Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Ni0XeWtOhVMaoehP1V7Wv8QsUjc.roa
File: Ni0XeWtOhVMaoehP1V7Wv8QsUjc.roa (raw, json)
Hash identifier: UrDxN5wPysOLKB33UZdrAsj+KsrTYS9G2cBZW85L+g8=
Subject key identifier: 36:2D:17:79:6B:4E:85:53:1A:A1:E8:4F:D5:5E:D6:BF:C4:2C:52:37
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01850939FD1D9D39C072AB4A200A41CDA7E0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Ni0XeWtOhVMaoehP1V7Wv8QsUjc.roa
Signing time: Tue 13 Dec 2022 02:04:33 +0000
ROA not before: Tue 13 Dec 2022 02:04:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:939:ac1d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:09:39:fd:1d:9d:39:c0:72:ab:4a:20:0a:41:cd:a7:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 13 02:04:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=362d17796b4e85531aa1e84fd55ed6bfc42c5237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ed:38:da:da:de:f5:65:d3:cf:ad:ac:46:4a:
a6:13:8f:ba:bd:e8:85:ae:67:5c:be:13:bf:d2:86:
89:ad:53:39:ee:43:30:3e:44:87:62:b6:0d:13:95:
4a:7a:7d:e6:af:48:e9:9f:58:1c:8d:a8:f0:df:63:
34:06:bb:83:8b:30:40:57:a7:f4:05:2a:e7:f2:ae:
4c:a9:8e:73:96:6f:5b:4e:b8:3b:20:ad:ea:a4:db:
14:7c:32:f0:ae:8d:46:25:ae:dc:f1:0e:0e:a2:46:
1a:5c:4a:04:7b:89:35:ae:cc:ae:b5:95:bf:e4:a8:
b6:35:c5:af:dd:d9:94:3c:34:94:c5:07:05:d3:7c:
fa:49:0c:d3:6a:e1:3c:f6:02:e2:83:f0:36:a9:08:
be:4c:aa:d4:2b:da:ec:4e:22:52:bb:ac:de:2f:2c:
13:32:93:f6:05:f0:ef:5c:c6:83:6f:59:30:f9:9d:
f8:81:18:c9:1c:0a:0a:48:b1:64:69:41:b4:68:12:
36:bc:a9:53:25:19:99:6d:2f:a6:f5:bf:0b:4d:8b:
8f:e7:8b:36:1c:bc:63:a9:51:e5:68:e9:ef:39:97:
01:49:63:ca:d4:f6:2d:05:18:b0:4e:36:f1:80:c8:
9f:f5:35:63:7a:f4:b0:e2:1c:04:1b:6d:b8:b2:14:
75:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:2D:17:79:6B:4E:85:53:1A:A1:E8:4F:D5:5E:D6:BF:C4:2C:52:37
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Ni0XeWtOhVMaoehP1V7Wv8QsUjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:d6:a8:e3:fe:c4:b6:51:3f:22:04:fb:dc:4a:eb:c4:3b:58:
8a:5d:cd:f9:92:43:43:90:63:df:47:97:b3:cb:05:0f:37:11:
3a:7a:5a:c8:90:df:bb:32:e7:70:98:88:c5:83:61:e1:79:bf:
74:31:72:f1:38:86:16:87:a2:7b:5f:b3:39:8a:0d:83:42:32:
f4:c2:93:75:58:b8:d4:d7:d1:44:15:96:a4:8e:a6:27:a7:9d:
fa:89:bb:86:e0:bf:ed:81:4a:a9:e3:e1:31:db:8b:8a:fc:fb:
b8:0e:aa:57:22:a3:74:93:c6:c2:f2:81:76:a2:29:de:de:1b:
48:c8:db:e7:69:57:d2:fb:a1:b8:e4:1e:e7:0c:dd:20:81:e2:
78:6e:a8:28:d7:8d:e0:2d:f2:1a:1e:87:27:eb:c8:21:7f:9d:
b5:6a:3c:fc:7e:63:93:3f:7a:ef:5d:8f:06:09:1d:3c:4a:33:
d6:4c:91:57:94:2b:3b:3c:3b:cb:eb:e9:fb:8d:7e:6e:51:3a:
f5:0b:ea:c0:bd:05:3d:3a:0d:4e:e9:e3:6e:e3:e5:f0:d8:3d:
56:9a:bd:a5:24:4f:04:f5:31:ed:35:d5:c8:6c:ec:df:4c:b7:
97:95:68:f6:1f:9d:c9:cd:0c:c6:02:0a:dd:c0:70:3a:5b:50:
62:d9:db:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUJOf0dnTnAcqtKIApBzafgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjEzMDIwNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjJkMTc3OTZiNGU4NTUzMWFhMWU4NGZkNTVlZDZiZmM0MmM1MjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+042tre9WXTz62sRkqmE4+6veiF
rmdcvhO/0oaJrVM57kMwPkSHYrYNE5VKen3mr0jpn1gcjajw32M0BruDizBAV6f0
BSrn8q5MqY5zlm9bTrg7IK3qpNsUfDLwro1GJa7c8Q4OokYaXEoEe4k1rsyutZW/
5Ki2NcWv3dmUPDSUxQcF03z6SQzTauE89gLig/A2qQi+TKrUK9rsTiJSu6zeLywT
MpP2BfDvXMaDb1kw+Z34gRjJHAoKSLFkaUG0aBI2vKlTJRmZbS+m9b8LTYuP54s2
HLxjqVHlaOnvOZcBSWPK1PYtBRiwTjbxgMif9TVjevSw4hwEG224shR1iwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDYtF3lrToVTGqHoT9Ve1r/ELFI3MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTmkwWGVXdE9oVk1hb2VoUDFWN1d2OFFzVWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIfWqOP+xLZRPyIE+9xK
68Q7WIpdzfmSQ0OQY99Hl7PLBQ83ETp6WsiQ37sy53CYiMWDYeF5v3QxcvE4hhaH
ontfszmKDYNCMvTCk3VYuNTX0UQVlqSOpiennfqJu4bgv+2BSqnj4THbi4r8+7gO
qlcio3STxsLygXaiKd7eG0jI2+dpV9L7objkHucM3SCB4nhuqCjXjeAt8hoehyfr
yCF/nbVqPPx+Y5M/eu9djwYJHTxKM9ZMkVeUKzs8O8vr6fuNfm5ROvUL6sC9BT06
DU7p427j5fDYPVaavaUkTwT1Me011chs7N9Mt5eVaPYfncnNDMYCCt3AcDpbUGLZ
20Y=
-----END CERTIFICATE-----
Generated at Thu May 1 11:16:46 2025 by rpki-client