Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PkCaqyxS7FqLUQFX4AUWfUctcjA.roa
File: PkCaqyxS7FqLUQFX4AUWfUctcjA.roa (raw, json)
Hash identifier: TK3H0fegROzTq/XiyhKo5h7z/CX+OgIx15gjsVo80X0=
Subject key identifier: 3E:40:9A:AB:2C:52:EC:5A:8B:51:01:57:E0:05:16:7D:47:2D:72:30
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6B418B33
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PkCaqyxS7FqLUQFX4AUWfUctcjA.roa
Signing time: Thu 17 Feb 2022 03:24:49 +0000
ROA not before: Thu 17 Feb 2022 03:24:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1799457587 (0x6b418b33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 17 03:24:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e409aab2c52ec5a8b510157e005167d472d7230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6f:38:be:8a:9d:d5:99:28:a1:9a:ca:63:6b:
8e:9e:7b:bb:be:9e:66:e7:70:6b:7b:57:a7:97:54:
a0:94:90:70:9e:9b:c7:ab:53:cb:81:a0:de:c1:36:
86:fe:58:13:44:8c:d1:7e:73:9b:4e:40:8c:2b:a3:
66:1a:2f:69:66:3c:51:5c:c9:f7:5d:e4:3f:a2:cc:
33:0f:6e:b5:f4:c7:75:3a:7e:ff:97:45:7a:dc:3f:
99:61:a6:a4:3a:36:af:98:f4:18:39:2c:f4:c0:3f:
c0:92:c0:02:a4:23:d8:c6:58:94:02:c3:49:88:94:
ce:d8:1f:f2:b9:48:02:b6:b7:18:c5:26:91:6a:47:
21:bc:35:50:39:7f:9b:3d:64:df:56:c0:fa:1b:34:
74:09:ac:92:5c:37:90:6b:f3:4c:b1:57:19:8a:db:
c4:3d:5a:6e:b0:ec:8e:1e:f7:6a:ae:05:4f:cb:fe:
00:c0:53:a8:02:5f:da:a0:1b:50:84:87:e3:4a:42:
bc:51:cc:39:d4:d6:c9:0b:91:fb:0c:5f:50:d3:9a:
32:67:e9:28:3f:1a:95:f0:35:25:5d:a7:65:f6:7e:
b5:52:8f:ef:17:98:0f:c7:50:45:bf:03:b0:cc:85:
70:09:f7:26:6f:ad:9a:29:5b:e2:bd:70:00:5f:01:
cb:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:40:9A:AB:2C:52:EC:5A:8B:51:01:57:E0:05:16:7D:47:2D:72:30
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PkCaqyxS7FqLUQFX4AUWfUctcjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:a7:83:9f:82:bc:01:92:4c:21:34:f4:0f:bc:bf:61:85:24:
e2:43:b7:34:51:51:41:3f:d3:0e:3a:cc:27:db:9d:85:c7:4d:
06:af:3f:9d:0d:69:7a:c1:bc:b5:57:27:80:97:51:fc:2c:5e:
72:4a:16:ad:66:6f:16:d9:4c:3b:6b:80:08:f7:35:55:85:99:
fc:1d:0b:a3:92:9b:9a:9d:80:fe:8b:29:61:14:d7:3b:a7:d9:
ea:79:4e:ff:67:69:79:98:24:df:06:ed:8d:c5:8a:67:d8:1c:
cb:2e:2e:29:e8:ec:bf:2d:b5:d3:91:44:5b:53:fc:de:7e:ef:
aa:8c:62:95:7b:c4:37:6d:84:c9:5e:81:ca:5a:fa:35:76:ac:
2a:b8:2e:c0:c4:58:c8:d6:5c:4c:4e:bb:1d:20:94:a8:d4:0d:
50:bd:76:7e:bb:10:45:b7:1b:a4:23:28:a6:f9:40:3d:0e:8e:
98:83:e0:06:c7:e4:41:e0:f0:95:ed:19:bb:4e:ad:1c:7a:cb:
c2:46:b5:08:32:33:e9:4e:25:c8:97:81:d9:b5:56:2a:ef:a9:
29:c2:76:e9:f3:bd:0f:66:b1:d5:9e:a6:1e:6e:0d:46:56:06:
fe:cb:61:79:12:23:b3:90:ad:80:b4:ef:22:47:ac:a1:1c:d7:
4b:8f:40:37
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEa0GLMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIx
NzAzMjQ0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U0MDlhYWIyYzUy
ZWM1YThiNTEwMTU3ZTAwNTE2N2Q0NzJkNzIzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9vOL6KndWZKKGaymNrjp57u76eZudwa3tXp5dUoJSQcJ6b
x6tTy4Gg3sE2hv5YE0SM0X5zm05AjCujZhovaWY8UVzJ913kP6LMMw9utfTHdTp+
/5dFetw/mWGmpDo2r5j0GDks9MA/wJLAAqQj2MZYlALDSYiUztgf8rlIAra3GMUm
kWpHIbw1UDl/mz1k31bA+hs0dAmsklw3kGvzTLFXGYrbxD1abrDsjh73aq4FT8v+
AMBTqAJf2qAbUISH40pCvFHMOdTWyQuR+wxfUNOaMmfpKD8alfA1JV2nZfZ+tVKP
7xeYD8dQRb8DsMyFcAn3Jm+tmilb4r1wAF8Byy0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQ+QJqrLFLsWotRAVfgBRZ9Ry1yMDAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L1BrQ2FxeXhTN0ZxTFVRRlg0QVVXZlVjdGNqQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQABp4OfgrwBkkwhNPQPvL9hhSTiQ7c0UVFBP9MO
Oswn252Fx00Grz+dDWl6wby1VyeAl1H8LF5yShatZm8W2Uw7a4AI9zVVhZn8HQuj
kpuanYD+iylhFNc7p9nqeU7/Z2l5mCTfBu2NxYpn2BzLLi4p6Oy/LbXTkURbU/ze
fu+qjGKVe8Q3bYTJXoHKWvo1dqwquC7AxFjI1lxMTrsdIJSo1A1QvXZ+uxBFtxuk
Iyim+UA9Do6Yg+AGx+RB4PCV7Rm7Tq0cesvCRrUIMjPpTiXIl4HZtVYq76kpwnbp
870PZrHVnqYebg1GVgb+y2F5EiOzkK2AtO8iR6yhHNdLj0A3
-----END CERTIFICATE-----
Generated at Thu May 1 16:05:26 2025 by rpki-client