Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/R32IzfAtix5wZ-Y81_U22xkwYKY.roa
File: R32IzfAtix5wZ-Y81_U22xkwYKY.roa (raw, json)
Hash identifier: vk+/vJAPLkHRkMxfH9Fmd74x1HMEj21CCVMQbQNmSG4=
Subject key identifier: 47:7D:88:CD:F0:2D:8B:1E:70:67:E6:3C:D7:F5:36:DB:19:30:60:A6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6CC7D544
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/R32IzfAtix5wZ-Y81_U22xkwYKY.roa
Signing time: Tue 22 Feb 2022 13:18:17 +0000
ROA not before: Tue 22 Feb 2022 13:18:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1825035588 (0x6cc7d544)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 13:18:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=477d88cdf02d8b1e7067e63cd7f536db193060a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2e:2d:ae:f7:53:66:f3:15:01:11:88:39:29:
03:23:37:f6:ed:19:a7:6c:eb:af:dc:9b:b2:23:ae:
ad:66:06:06:e8:ba:bc:13:8a:98:a4:3d:39:57:2e:
52:64:3d:a5:d8:e6:05:3d:b1:1b:e3:d2:f5:0f:65:
ad:5f:30:c8:82:2a:ed:87:a9:8f:23:17:a3:3b:c8:
08:e1:b5:52:3a:ee:af:81:43:c7:0d:e7:17:8e:72:
49:d4:b9:4f:1e:a3:2d:7c:70:87:43:4a:b5:00:92:
54:68:bc:67:28:0f:c2:50:c2:e6:39:1c:fc:b1:fa:
2f:66:8d:63:ce:ca:2e:10:84:de:91:ed:d6:b8:05:
19:bc:3a:0a:d0:a8:57:aa:97:1d:b9:28:e3:26:7f:
e2:f5:08:ed:e6:cc:2c:b9:92:2f:95:a3:a0:0b:f6:
91:b1:38:fa:ee:02:c6:a9:6c:78:46:39:70:d5:ec:
73:5e:52:fd:b9:fc:7d:e8:47:6a:59:cb:06:9e:47:
8a:f0:0c:18:d6:5d:93:23:28:a5:d2:21:74:4e:2e:
5a:34:18:54:a3:76:68:0c:14:70:ec:ec:78:83:25:
8e:f3:7c:18:cb:98:3d:b0:ee:82:66:18:34:b8:a6:
21:a4:5c:de:e5:0d:12:f8:de:56:12:45:51:ff:18:
84:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:7D:88:CD:F0:2D:8B:1E:70:67:E6:3C:D7:F5:36:DB:19:30:60:A6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/R32IzfAtix5wZ-Y81_U22xkwYKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:c4:94:9a:23:5a:f6:6c:6e:55:f8:2c:04:27:99:bb:8a:1e:
39:28:ea:ff:7d:42:27:ce:8d:1e:35:f6:ac:e4:10:f8:a1:c7:
10:66:ce:64:3c:8f:18:49:e2:2d:1a:b4:74:91:bd:fd:8a:51:
c5:63:1d:26:5f:43:37:c7:33:41:04:3f:7a:2f:c0:f1:ce:e2:
5d:b0:d2:e7:15:13:d9:3b:e2:65:32:8b:20:4a:43:d5:49:f2:
2d:47:69:c0:e1:cd:5b:28:bd:fb:3b:cb:72:7b:46:cf:d3:26:
d3:df:31:8f:43:d7:55:c4:0b:e6:75:e6:c2:81:d3:e9:7d:51:
cd:0a:c5:24:43:1e:a0:6a:66:af:6c:47:58:f6:47:8c:ef:71:
fa:b9:c2:34:b8:a0:37:11:0f:2c:c6:94:d8:5b:db:84:2b:ff:
58:c9:f0:96:95:75:15:94:ba:18:5a:47:f8:7c:8b:61:8f:77:
69:c3:70:ca:fa:71:2d:b3:4c:02:35:8c:52:d3:14:ab:bd:a6:
82:5a:c3:ef:28:36:d4:ef:ed:ad:17:bb:78:85:07:4e:da:86:
7c:b3:24:f0:19:a5:37:f4:56:b5:71:2e:4a:ed:06:c5:15:58:
c0:e5:73:3a:1d:aa:b2:58:93:87:78:4e:2a:f5:8a:f3:58:8b:
0d:69:0c:18
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEbMfVRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIy
MjEzMTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDc3ZDg4Y2RmMDJk
OGIxZTcwNjdlNjNjZDdmNTM2ZGIxOTMwNjBhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkuLa73U2bzFQERiDkpAyM39u0Zp2zrr9ybsiOurWYGBui6
vBOKmKQ9OVcuUmQ9pdjmBT2xG+PS9Q9lrV8wyIIq7YepjyMXozvICOG1Ujrur4FD
xw3nF45ySdS5Tx6jLXxwh0NKtQCSVGi8ZygPwlDC5jkc/LH6L2aNY87KLhCE3pHt
1rgFGbw6CtCoV6qXHbko4yZ/4vUI7ebMLLmSL5WjoAv2kbE4+u4CxqlseEY5cNXs
c15S/bn8fehHalnLBp5HivAMGNZdkyMopdIhdE4uWjQYVKN2aAwUcOzseIMljvN8
GMuYPbDugmYYNLimIaRc3uUNEvjeVhJFUf8YhK8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRHfYjN8C2LHnBn5jzX9TbbGTBgpjAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L1IzMkl6ZkF0aXg1d1otWTgxX1UyMnhrd1lLWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQCJxJSaI1r2bG5V+CwEJ5m7ih45KOr/fUInzo0e
Nfas5BD4occQZs5kPI8YSeItGrR0kb39ilHFYx0mX0M3xzNBBD96L8DxzuJdsNLn
FRPZO+JlMosgSkPVSfItR2nA4c1bKL37O8tye0bP0ybT3zGPQ9dVxAvmdebCgdPp
fVHNCsUkQx6gamavbEdY9keM73H6ucI0uKA3EQ8sxpTYW9uEK/9YyfCWlXUVlLoY
Wkf4fIthj3dpw3DK+nEts0wCNYxS0xSrvaaCWsPvKDbU7+2tF7t4hQdO2oZ8syTw
GaU39Fa1cS5K7QbFFVjA5XM6HaqyWJOHeE4q9YrzWIsNaQwY
-----END CERTIFICATE-----
Generated at Sat May 3 19:57:48 2025 by rpki-client