Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NT8SF12lEmqL9fm-g0HWNpcgcjM.roa
File: NT8SF12lEmqL9fm-g0HWNpcgcjM.roa (raw, json)
Hash identifier: 5MZbrvMlpJRRcZBFEZUCTVQi/HTzbZedMgDJrkdieuU=
Subject key identifier: 35:3F:12:17:5D:A5:12:6A:8B:F5:F9:BE:83:41:D6:36:97:20:72:33
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6AD6D1FF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NT8SF12lEmqL9fm-g0HWNpcgcjM.roa
Signing time: Tue 15 Feb 2022 14:16:19 +0000
ROA not before: Tue 15 Feb 2022 14:16:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1792463359 (0x6ad6d1ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 15 14:16:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=353f12175da5126a8bf5f9be8341d63697207233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:33:cd:15:0f:aa:18:54:04:3d:f3:da:0f:df:
6a:20:a6:6d:eb:3c:73:79:c4:8b:63:82:85:f6:cd:
4b:5a:78:03:95:bc:78:97:66:fb:a5:bb:90:a4:8e:
2d:cb:da:5d:2b:5e:6f:b1:93:a3:98:ad:ea:53:f7:
06:48:30:6e:fd:92:57:80:48:a0:c4:bc:53:31:0c:
52:c5:44:19:fe:93:3f:3e:ac:b7:7d:78:2b:80:20:
6c:1e:94:dc:d7:b9:67:57:58:7d:50:17:a6:18:b9:
33:d8:a8:c6:39:8d:4a:8d:0a:65:c2:6e:c6:af:b2:
97:0a:e2:cb:ad:f1:b9:76:f0:d0:95:27:f4:01:f1:
35:a3:1f:f0:10:d7:78:25:92:c5:33:45:bd:2a:46:
dc:72:ce:24:bc:a6:4b:c6:cf:8e:be:b9:ad:14:cc:
f6:5f:99:34:5f:d0:31:2b:a1:9f:77:51:4e:65:5e:
25:d3:b2:33:c1:25:85:8d:20:27:eb:d5:1e:4a:a0:
6e:81:df:25:5f:57:f1:10:6e:76:81:4d:59:36:5b:
0a:5d:a0:bc:1c:3a:7b:7a:bb:ce:de:99:f2:43:80:
b0:fe:c1:53:76:50:f6:92:b3:13:3f:3f:34:ce:91:
17:20:a3:95:37:69:b8:d5:92:c1:72:a1:85:39:67:
7f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3F:12:17:5D:A5:12:6A:8B:F5:F9:BE:83:41:D6:36:97:20:72:33
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NT8SF12lEmqL9fm-g0HWNpcgcjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:48:33:17:da:5f:e1:14:fb:5a:5e:46:7d:46:40:18:07:56:
97:56:fa:c0:d6:2b:91:79:b8:ed:48:30:79:b2:f0:98:4c:ff:
d0:ca:c2:99:2e:d1:41:f0:6f:4b:d0:fd:b8:aa:d9:01:1d:4c:
e0:0e:d8:b9:88:63:2a:f1:1e:80:39:6f:0a:ad:4c:a1:66:da:
a8:2a:c7:90:20:c1:b2:5f:9c:65:44:02:f5:0c:2a:3e:89:a2:
e3:59:d4:8e:99:5d:11:5f:02:87:0d:a0:d3:ed:06:4c:65:3b:
67:50:03:2b:7e:34:d8:4e:58:16:c6:ff:c9:7a:fb:ee:88:28:
42:ec:1f:db:2f:ed:6f:76:38:5a:96:cd:4f:ae:fa:e0:48:59:
c7:06:98:af:4c:ba:e9:dc:00:09:9f:78:f4:50:40:61:96:d2:
47:bc:3d:bf:b2:f8:05:55:db:74:4f:b9:d3:40:b5:b0:f6:02:
ba:c8:2a:49:39:ad:e0:e4:7b:c6:76:94:b7:71:c6:f7:83:ab:
42:c8:dd:34:c1:f3:6e:71:90:ec:ef:71:7b:b5:63:09:03:ad:
53:5a:45:e0:85:f0:3b:48:27:da:83:2d:8f:13:a6:83:41:5c:
a0:2c:9c:33:44:ea:12:f1:5f:38:0f:07:18:6c:cb:0f:91:87:
19:f9:0e:6c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEatbR/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIx
NTE0MTYxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzUzZjEyMTc1ZGE1
MTI2YThiZjVmOWJlODM0MWQ2MzY5NzIwNzIzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIzzRUPqhhUBD3z2g/faiCmbes8c3nEi2OChfbNS1p4A5W8
eJdm+6W7kKSOLcvaXSteb7GTo5it6lP3Bkgwbv2SV4BIoMS8UzEMUsVEGf6TPz6s
t314K4AgbB6U3Ne5Z1dYfVAXphi5M9ioxjmNSo0KZcJuxq+ylwriy63xuXbw0JUn
9AHxNaMf8BDXeCWSxTNFvSpG3HLOJLymS8bPjr65rRTM9l+ZNF/QMSuhn3dRTmVe
JdOyM8ElhY0gJ+vVHkqgboHfJV9X8RBudoFNWTZbCl2gvBw6e3q7zt6Z8kOAsP7B
U3ZQ9pKzEz8/NM6RFyCjlTdpuNWSwXKhhTlnf5sCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQ1PxIXXaUSaov1+b6DQdY2lyByMzAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L05UOFNGMTJsRW1xTDlmbS1nMEhXTnBjZ2NqTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQAnSDMX2l/hFPtaXkZ9RkAYB1aXVvrA1iuRebjt
SDB5svCYTP/QysKZLtFB8G9L0P24qtkBHUzgDti5iGMq8R6AOW8KrUyhZtqoKseQ
IMGyX5xlRAL1DCo+iaLjWdSOmV0RXwKHDaDT7QZMZTtnUAMrfjTYTlgWxv/Jevvu
iChC7B/bL+1vdjhals1PrvrgSFnHBpivTLrp3AAJn3j0UEBhltJHvD2/svgFVdt0
T7nTQLWw9gK6yCpJOa3g5HvGdpS3ccb3g6tCyN00wfNucZDs73F7tWMJA61TWkXg
hfA7SCfagy2PE6aDQVygLJwzROoS8V84DwcYbMsPkYcZ+Q5s
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:18 2025 by rpki-client