Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NXriF2YfHo_aQxAB7RNRKWPK4xA.roa
File: NXriF2YfHo_aQxAB7RNRKWPK4xA.roa (raw, json)
Hash identifier: lC/HpmrvHYLrvASnKIY5X+4QWpderRU7ij9pEUsGW0A=
Subject key identifier: 35:7A:E2:17:66:1F:1E:8F:DA:43:10:01:ED:13:51:29:63:CA:E3:10
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183CF59DE5048DE8F02E9DE15721118DA82
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NXriF2YfHo_aQxAB7RNRKWPK4xA.roa
Signing time: Thu 13 Oct 2022 03:18:36 +0000
ROA not before: Thu 13 Oct 2022 03:18:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cf:59:de:50:48:de:8f:02:e9:de:15:72:11:18:da:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 13 03:18:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=357ae217661f1e8fda431001ed13512963cae310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ae:d1:19:b7:ff:0b:d1:e8:c3:b4:63:03:33:
7c:78:26:fc:d7:4a:cf:64:56:ce:85:6e:7f:90:b0:
05:2b:a1:a4:f7:9a:4a:73:78:23:78:5b:0a:8c:62:
21:4c:c1:ec:5a:9f:a6:8f:d9:87:39:b3:78:d6:27:
ba:fb:a0:44:5a:6f:a1:c4:ce:01:07:fe:aa:fd:86:
b2:e0:5d:bb:a8:af:4c:7f:fc:86:96:49:53:05:79:
c2:9d:74:2e:c7:06:17:dc:56:46:e0:fe:67:cf:49:
a7:00:6a:7c:cf:27:11:e9:a4:f3:c0:ab:dd:69:54:
20:99:71:57:d7:20:74:bd:42:d4:0e:88:f5:52:71:
b8:08:7c:40:23:11:17:b2:ed:d7:86:12:3c:47:d8:
c5:64:38:31:55:7d:07:fb:f3:a7:eb:4c:0d:9e:e1:
c1:37:a3:2b:d7:69:8f:ea:eb:af:d2:24:04:83:c2:
d7:bd:f6:e0:29:39:3e:c4:34:5e:4a:58:6e:3e:af:
59:18:58:e6:b2:23:e1:9b:63:42:d6:b7:61:05:82:
f1:02:09:1c:b7:50:b8:0f:3e:9c:c6:9b:f1:55:e3:
47:63:97:b9:79:99:b6:c9:04:4e:96:e0:6d:73:60:
56:d4:0c:71:63:db:0f:a0:61:26:a4:3d:93:da:27:
b4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:7A:E2:17:66:1F:1E:8F:DA:43:10:01:ED:13:51:29:63:CA:E3:10
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NXriF2YfHo_aQxAB7RNRKWPK4xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:f2:dc:ff:13:39:5d:c1:95:54:a7:58:4c:dc:04:d7:b2:41:
7c:50:aa:88:f3:5d:b2:88:48:2d:f7:3d:58:18:24:30:32:72:
83:66:f5:16:3e:6a:63:25:55:b9:79:1e:2d:36:bd:79:2e:4b:
c4:14:bf:81:f6:e2:bf:51:fd:77:d6:bb:b2:89:7a:b8:cd:f9:
4f:9f:34:c3:bb:5d:56:97:63:68:d6:1a:80:37:65:48:f3:92:
60:24:3f:a3:f0:6e:70:3a:93:1c:69:92:c3:bf:78:06:48:d7:
17:93:a7:06:3b:eb:88:69:be:25:08:f5:21:e0:45:c1:ab:9a:
bb:d0:73:84:13:dd:0a:f3:b0:b6:ab:50:f5:28:b3:dd:18:ed:
9d:1e:cd:13:90:e3:98:a1:bc:d3:9e:57:94:9f:7b:62:ee:ad:
18:f1:3d:50:54:d8:16:6d:b9:38:9d:44:fa:87:26:2d:58:62:
bb:41:9b:23:51:80:90:ff:f8:60:24:b0:ad:e6:24:cd:f4:91:
76:0d:2a:a9:0f:fc:55:df:01:49:fb:5e:83:2d:c9:97:14:9e:
13:6f:aa:c7:eb:ef:7a:f9:fd:d3:3c:58:e1:aa:78:8d:a8:c0:
76:10:92:51:86:be:93:1a:f4:1c:51:a9:c4:6b:18:01:53:58:
01:3d:70:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYPPWd5QSN6PAuneFXIRGNqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDEzMDMxODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTdhZTIxNzY2MWYxZThmZGE0MzEwMDFlZDEzNTEyOTYzY2FlMzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApa7RGbf/C9How7RjAzN8eCb810rP
ZFbOhW5/kLAFK6Gk95pKc3gjeFsKjGIhTMHsWp+mj9mHObN41ie6+6BEWm+hxM4B
B/6q/Yay4F27qK9Mf/yGlklTBXnCnXQuxwYX3FZG4P5nz0mnAGp8zycR6aTzwKvd
aVQgmXFX1yB0vULUDoj1UnG4CHxAIxEXsu3XhhI8R9jFZDgxVX0H+/On60wNnuHB
N6Mr12mP6uuv0iQEg8LXvfbgKTk+xDReSlhuPq9ZGFjmsiPhm2NC1rdhBYLxAgkc
t1C4Dz6cxpvxVeNHY5e5eZm2yQROluBtc2BW1AxxY9sPoGEmpD2T2ie0UQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDV64hdmHx6P2kMQAe0TUSljyuMQMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTlhyaUYyWWZIb19hUXhBQjdSTlJLV1BLNHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGny3P8TOV3BlVSnWEzc
BNeyQXxQqojzXbKISC33PVgYJDAycoNm9RY+amMlVbl5Hi02vXkuS8QUv4H24r9R
/XfWu7KJerjN+U+fNMO7XVaXY2jWGoA3ZUjzkmAkP6PwbnA6kxxpksO/eAZI1xeT
pwY764hpviUI9SHgRcGrmrvQc4QT3QrzsLarUPUos90Y7Z0ezROQ45ihvNOeV5Sf
e2LurRjxPVBU2BZtuTidRPqHJi1YYrtBmyNRgJD/+GAksK3mJM30kXYNKqkP/FXf
AUn7XoMtyZcUnhNvqsfr73r5/dM8WOGqeI2owHYQklGGvpMa9BxRqcRrGAFTWAE9
cMg=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:50:37 2025 by rpki-client