Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NKZG7xtvF219-NMWKDP4D6RzwKE.roa
File: NKZG7xtvF219-NMWKDP4D6RzwKE.roa (raw, json)
Hash identifier: 5Y9UTB1ErRtsm1oovuFfrpiZP0MSQj4qZKUWJxs2hgw=
Subject key identifier: 34:A6:46:EF:1B:6F:17:6D:7D:F8:D3:16:28:33:F8:0F:A4:73:C0:A1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 70034AF7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NKZG7xtvF219-NMWKDP4D6RzwKE.roa
Signing time: Sat 05 Mar 2022 22:04:46 +0000
ROA not before: Sat 05 Mar 2022 22:04:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17f:5c1d:1bf7/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1879263991 (0x70034af7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 5 22:04:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34a646ef1b6f176d7df8d3162833f80fa473c0a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:17:77:bf:a3:70:ba:f9:7c:ff:ab:e4:dd:67:
e5:4a:7e:b1:c2:2c:84:b3:14:0d:d1:8b:5e:d0:09:
63:d1:5b:54:f0:09:30:7c:3d:4a:2e:59:85:77:20:
37:45:72:5b:fe:e5:4d:d8:58:e2:4c:c7:b6:7a:d6:
a1:35:a9:0d:f6:eb:3a:82:58:ec:16:aa:2a:b4:ce:
42:5e:c0:2d:29:1e:df:a4:d9:09:a2:60:0b:92:b8:
3e:58:39:f5:89:04:df:90:b4:1e:7d:92:ee:c7:58:
f2:ef:2e:dc:c9:ca:48:2a:62:8e:63:6b:51:95:b2:
7a:35:a0:96:15:d1:73:7a:42:5b:e1:3e:c3:23:34:
98:2d:0e:9e:4c:22:55:01:7e:3a:cf:8c:3a:77:c7:
b2:02:a4:5a:5d:88:16:f5:47:40:2f:be:b4:ea:c5:
60:81:f8:84:ef:37:a9:07:b1:b3:8b:64:09:91:f3:
cb:28:2f:ef:db:e3:8e:f3:35:9c:03:db:a8:aa:a9:
6e:1b:ae:73:0f:c0:ba:c9:56:b5:75:fd:fa:4c:cc:
3d:b4:7d:7e:80:50:2c:18:b1:37:5b:e4:d9:3c:dd:
dd:37:3a:0e:7b:69:0c:4d:21:fe:f6:0f:f8:1f:0e:
fd:ad:52:48:53:a4:ac:e6:76:a6:5d:90:f0:c9:85:
de:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A6:46:EF:1B:6F:17:6D:7D:F8:D3:16:28:33:F8:0F:A4:73:C0:A1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NKZG7xtvF219-NMWKDP4D6RzwKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7a:fc:36:62:45:17:f7:f8:e2:d1:f5:06:ea:d7:09:7d:33:6c:
8c:35:ca:30:c8:ae:3e:9d:e3:34:f5:c4:1d:ff:3f:d6:89:69:
1c:22:b6:2e:e3:29:34:04:a3:98:89:5a:ef:9b:00:45:5a:15:
2c:c6:c8:22:d3:b6:a3:cf:21:18:ef:5a:d0:6d:fe:e7:e2:c1:
73:e4:79:e9:d0:df:56:aa:e8:fe:d2:72:97:0b:2c:1b:38:13:
13:fe:51:17:16:fc:7c:99:57:7e:4f:61:76:a4:c3:ca:f8:d3:
cf:67:da:2c:b5:20:6a:65:e9:22:c4:e9:05:70:8d:55:e5:e1:
bb:99:b6:b3:96:af:55:f7:a2:5d:b4:31:01:13:72:66:2a:b1:
da:05:09:6d:5e:32:24:41:02:27:86:03:2b:19:b6:27:7b:09:
37:19:06:55:0d:75:d2:28:df:fc:14:a0:9e:50:33:53:f9:61:
50:02:32:ad:63:6d:9b:f1:1c:0d:be:79:6b:ff:00:66:95:96:
8b:f9:88:fc:4c:b1:f4:27:46:0b:94:80:75:eb:c0:20:01:95:
5f:51:53:85:09:7d:f3:f0:f7:80:92:4c:fa:5a:19:db:c1:2a:
00:77:a4:b6:43:c9:6c:5c:d6:f8:6b:ab:5a:e7:bd:b6:86:b8:
5b:7f:87:00
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEcANK9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMw
NTIyMDQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRhNjQ2ZWYxYjZm
MTc2ZDdkZjhkMzE2MjgzM2Y4MGZhNDczYzBhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8Xd7+jcLr5fP+r5N1n5Up+scIshLMUDdGLXtAJY9FbVPAJ
MHw9Si5ZhXcgN0VyW/7lTdhY4kzHtnrWoTWpDfbrOoJY7BaqKrTOQl7ALSke36TZ
CaJgC5K4Plg59YkE35C0Hn2S7sdY8u8u3MnKSCpijmNrUZWyejWglhXRc3pCW+E+
wyM0mC0OnkwiVQF+Os+MOnfHsgKkWl2IFvVHQC++tOrFYIH4hO83qQexs4tkCZHz
yygv79vjjvM1nAPbqKqpbhuucw/AuslWtXX9+kzMPbR9foBQLBixN1vk2Tzd3Tc6
DntpDE0h/vYP+B8O/a1SSFOkrOZ2pl2Q8MmF3lMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQ0pkbvG28XbX340xYoM/gPpHPAoTAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L05LWkc3eHR2RjIxOS1OTVdLRFA0RDZSendLRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQB6/DZiRRf3+OLR9Qbq1wl9M2yMNcowyK4+neM0
9cQd/z/WiWkcIrYu4yk0BKOYiVrvmwBFWhUsxsgi07ajzyEY71rQbf7n4sFz5Hnp
0N9Wquj+0nKXCywbOBMT/lEXFvx8mVd+T2F2pMPK+NPPZ9ostSBqZekixOkFcI1V
5eG7mbazlq9V96JdtDEBE3JmKrHaBQltXjIkQQInhgMrGbYnewk3GQZVDXXSKN/8
FKCeUDNT+WFQAjKtY22b8RwNvnlr/wBmlZaL+Yj8TLH0J0YLlIB168AgAZVfUVOF
CX3z8PeAkkz6WhnbwSoAd6S2Q8lsXNb4a6ta5722hrhbf4cA
-----END CERTIFICATE-----
Generated at Fri May 2 00:24:39 2025 by rpki-client