1b:d9:91:fe:b9:83:35:d5:4b:58:fc:ab:80:b4:9c:
d3:36:5c:4d:5e:9f:5a:f9:a6:b8:49:50:4a:ae:ef:
a5:af:a7:72:96:a6:a6:e2:e4:ce:4e:17:d5:ce:4b:
54:d8:56:e0:72:bb:eb:cd:20:3a:4f:aa:46:e1:92:
6b:be:b6:57:d3:64:33:e8:7a:b3:66:ec:19:26:01:
35:cd:a3:41:9d:23:35:a6:84:ec:5b:33:85:55:d8:
ff:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:7B:37:24:40:DC:7E:8D:2A:D0:54:0C:D0:14:7C:FF:E1:D6:DB:44
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/D3s3JEDcfo0q0FQM0BR8_-HW20Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:76:9e:9e:24:93:b4:69:85:fc:62:4f:f6:f2:9d:08:a9:60:
e2:4d:36:97:e5:92:c6:fd:be:70:fa:c7:d3:bf:01:db:f3:97:
2e:56:fd:aa:e5:3b:70:62:37:7a:68:a6:8c:ad:b2:50:77:40:
55:5c:d8:e8:9c:44:6d:6f:67:50:70:10:e9:3b:de:29:a2:9a:
2f:8c:b3:4a:38:a8:9e:a1:81:32:c6:8a:e6:fd:91:9e:fb:b2:
48:95:9d:d2:aa:9e:a7:21:00:25:4f:62:61:e3:b3:44:4e:c6:
0a:0f:2c:2e:59:b6:aa:2d:6a:42:6f:0d:ac:75:62:56:59:7c:
71:e7:c2:2c:fd:98:d9:84:48:10:ad:ef:8b:b9:19:86:c4:cd:
4e:fe:ec:2a:b0:a0:ce:c3:9a:f4:9e:6f:b2:16:67:f2:33:4b:
9f:d5:23:26:78:02:6b:a3:e0:f0:7d:69:25:56:87:19:8e:76:
38:37:3a:7b:df:42:d2:c5:1c:dc:af:0c:95:c8:97:58:c5:9b:
45:64:c2:58:94:04:23:32:38:1a:f2:69:f0:bc:ed:47:4e:f3:
7a:b5:c3:cf:d6:11:89:c3:52:38:bb:0e:08:70:92:61:15:21:
dc:65:6a:76:85:3c:09:21:74:d9:a1:fa:fe:76:29:80:0f:6f:
48:47:c3:c1
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIkATUQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MDExMjA5MjBaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDBmN2IzNzI0NDBk
YzdlOGQyYWQwNTQwY2QwMTQ3Y2ZmZTFkNmRiNDQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDR/VqEFCArCg2b9Shf7z/7DTL44Bjl/LsLyL3hGXY2Jfwk
HZwDnEMapnDRP4trGqnJraIv+Sjui0JxkrUdsnuGhh2LCTz6aWHze8F3D4sWCwrL
W9l3npAGc0bZU//dmBRowdDSPwMSpONVbtCPIB09QWBsEVY4UNqxaLi/gzQAFx8S
ta0wZ4ysedGtarP1T0vOFQpqxEEvYCvEuy0ibrASV31sVhvZkf65gzXVS1j8q4C0
nNM2XE1en1r5prhJUEqu76Wvp3KWpqbi5M5OF9XOS1TYVuByu+vNIDpPqkbhkmu+
tlfTZDPoerNm7BkmATXNo0GdIzWmhOxbM4VV2P/zAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUD3s3JEDcfo0q0FQM0BR8/+HW20QwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9EM3MzSkVEY2ZvMHEwRlFNMEJSOF8tSFcyMFEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEATXaeniSTtGmF/GJP9vKdCKlg4k02l+WSxv2+
cPrH078B2/OXLlb9quU7cGI3emimjK2yUHdAVVzY6JxEbW9nUHAQ6TveKaKaL4yz
SjionqGBMsaK5v2RnvuySJWd0qqepyEAJU9iYeOzRE7GCg8sLlm2qi1qQm8NrHVi
Vll8cefCLP2Y2YRIEK3vi7kZhsTNTv7sKrCgzsOa9J5vshZn8jNLn9UjJngCa6Pg
8H1pJVaHGY52ODc6e99C0sUc3K8MlciXWMWbRWTCWJQEIzI4GvJp8LztR07zerXD
z9YRicNSOLsOCHCSYRUh3GVqdoU8CSF02aH6/nYpgA9vSEfDwQ==
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:06:34 2025 by rpki-client