Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Ki-QKpEllmgr1dgR-OuEPcCQK90.roa
File: Ki-QKpEllmgr1dgR-OuEPcCQK90.roa (raw, json)
Hash identifier: 0n1BXiX+kX2/1F+JuwVeCNFg0G1Zz7nSpWPruSl0XNg=
Subject key identifier: 2A:2F:90:2A:91:25:96:68:2B:D5:D8:11:F8:EB:84:3D:C0:90:2B:DD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 72829406
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Ki-QKpEllmgr1dgR-OuEPcCQK90.roa
Signing time: Mon 14 Mar 2022 19:10:36 +0000
ROA not before: Mon 14 Mar 2022 19:10:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17f:87e3:2531/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1921160198 (0x72829406)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 14 19:10:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a2f902a912596682bd5d811f8eb843dc0902bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:27:9c:85:63:d2:10:5e:50:79:f9:8f:f7:c8:
0a:d2:76:df:75:38:41:53:e2:df:32:1a:ef:e3:73:
5c:d8:f9:38:95:5c:64:60:fa:f3:4c:93:57:01:44:
c2:a1:e4:b0:89:62:9d:5b:b3:b4:40:ee:ce:b7:49:
6e:de:b9:12:f3:e9:1f:9a:02:69:ea:b1:1b:d3:ea:
14:f6:3f:29:d8:f0:01:f1:d0:78:3e:fb:a3:b1:6f:
97:3d:be:5c:0f:e6:28:64:16:f2:04:7b:21:c6:87:
88:ea:22:e9:8a:d0:45:11:b7:ef:75:4a:bf:18:be:
f4:80:9d:9e:0c:78:da:3a:90:80:9a:d7:c3:82:4c:
fd:f7:03:8f:e6:0a:0f:82:88:cc:1d:0d:5d:3e:21:
a8:52:79:e0:79:35:14:d9:c5:62:1f:96:43:fd:c7:
31:eb:26:e0:05:e1:c6:fb:b9:ad:2c:de:f9:01:ba:
b8:7d:ab:2d:73:92:c0:54:c7:2b:86:88:a9:0e:84:
75:0e:4a:cd:03:49:5f:0d:ac:a9:45:e6:0f:9f:0e:
09:a0:a9:ec:70:25:22:aa:d5:f5:e8:87:75:f1:dc:
6b:fd:65:e8:dd:cc:2b:8b:18:a7:a8:a2:1c:4c:f3:
bb:d7:a1:68:ca:12:70:8d:86:6c:14:0e:f2:1f:33:
29:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2F:90:2A:91:25:96:68:2B:D5:D8:11:F8:EB:84:3D:C0:90:2B:DD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Ki-QKpEllmgr1dgR-OuEPcCQK90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b5:84:39:cd:7e:5e:dc:32:39:52:7f:f6:c2:d8:26:d9:92:9e:
8f:46:bd:80:11:9d:7f:bd:a2:f3:0f:d9:7e:ac:72:18:58:47:
e4:23:c5:fc:b8:74:42:24:9b:00:94:a4:8f:c8:4a:b0:97:bc:
e6:d3:ce:86:11:3b:48:29:a9:13:13:fe:5f:91:37:48:8e:e4:
0b:9e:c4:9c:66:cd:e9:c4:7d:3b:70:06:46:47:1c:f1:85:89:
e7:c5:79:7c:89:3b:11:57:20:35:17:28:19:25:ab:d1:82:6d:
54:3f:f9:b2:23:82:80:92:3d:66:e8:ea:8e:1f:22:2d:e0:bd:
9b:36:03:7d:bb:7e:ac:5e:36:51:d1:2a:16:cc:db:c4:2b:a7:
9c:99:d0:0b:19:6c:93:82:cd:4c:a9:28:69:35:58:b5:65:b0:
f3:20:47:00:7f:12:86:69:79:e2:6b:2d:2c:58:73:de:00:28:
ab:7b:3e:e2:ca:06:48:3d:78:33:18:f1:da:a9:5f:f6:cc:0a:
f6:43:82:d9:72:45:48:8f:61:6a:51:3f:0e:07:b6:c1:d1:fc:
69:61:49:06:e0:5b:aa:74:68:f1:43:8a:26:b8:d3:51:42:76:
43:84:92:7b:ef:9d:d1:b3:f1:cf:15:8a:e8:c4:11:3a:51:df:
52:35:a5:f1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEcoKUBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMx
NDE5MTAzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmEyZjkwMmE5MTI1
OTY2ODJiZDVkODExZjhlYjg0M2RjMDkwMmJkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4nnIVj0hBeUHn5j/fICtJ233U4QVPi3zIa7+NzXNj5OJVc
ZGD680yTVwFEwqHksIlinVuztEDuzrdJbt65EvPpH5oCaeqxG9PqFPY/KdjwAfHQ
eD77o7Fvlz2+XA/mKGQW8gR7IcaHiOoi6YrQRRG373VKvxi+9ICdngx42jqQgJrX
w4JM/fcDj+YKD4KIzB0NXT4hqFJ54Hk1FNnFYh+WQ/3HMesm4AXhxvu5rSze+QG6
uH2rLXOSwFTHK4aIqQ6EdQ5KzQNJXw2sqUXmD58OCaCp7HAlIqrV9eiHdfHca/1l
6N3MK4sYp6iiHEzzu9ehaMoScI2GbBQO8h8zKZ0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQqL5AqkSWWaCvV2BH464Q9wJAr3TAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L0tpLVFLcEVsbG1ncjFkZ1ItT3VFUGNDUUs5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQC1hDnNfl7cMjlSf/bC2CbZkp6PRr2AEZ1/vaLz
D9l+rHIYWEfkI8X8uHRCJJsAlKSPyEqwl7zm086GETtIKakTE/5fkTdIjuQLnsSc
Zs3pxH07cAZGRxzxhYnnxXl8iTsRVyA1FygZJavRgm1UP/myI4KAkj1m6OqOHyIt
4L2bNgN9u36sXjZR0SoWzNvEK6ecmdALGWyTgs1MqShpNVi1ZbDzIEcAfxKGaXni
ay0sWHPeACirez7iygZIPXgzGPHaqV/2zAr2Q4LZckVIj2FqUT8OB7bB0fxpYUkG
4FuqdGjxQ4omuNNRQnZDhJJ7753Rs/HPFYroxBE6Ud9SNaXx
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:45:40 2025 by rpki-client