Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NSk2lf2pYjSEpYZCiohTfR8pYO8.roa
File: NSk2lf2pYjSEpYZCiohTfR8pYO8.roa (raw, json)
Hash identifier: fgPjE/Iv6Tgv/zo5Ry00EafEIoDDW+XCCq1Al8umZGw=
Subject key identifier: 35:29:36:95:FD:A9:62:34:84:A5:86:42:8A:88:53:7D:1F:29:60:EF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184EAC79AC80A0AFA064C17C0B6709F63DB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NSk2lf2pYjSEpYZCiohTfR8pYO8.roa
Signing time: Wed 07 Dec 2022 04:11:00 +0000
ROA not before: Wed 07 Dec 2022 04:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ea:c7:9a:c8:0a:0a:fa:06:4c:17:c0:b6:70:9f:63:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 7 04:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35293695fda9623484a586428a88537d1f2960ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:39:96:14:98:a3:82:02:c6:d8:b9:ea:ce:cf:
5f:8d:06:55:03:f0:fb:12:73:f8:c6:2e:de:ab:d7:
76:53:7e:17:a7:a7:b5:e4:11:8a:90:79:54:ab:6d:
06:3c:e5:c9:5b:f1:04:24:d5:89:0c:41:4f:53:cc:
b3:79:c7:0e:76:7d:54:6f:d9:bd:19:94:a5:4a:83:
a9:6d:2e:9b:32:1d:fe:d5:bd:42:57:86:88:fc:7e:
ce:05:73:20:c6:c9:e4:0b:bf:77:49:68:7a:e6:54:
d9:e1:47:58:94:99:e2:46:31:54:27:38:c6:37:fc:
a5:a4:03:3a:ec:58:71:45:50:6e:cf:d9:4d:08:5b:
f7:8b:4c:13:83:2b:5f:ab:60:ca:91:01:e0:69:b4:
ea:97:9a:58:16:16:99:46:4c:17:5c:91:0e:ab:5e:
58:dc:76:f9:0c:29:69:b8:54:07:51:eb:3a:a7:2f:
4f:df:45:b2:8e:d6:25:49:57:da:10:38:34:6e:2b:
df:b5:28:97:5d:79:68:11:f6:ce:6c:f8:16:ac:39:
6e:b7:ee:8b:a4:68:b2:f9:a7:62:4d:fc:aa:c7:16:
93:75:26:89:c2:39:6f:8e:36:7a:b6:5c:a3:8f:b0:
16:04:44:00:03:2a:6a:90:d7:86:b2:b9:0f:b8:d4:
ed:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:29:36:95:FD:A9:62:34:84:A5:86:42:8A:88:53:7D:1F:29:60:EF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NSk2lf2pYjSEpYZCiohTfR8pYO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:3c:58:e8:c1:5a:d8:ff:61:07:cb:62:35:df:2c:35:80:7d:
1e:0c:34:bf:a5:52:37:af:ad:01:f3:46:35:c8:fe:67:c7:88:
95:ba:e1:15:13:1f:43:5a:2e:7a:59:b3:0c:4f:38:f2:84:ba:
a3:4c:13:dd:f5:65:17:5c:27:1a:1a:bc:aa:7f:0e:35:fd:b9:
49:49:7c:be:9d:e8:1d:2b:4a:21:04:90:8b:36:5a:5f:56:6f:
c7:b9:3a:b3:f8:9e:31:b8:9a:6e:70:19:04:8d:92:e9:be:31:
b2:91:e3:19:62:9c:38:64:1f:3c:91:c8:17:eb:98:3e:74:23:
54:5a:14:f4:89:af:91:2a:9c:88:f6:83:3f:f3:bc:88:08:a6:
69:1d:f6:ef:c8:92:90:54:80:8e:bd:7a:50:64:07:9d:ad:c3:
a2:1b:e6:b1:d5:17:e4:90:14:b6:91:7d:f7:21:73:24:4e:0b:
f9:d7:d9:9a:93:c8:da:49:7d:d1:16:a3:1b:43:16:53:dc:af:
9d:6a:9c:b7:c6:49:c0:da:ed:f8:28:6c:9c:eb:0f:f0:a3:8c:
97:24:2c:7f:28:3d:3c:a2:e9:6d:19:eb:60:75:b7:08:36:82:
f9:18:99:c2:3b:a4:ff:5b:13:55:69:37:06:04:30:39:e0:66:
77:41:35:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTqx5rICgr6BkwXwLZwn2PbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA3MDQxMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTI5MzY5NWZkYTk2MjM0ODRhNTg2NDI4YTg4NTM3ZDFmMjk2MGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzmWFJijggLG2Lnqzs9fjQZVA/D7
EnP4xi7eq9d2U34Xp6e15BGKkHlUq20GPOXJW/EEJNWJDEFPU8yzeccOdn1Ub9m9
GZSlSoOpbS6bMh3+1b1CV4aI/H7OBXMgxsnkC793SWh65lTZ4UdYlJniRjFUJzjG
N/ylpAM67FhxRVBuz9lNCFv3i0wTgytfq2DKkQHgabTql5pYFhaZRkwXXJEOq15Y
3Hb5DClpuFQHUes6py9P30WyjtYlSVfaEDg0bivftSiXXXloEfbObPgWrDlut+6L
pGiy+adiTfyqxxaTdSaJwjlvjjZ6tlyjj7AWBEQAAypqkNeGsrkPuNTtxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDUpNpX9qWI0hKWGQoqIU30fKWDvMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTlNrMmxmMnBZalNFcFlaQ2lvaFRmUjhwWU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB08WOjBWtj/YQfLYjXf
LDWAfR4MNL+lUjevrQHzRjXI/mfHiJW64RUTH0NaLnpZswxPOPKEuqNME931ZRdc
JxoavKp/DjX9uUlJfL6d6B0rSiEEkIs2Wl9Wb8e5OrP4njG4mm5wGQSNkum+MbKR
4xlinDhkHzyRyBfrmD50I1RaFPSJr5EqnIj2gz/zvIgIpmkd9u/IkpBUgI69elBk
B52tw6Ib5rHVF+SQFLaRffchcyROC/nX2ZqTyNpJfdEWoxtDFlPcr51qnLfGScDa
7fgobJzrD/CjjJckLH8oPTyi6W0Z62B1twg2gvkYmcI7pP9bE1VpNwYEMDngZndB
Na8=
-----END CERTIFICATE-----
Generated at Sun May 4 08:04:49 2025 by rpki-client