Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G2mM9Z9yYdgKgwM1D0wmbRcpiHY.roa
File: G2mM9Z9yYdgKgwM1D0wmbRcpiHY.roa (raw, json)
Hash identifier: Nn52KMzCuxVtilyATs+n1YuMSAZFWo/s9WXytGpmukc=
Subject key identifier: 1B:69:8C:F5:9F:72:61:D8:0A:83:03:35:0F:4C:26:6D:17:29:88:76
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184F1A482EE2B1A77F1D51A2D222572DE7D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G2mM9Z9yYdgKgwM1D0wmbRcpiHY.roa
Signing time: Thu 08 Dec 2022 12:10:01 +0000
ROA not before: Thu 08 Dec 2022 12:10:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:a4:82:ee:2b:1a:77:f1:d5:1a:2d:22:25:72:de:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 8 12:10:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b698cf59f7261d80a8303350f4c266d17298876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:86:4f:3f:75:57:60:f8:06:61:c9:e7:ce:6c:
25:e6:fd:b3:57:68:53:e8:d4:30:f1:6d:06:74:10:
cf:eb:bd:d5:79:e2:cb:fb:c1:6f:e7:30:89:1d:41:
e6:61:08:50:bc:93:57:cf:6a:94:4a:98:fe:40:8c:
f2:4f:84:d3:50:f7:94:84:20:05:0e:25:c9:1f:ff:
47:8a:e0:7b:3b:dc:07:5b:34:1e:30:76:bd:83:89:
ce:f0:a2:1a:d3:fd:db:d9:a8:3c:f7:d0:d9:3d:9b:
f3:b2:34:a6:e2:b1:24:73:e0:2c:50:79:87:5c:83:
65:77:0b:b7:f9:d1:1e:4a:56:db:19:4a:87:23:ec:
18:5e:6a:a9:30:e8:e1:e1:a7:49:49:08:3f:a7:90:
6b:5e:85:1b:1f:5d:fd:48:0f:37:b0:b0:cb:b1:14:
de:01:d5:54:28:44:d6:52:f5:40:bb:16:89:9b:ad:
72:a9:2e:30:06:da:33:cb:d1:9c:94:db:46:40:02:
c3:2f:6d:3e:ba:ae:f6:16:a0:52:2b:5d:8f:08:e2:
7d:b1:42:e4:68:0b:fc:d5:33:cb:08:8b:4f:97:87:
a3:1f:28:3e:52:ab:e7:37:b0:75:2d:1b:02:3f:a8:
4d:9b:d9:0f:d5:cf:75:74:8f:c2:d2:09:45:a4:30:
7f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:69:8C:F5:9F:72:61:D8:0A:83:03:35:0F:4C:26:6D:17:29:88:76
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G2mM9Z9yYdgKgwM1D0wmbRcpiHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:75:1d:12:87:94:27:17:32:49:74:db:b3:82:12:02:5b:b3:
ba:81:21:32:18:86:b5:d4:bd:a9:09:2e:17:bf:42:5e:44:54:
a6:2b:51:a5:46:05:f4:3d:4b:99:2f:79:0c:95:fa:ae:19:2b:
1a:c3:0f:d5:d5:99:98:20:04:43:cc:44:8e:28:c3:17:5f:04:
f0:a1:05:2f:90:bc:2d:98:d4:10:6f:d6:43:17:ca:59:77:bf:
10:af:48:b8:84:c8:54:13:d7:d9:74:bb:10:32:ad:08:e5:97:
fa:2f:e1:78:90:b2:b0:2f:c3:ae:a4:8d:69:ff:03:7d:3e:6c:
0b:01:9a:f3:56:3f:75:24:5d:ba:f6:97:1b:36:58:35:3d:ae:
93:22:b9:c4:42:77:bf:e9:94:95:5f:35:9a:0f:78:3f:a4:24:
a0:3f:a1:73:be:34:5f:8c:15:38:75:5e:fb:c4:16:ab:df:a2:
b0:02:e0:0a:48:fc:17:97:ba:fc:a1:b7:5a:a5:43:e9:c1:45:
2d:2d:8b:b0:22:1a:a4:38:56:a8:32:2d:80:e7:a2:d9:97:bc:
3b:c6:46:6c:89:12:cd:97:38:7f:47:ea:42:7d:bc:e4:f3:11:
ad:58:e2:b2:e6:a3:3d:c2:ab:39:58:19:b0:7b:f9:5c:10:ed:
c2:c3:8d:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTxpILuKxp38dUaLSIlct59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA4MTIxMDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjY5OGNmNTlmNzI2MWQ4MGE4MzAzMzUwZjRjMjY2ZDE3Mjk4ODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooZPP3VXYPgGYcnnzmwl5v2zV2hT
6NQw8W0GdBDP673VeeLL+8Fv5zCJHUHmYQhQvJNXz2qUSpj+QIzyT4TTUPeUhCAF
DiXJH/9HiuB7O9wHWzQeMHa9g4nO8KIa0/3b2ag899DZPZvzsjSm4rEkc+AsUHmH
XINldwu3+dEeSlbbGUqHI+wYXmqpMOjh4adJSQg/p5BrXoUbH139SA83sLDLsRTe
AdVUKETWUvVAuxaJm61yqS4wBtozy9GclNtGQALDL20+uq72FqBSK12PCOJ9sULk
aAv81TPLCItPl4ejHyg+UqvnN7B1LRsCP6hNm9kP1c91dI/C0glFpDB/+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBtpjPWfcmHYCoMDNQ9MJm0XKYh2MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRzJtTTlaOXlZZGdLZ3dNMUQwd21iUmNwaUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGx1HRKHlCcXMkl027OC
EgJbs7qBITIYhrXUvakJLhe/Ql5EVKYrUaVGBfQ9S5kveQyV+q4ZKxrDD9XVmZgg
BEPMRI4owxdfBPChBS+QvC2Y1BBv1kMXyll3vxCvSLiEyFQT19l0uxAyrQjll/ov
4XiQsrAvw66kjWn/A30+bAsBmvNWP3UkXbr2lxs2WDU9rpMiucRCd7/plJVfNZoP
eD+kJKA/oXO+NF+MFTh1XvvEFqvforAC4ApI/BeXuvyht1qlQ+nBRS0ti7AiGqQ4
VqgyLYDnotmXvDvGRmyJEs2XOH9H6kJ9vOTzEa1Y4rLmoz3CqzlYGbB7+VwQ7cLD
jQc=
-----END CERTIFICATE-----
Generated at Sat May 3 03:10:30 2025 by rpki-client