Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/J3jPIj0hkSPmelhDn2lrXQ0vH5Y.roa
File: J3jPIj0hkSPmelhDn2lrXQ0vH5Y.roa (raw, json)
Hash identifier: yBd22oQOJrLoyfKa+u6v9G2Wbhe46gzUd9jdYUnWUao=
Subject key identifier: 27:78:CF:22:3D:21:91:23:E6:7A:58:43:9F:69:6B:5D:0D:2F:1F:96
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018542C063106E3A35EF0BFCA52A8C19603A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/J3jPIj0hkSPmelhDn2lrXQ0vH5Y.roa
Signing time: Sat 24 Dec 2022 06:09:42 +0000
ROA not before: Sat 24 Dec 2022 06:09:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:42:c0:63:10:6e:3a:35:ef:0b:fc:a5:2a:8c:19:60:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 24 06:09:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2778cf223d219123e67a58439f696b5d0d2f1f96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ac:6c:f4:a1:98:4a:4f:9a:63:71:32:11:ab:
f9:94:a4:32:9b:6d:c6:b8:9c:ef:f8:3d:ee:35:5b:
59:4c:bb:52:df:20:41:16:ce:3d:56:d9:9d:58:87:
4f:7d:f9:98:72:a4:c3:17:14:b8:ab:d4:0e:86:5d:
be:b7:ce:95:b9:03:1f:a9:fd:3d:22:ab:aa:1a:46:
85:bc:6d:91:68:95:5f:ff:df:74:78:68:f3:00:8c:
f5:d8:14:d9:15:ab:75:4a:27:17:96:fb:86:dd:e4:
a8:5c:b7:f4:c2:52:b3:bb:a7:c0:11:5c:73:66:bd:
30:7d:27:cd:bf:61:e4:74:7f:6e:43:ff:0c:0a:72:
5d:10:52:ea:66:5d:b6:cf:79:1b:92:93:e4:e7:37:
15:df:8d:a7:8a:50:09:e0:b4:fa:57:47:39:0a:3e:
87:36:de:31:13:df:06:9d:17:19:d2:dc:90:17:28:
88:a2:4e:2a:52:1c:90:e8:03:ec:89:f0:64:4a:8b:
16:7c:9a:64:3e:c6:38:17:39:df:b2:86:3c:04:04:
13:24:6b:56:00:4e:8b:02:79:ff:84:2f:0e:20:26:
0c:e1:cf:e9:4f:7b:cd:ed:d7:af:77:f6:71:6c:e1:
e4:78:1f:e1:57:0c:64:32:aa:a5:ed:fd:03:8d:59:
2b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:78:CF:22:3D:21:91:23:E6:7A:58:43:9F:69:6B:5D:0D:2F:1F:96
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/J3jPIj0hkSPmelhDn2lrXQ0vH5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ad:63:47:1e:bf:4d:55:08:23:9c:86:52:c0:78:bd:1d:4a:a3:
66:2e:37:7d:c8:79:58:ca:92:17:ac:d7:9b:11:29:11:3c:ec:
56:10:1d:ef:9b:30:b8:67:0b:86:44:03:cd:52:83:ad:22:c2:
f5:8e:a4:a9:f5:74:1f:f4:ee:fc:f4:9c:05:c7:11:3c:09:34:
2f:72:46:ef:6f:aa:80:ab:b6:35:fc:6d:f5:4d:e3:49:ef:0e:
1a:70:ab:46:20:0f:2d:3b:84:c8:40:0d:d2:4a:06:4f:ac:7d:
4c:78:85:06:04:78:62:76:31:44:0c:da:e1:b4:a4:08:9b:95:
84:17:4e:79:0d:5d:b9:5a:10:32:5d:27:40:fa:ea:85:fb:a4:
6f:df:1c:89:65:87:93:b5:16:6a:fd:21:7c:16:fe:d7:7a:98:
df:89:78:c7:e2:ac:77:aa:ea:68:a7:ae:2f:41:d0:13:b6:19:
aa:32:c1:57:5e:c6:1f:a2:3b:fd:d0:d7:65:00:00:a1:2e:66:
a6:25:43:73:1e:ef:b6:aa:52:7e:0a:43:b6:a8:87:bf:de:88:
af:03:ec:f5:fc:8d:61:11:ec:44:a7:e6:ba:6c:87:22:d5:87:
52:5e:44:fd:35:31:31:50:c3:37:a5:a3:3c:82:6b:f2:92:ed:
a9:25:99:75
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVCwGMQbjo17wv8pSqMGWA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI0MDYwOTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzc4Y2YyMjNkMjE5MTIzZTY3YTU4NDM5ZjY5NmI1ZDBkMmYxZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqxs9KGYSk+aY3EyEav5lKQym23G
uJzv+D3uNVtZTLtS3yBBFs49VtmdWIdPffmYcqTDFxS4q9QOhl2+t86VuQMfqf09
IquqGkaFvG2RaJVf/990eGjzAIz12BTZFat1SicXlvuG3eSoXLf0wlKzu6fAEVxz
Zr0wfSfNv2HkdH9uQ/8MCnJdEFLqZl22z3kbkpPk5zcV342nilAJ4LT6V0c5Cj6H
Nt4xE98GnRcZ0tyQFyiIok4qUhyQ6APsifBkSosWfJpkPsY4FznfsoY8BAQTJGtW
AE6LAnn/hC8OICYM4c/pT3vN7devd/ZxbOHkeB/hVwxkMqql7f0DjVkrhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCd4zyI9IZEj5npYQ59pa10NLx+WMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSjNqUElqMGhrU1BtZWxoRG4ybHJYUTB2SDVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK1jRx6/TVUII5yGUsB4
vR1Ko2YuN33IeVjKkhes15sRKRE87FYQHe+bMLhnC4ZEA81Sg60iwvWOpKn1dB/0
7vz0nAXHETwJNC9yRu9vqoCrtjX8bfVN40nvDhpwq0YgDy07hMhADdJKBk+sfUx4
hQYEeGJ2MUQM2uG0pAiblYQXTnkNXblaEDJdJ0D66oX7pG/fHIllh5O1Fmr9IXwW
/td6mN+JeMfirHeq6minri9B0BO2GaoywVdexh+iO/3Q12UAAKEuZqYlQ3Me77aq
Un4KQ7aoh7/eiK8D7PX8jWER7ESn5rpshyLVh1JeRP01MTFQwzelozyCa/KS7akl
mXU=
-----END CERTIFICATE-----
Generated at Fri May 2 19:24:53 2025 by rpki-client