Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EXzuQqv7oz793bhRzWXE49gccts.roa
File: EXzuQqv7oz793bhRzWXE49gccts.roa (raw, json)
Hash identifier: cDkLwA3t88FXCMrGUD6vrgEvsAwcsA3CZNyN+wJFEoE=
Subject key identifier: 11:7C:EE:42:AB:FB:A3:3E:FD:DD:B8:51:CD:65:C4:E3:D8:1C:72:DB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8A3B07CF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EXzuQqv7oz793bhRzWXE49gccts.roa
Signing time: Sun 05 Jun 2022 22:10:20 +0000
ROA not before: Sun 05 Jun 2022 22:10:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2319124431 (0x8a3b07cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 5 22:10:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=117cee42abfba33efdddb851cd65c4e3d81c72db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:90:18:2f:5d:de:84:6c:1b:9f:7e:06:f7:dd:
39:a9:c7:35:fb:3d:a4:3c:4f:43:51:9d:80:fe:02:
0d:ef:f7:85:e2:cf:2e:b2:e8:2a:52:42:d5:4b:bb:
47:e0:bb:75:77:3b:de:b1:5e:0a:19:d0:7e:d6:c2:
8b:06:e6:83:21:a5:e3:8e:61:35:2d:f9:d8:e8:f1:
ef:27:4c:0e:17:77:02:da:97:3d:06:92:4f:12:6d:
01:db:3a:b3:90:ac:df:09:f9:67:f1:3e:3e:c0:d0:
72:3b:e5:e9:7e:bd:ac:44:3d:05:83:1f:b0:23:2c:
5b:d6:2e:e1:38:f6:2d:2d:28:39:5f:b6:77:52:8f:
30:93:33:e7:3b:18:31:23:64:2b:68:ae:ee:55:94:
6d:25:f3:06:23:87:91:ca:4b:3e:79:80:6b:01:35:
60:01:80:25:1f:28:36:f9:a5:48:ee:27:b1:09:fc:
bf:21:a6:30:cb:62:f0:b1:52:ee:9d:9e:e4:b0:ed:
b3:59:95:8e:e3:41:08:20:55:e2:3b:b7:df:a6:b0:
02:81:66:f7:cb:82:03:66:09:dd:6f:9c:5b:1e:07:
6c:64:6b:2d:3f:d5:ae:e7:61:fa:aa:50:70:44:e3:
04:f4:3e:7e:1e:31:75:83:b0:f9:3d:f1:27:e6:bf:
75:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7C:EE:42:AB:FB:A3:3E:FD:DD:B8:51:CD:65:C4:E3:D8:1C:72:DB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/EXzuQqv7oz793bhRzWXE49gccts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:5b:b2:0b:ff:d8:db:7a:65:23:9f:10:6e:5c:d7:70:60:ce:
a0:80:80:15:5b:89:df:b8:60:9d:7e:1d:28:6a:a7:45:17:9b:
80:2b:1d:60:64:d1:ee:f2:87:35:b9:e2:d4:7c:0a:14:59:25:
23:ce:99:6a:83:2b:7f:3d:95:76:ca:04:df:7e:42:d1:05:bb:
c2:73:e0:0b:4f:8e:a5:2d:57:fe:f4:21:98:4d:3e:95:ad:3c:
88:6e:4b:a8:e2:db:f1:74:f6:d6:90:70:b8:a8:8b:39:d8:83:
22:be:b2:33:c9:b3:50:2a:c8:ee:1f:d6:7d:61:cb:71:e3:a0:
b4:ff:31:01:01:63:10:ce:f7:f1:94:ac:ab:b8:3a:05:0d:84:
e2:9a:56:99:81:ae:ab:de:b0:53:af:65:da:9f:51:2a:c9:9b:
93:5c:c3:37:ed:a7:9f:b8:b1:ab:80:82:06:3e:30:26:7f:a9:
c0:c2:b8:a9:5c:44:5f:7f:1a:60:5d:85:9d:b2:ac:53:d3:f5:
a4:d3:87:60:8e:60:12:cb:de:4b:86:a7:4e:b9:af:f0:df:f8:
2c:a6:30:1d:4c:3d:09:7d:14:b4:e0:0f:35:e9:f8:f9:d2:9c:
d9:16:43:86:2b:c1:24:ce:3e:5c:45:c3:85:d2:08:79:c7:6e:
69:bd:11:41
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIo7B88wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MDUyMjEwMjBaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDExN2NlZTQyYWJm
YmEzM2VmZGRkYjg1MWNkNjVjNGUzZDgxYzcyZGIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRkBgvXd6EbBuffgb33TmpxzX7PaQ8T0NRnYD+Ag3v94Xi
zy6y6CpSQtVLu0fgu3V3O96xXgoZ0H7WwosG5oMhpeOOYTUt+djo8e8nTA4XdwLa
lz0Gkk8SbQHbOrOQrN8J+WfxPj7A0HI75el+vaxEPQWDH7AjLFvWLuE49i0tKDlf
tndSjzCTM+c7GDEjZCtoru5VlG0l8wYjh5HKSz55gGsBNWABgCUfKDb5pUjuJ7EJ
/L8hpjDLYvCxUu6dnuSw7bNZlY7jQQggVeI7t9+msAKBZvfLggNmCd1vnFseB2xk
ay0/1a7nYfqqUHBE4wT0Pn4eMXWDsPk98Sfmv3ULAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUEXzuQqv7oz793bhRzWXE49gcctswHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9FWHp1UXF2N296NzkzYmhSeldYRTQ5Z2NjdHMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAlluyC//Y23plI58QblzXcGDOoICAFVuJ37hg
nX4dKGqnRRebgCsdYGTR7vKHNbni1HwKFFklI86ZaoMrfz2VdsoE335C0QW7wnPg
C0+OpS1X/vQhmE0+la08iG5LqOLb8XT21pBwuKiLOdiDIr6yM8mzUCrI7h/WfWHL
ceOgtP8xAQFjEM738ZSsq7g6BQ2E4ppWmYGuq96wU69l2p9RKsmbk1zDN+2nn7ix
q4CCBj4wJn+pwMK4qVxEX38aYF2FnbKsU9P1pNOHYI5gEsveS4anTrmv8N/4LKYw
HUw9CX0UtOAPNen4+dKc2RZDhivBJM4+XEXDhdIIecduab0RQQ==
-----END CERTIFICATE-----
Generated at Thu May 1 10:33:07 2025 by rpki-client