Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JoKzf4eyvfVkGqt5MG1aW9r1e80.roa
File: JoKzf4eyvfVkGqt5MG1aW9r1e80.roa (raw, json)
Hash identifier: pW0U3y6J9lUsuMSVKEXcK7WfbNFUBFW69IsEZubiOsc=
Subject key identifier: 26:82:B3:7F:87:B2:BD:F5:64:1A:AB:79:30:6D:5A:5B:DA:F5:7B:CD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185D7E48ADADDB8068A52179066E3D49B98
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JoKzf4eyvfVkGqt5MG1aW9r1e80.roa
Signing time: Sun 22 Jan 2023 05:12:37 +0000
ROA not before: Sun 22 Jan 2023 05:12:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d7:e4:8a:da:dd:b8:06:8a:52:17:90:66:e3:d4:9b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 22 05:12:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2682b37f87b2bdf5641aab79306d5a5bdaf57bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:14:57:8d:23:37:c9:1f:60:2a:34:8f:7a:b8:
e6:4f:ee:fd:b4:dc:f2:09:38:ad:65:d5:6b:d3:6d:
9e:f2:79:55:c7:4c:46:ac:a0:40:23:41:5d:6a:9c:
73:c1:40:50:12:0f:29:51:a5:61:93:d9:2c:a3:cd:
e2:c9:52:26:c2:ee:4e:4c:c4:b6:1f:57:46:fb:2f:
f2:b3:1b:45:25:5c:a1:21:cd:be:9a:50:c3:30:d5:
bf:29:f0:29:64:ef:90:41:b9:f6:a1:9b:76:8c:28:
1e:fb:22:23:3e:fa:f2:33:58:2a:f0:e5:41:6d:d5:
18:b1:43:b3:57:68:22:63:92:71:38:c6:19:df:28:
56:ba:42:4b:f5:51:ed:72:b8:f8:d0:ff:f8:24:e9:
c1:c1:2a:e6:94:13:39:c9:40:61:0b:cd:04:d8:d1:
ed:1c:6c:cd:d6:47:bc:7b:03:02:51:4d:bc:c3:41:
ef:0b:a1:53:4c:18:e7:47:25:84:13:bc:c7:bf:8b:
fa:e6:fa:b2:9e:80:7a:8d:cb:30:41:2c:6a:13:19:
58:b5:d6:84:75:f1:d3:b2:39:5d:46:ac:10:a8:a6:
a0:5c:32:fb:da:bc:16:de:8d:d5:66:08:a1:64:df:
6e:7b:2e:c6:1a:9f:58:4a:49:bf:05:1b:7d:47:85:
61:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:82:B3:7F:87:B2:BD:F5:64:1A:AB:79:30:6D:5A:5B:DA:F5:7B:CD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JoKzf4eyvfVkGqt5MG1aW9r1e80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:de:db:d3:c8:27:3c:22:0d:65:0e:fe:56:08:e0:31:cb:73:
ea:c1:48:f8:6a:49:32:46:a1:5b:4c:f8:c2:82:c0:2f:da:f8:
ad:f5:44:9c:a1:72:8d:bf:97:88:2a:3f:53:d4:19:de:bf:d7:
a8:75:0d:39:b7:3c:f8:2b:bd:df:ce:06:6d:5a:7e:b2:53:82:
0a:55:b0:7d:45:c3:94:9f:31:b4:e7:33:32:4c:be:5d:cf:f9:
f3:d8:b1:4b:9f:c6:bd:1c:3c:92:71:97:0c:3c:7f:06:21:3c:
09:a2:65:55:e4:26:a8:10:6e:af:08:e6:d4:f3:66:84:70:d3:
46:7f:ad:0d:9b:5b:b8:77:f5:46:2b:c6:b3:ca:05:96:78:34:
de:e2:ec:02:4b:dd:a4:55:ba:bd:db:77:6f:30:50:be:68:d9:
f7:64:da:5d:69:79:31:6a:26:9e:08:37:91:51:10:b5:f4:4e:
9c:04:01:36:3c:23:78:da:9b:bd:9b:77:8f:16:b3:16:cb:97:
bd:39:64:5a:ec:47:e9:66:86:64:ba:3f:96:d4:30:85:b5:96:
6a:f7:12:89:ef:c7:25:a3:30:a3:18:26:d2:75:d7:29:4b:f8:
87:dc:96:cd:94:28:08:53:5e:71:0a:bd:21:6d:f8:03:df:61:
5f:bb:e9:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXX5Ira3bgGilIXkGbj1JuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIyMDUxMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjgyYjM3Zjg3YjJiZGY1NjQxYWFiNzkzMDZkNWE1YmRhZjU3YmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxRXjSM3yR9gKjSPerjmT+79tNzy
CTitZdVr022e8nlVx0xGrKBAI0FdapxzwUBQEg8pUaVhk9kso83iyVImwu5OTMS2
H1dG+y/ysxtFJVyhIc2+mlDDMNW/KfApZO+QQbn2oZt2jCge+yIjPvryM1gq8OVB
bdUYsUOzV2giY5JxOMYZ3yhWukJL9VHtcrj40P/4JOnBwSrmlBM5yUBhC80E2NHt
HGzN1ke8ewMCUU28w0HvC6FTTBjnRyWEE7zHv4v65vqynoB6jcswQSxqExlYtdaE
dfHTsjldRqwQqKagXDL72rwW3o3VZgihZN9uey7GGp9YSkm/BRt9R4VhCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCaCs3+Hsr31ZBqreTBtWlva9XvNMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSm9LemY0ZXl2ZlZrR3F0NU1HMWFXOXIxZTgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJfe29PIJzwiDWUO/lYI
4DHLc+rBSPhqSTJGoVtM+MKCwC/a+K31RJyhco2/l4gqP1PUGd6/16h1DTm3PPgr
vd/OBm1afrJTggpVsH1Fw5SfMbTnMzJMvl3P+fPYsUufxr0cPJJxlww8fwYhPAmi
ZVXkJqgQbq8I5tTzZoRw00Z/rQ2bW7h39UYrxrPKBZZ4NN7i7AJL3aRVur3bd28w
UL5o2fdk2l1peTFqJp4IN5FRELX0TpwEATY8I3jam72bd48WsxbLl705ZFrsR+lm
hmS6P5bUMIW1lmr3EonvxyWjMKMYJtJ11ylL+Ifcls2UKAhTXnEKvSFt+APfYV+7
6UE=
-----END CERTIFICATE-----
Generated at Thu May 1 10:22:15 2025 by rpki-client