Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G45quW--HM3vErBhA9feI_bVN0E.roa
File: G45quW--HM3vErBhA9feI_bVN0E.roa (raw, json)
Hash identifier: 56TxcOW2InZrw8+JltX1H0MPhIv1XgziKM1NO+YAmnw=
Subject key identifier: 1B:8E:6A:B9:6F:BE:1C:CD:EF:12:B0:61:03:D7:DE:23:F6:D5:37:41
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01822189EC3CA0EDC4EA0C2F1973257F0852
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G45quW--HM3vErBhA9feI_bVN0E.roa
Signing time: Thu 21 Jul 2022 16:14:23 +0000
ROA not before: Thu 21 Jul 2022 16:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:21:89:ec:3c:a0:ed:c4:ea:0c:2f:19:73:25:7f:08:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 21 16:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b8e6ab96fbe1ccdef12b06103d7de23f6d53741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d7:4c:ec:01:eb:a1:76:97:91:6c:cd:30:82:
14:47:49:76:68:93:7b:c3:c6:03:3c:da:81:69:cc:
0f:d0:94:31:d2:ec:f2:c7:7f:3a:82:58:26:5b:c2:
ff:d2:a3:61:e3:b7:82:e5:ea:a2:06:9c:c2:5f:40:
63:bb:60:ab:b0:5d:d2:36:08:37:b2:d3:00:fa:1a:
20:32:1d:65:2b:b9:03:de:05:2f:e5:e6:ca:15:d8:
be:a8:bf:0a:82:d2:d8:68:5d:4f:90:8e:fd:31:12:
57:33:fc:47:04:75:0b:0f:31:c9:3e:f1:07:b2:c8:
f5:08:43:22:f9:c7:a2:62:f5:e6:90:bf:64:0b:5f:
f3:99:29:23:a9:62:56:2d:32:43:ee:14:40:9e:4b:
16:1e:68:4d:4c:55:28:a0:6a:52:f3:02:40:1c:99:
6b:75:9f:bf:39:71:f2:02:b2:a9:bd:60:01:50:ef:
1c:c3:a2:6c:de:01:30:f9:50:65:17:77:64:1d:2a:
d2:d5:46:3e:37:39:ac:0f:a0:b6:31:89:2b:c5:81:
32:75:88:50:63:3a:a5:b8:ff:60:9c:e4:d7:ab:07:
97:ff:8c:cf:02:4c:3f:18:69:81:b9:00:8e:e4:97:
39:0b:73:7a:cd:26:87:3a:b5:1a:f2:17:b3:ce:e7:
dd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:8E:6A:B9:6F:BE:1C:CD:EF:12:B0:61:03:D7:DE:23:F6:D5:37:41
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G45quW--HM3vErBhA9feI_bVN0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:0f:2e:a4:07:fc:1a:ee:f4:5d:6e:85:e5:b4:10:68:5b:77:
88:6e:ab:ca:2f:c9:ab:df:00:9d:7e:fe:ac:f6:21:26:c2:7f:
43:4c:12:25:11:d0:53:f3:63:14:82:12:d5:bf:68:e5:7f:a0:
81:2b:a0:9a:7c:0e:aa:d8:cb:dd:0e:51:92:0f:46:c7:51:26:
db:d4:ac:f3:c7:35:47:2a:5b:e4:7f:91:e5:c7:b2:eb:69:71:
86:86:d4:76:69:5a:48:dd:94:e6:7b:d0:5d:92:c5:c4:65:98:
ff:a1:0b:93:a2:90:81:0f:4e:b6:a2:95:af:a1:1c:24:9f:57:
02:0e:10:48:b0:7b:3c:4e:3e:9d:82:21:b7:e3:9d:60:56:8a:
dc:68:fb:76:d9:fb:84:0d:cb:c4:62:12:71:53:91:a5:3f:aa:
d0:fa:c3:96:68:0a:83:c9:e2:57:60:c5:57:80:61:48:d7:2c:
59:bd:c6:01:43:06:52:84:73:3b:82:f1:81:e2:c8:d3:4e:96:
bb:7b:8b:63:6c:09:87:64:50:40:69:8d:41:2e:7c:a6:ba:ba:
da:a7:ae:fe:53:fc:2d:07:ad:39:8d:78:7f:87:3b:f2:74:4e:
02:f5:7c:74:7d:17:8e:f5:c0:53:09:4d:34:ed:30:47:ea:de:
b9:df:47:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYIhiew8oO3E6gwvGXMlfwhSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzIxMTYxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjhlNmFiOTZmYmUxY2NkZWYxMmIwNjEwM2Q3ZGUyM2Y2ZDUzNzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotdM7AHroXaXkWzNMIIUR0l2aJN7
w8YDPNqBacwP0JQx0uzyx386glgmW8L/0qNh47eC5eqiBpzCX0Bju2CrsF3SNgg3
stMA+hogMh1lK7kD3gUv5ebKFdi+qL8KgtLYaF1PkI79MRJXM/xHBHULDzHJPvEH
ssj1CEMi+ceiYvXmkL9kC1/zmSkjqWJWLTJD7hRAnksWHmhNTFUooGpS8wJAHJlr
dZ+/OXHyArKpvWABUO8cw6Js3gEw+VBlF3dkHSrS1UY+NzmsD6C2MYkrxYEydYhQ
YzqluP9gnOTXqweX/4zPAkw/GGmBuQCO5Jc5C3N6zSaHOrUa8hezzufdtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBuOarlvvhzN7xKwYQPX3iP21TdBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRzQ1cXVXLS1ITTN2RXJCaEE5ZmVJX2JWTjBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABwPLqQH/Bru9F1uheW0
EGhbd4huq8ovyavfAJ1+/qz2ISbCf0NMEiUR0FPzYxSCEtW/aOV/oIEroJp8DqrY
y90OUZIPRsdRJtvUrPPHNUcqW+R/keXHsutpcYaG1HZpWkjdlOZ70F2SxcRlmP+h
C5OikIEPTraila+hHCSfVwIOEEiwezxOPp2CIbfjnWBWitxo+3bZ+4QNy8RiEnFT
kaU/qtD6w5ZoCoPJ4ldgxVeAYUjXLFm9xgFDBlKEczuC8YHiyNNOlrt7i2NsCYdk
UEBpjUEufKa6utqnrv5T/C0HrTmNeH+HO/J0TgL1fHR9F471wFMJTTTtMEfq3rnf
R7Q=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:45:13 2025 by rpki-client