Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RJoimNmeP8Fx6-_YTRHomlrQYdQ.roa
File: RJoimNmeP8Fx6-_YTRHomlrQYdQ.roa (raw, json)
Hash identifier: dvFOO4Lv96oj0PxjwPE7nNlP3aDnMpDwJz2nFwHdDxw=
Subject key identifier: 44:9A:22:98:D9:9E:3F:C1:71:EB:EF:D8:4D:11:E8:9A:5A:D0:61:D4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856B8736D978AB01D65428DEDF87D1C4BD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RJoimNmeP8Fx6-_YTRHomlrQYdQ.roa
Signing time: Sun 01 Jan 2023 04:11:41 +0000
ROA not before: Sun 01 Jan 2023 04:11:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:87:36:d9:78:ab:01:d6:54:28:de:df:87:d1:c4:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 1 04:11:41 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=449a2298d99e3fc171ebefd84d11e89a5ad061d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:55:7c:d5:21:16:de:09:72:5d:ce:a8:5e:79:
1b:28:2c:0e:f7:16:84:5b:d8:50:09:0c:5a:4f:d8:
46:41:51:82:98:d2:44:2c:96:6e:e7:1b:14:c3:5a:
13:e3:30:de:24:b5:1f:53:6c:4c:53:ad:ac:3f:85:
68:c1:50:c3:e9:ca:0e:f0:2c:e7:8c:b4:09:88:21:
e0:a2:bd:6a:bc:28:32:b1:41:69:0f:ef:9f:5d:41:
1a:31:62:bb:da:3d:90:07:4e:e1:3d:a1:c7:a7:bf:
42:55:2d:6f:c2:56:ec:fe:50:28:56:b0:b8:d6:7e:
99:65:3a:41:e3:1d:e1:93:a8:c9:be:c6:a4:e0:ee:
c7:79:82:2e:80:10:61:c5:5d:6b:c1:89:ea:ed:fd:
c3:a1:3e:d3:c0:15:2e:6d:e6:04:8e:6c:5c:56:dc:
34:1a:13:aa:2e:6a:db:57:7b:4a:6f:c2:f8:bb:5f:
37:cd:c5:12:a5:c0:33:a4:5a:52:bd:e2:6b:ed:ce:
7d:4c:a3:72:b2:d9:ac:f5:e1:7d:66:93:3a:24:c7:
76:59:81:43:05:e8:f3:3f:fb:41:28:7f:ad:f1:08:
80:c8:5e:a5:47:98:55:b1:f9:af:ca:5e:aa:6a:35:
c8:49:a1:aa:65:82:e6:7e:59:64:aa:77:b9:75:95:
21:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:9A:22:98:D9:9E:3F:C1:71:EB:EF:D8:4D:11:E8:9A:5A:D0:61:D4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RJoimNmeP8Fx6-_YTRHomlrQYdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:21:4a:95:70:99:90:37:85:b0:62:41:56:de:e8:17:03:00:
15:11:38:83:3c:c6:33:a8:3c:7d:7b:70:2d:0a:3a:e4:a5:f2:
7d:d4:b8:69:40:45:b9:b1:59:9a:66:26:6c:96:3c:08:01:30:
a6:13:7e:5d:30:6c:78:42:10:ff:5e:d6:a4:10:ee:bc:fa:af:
30:67:d8:4d:25:59:49:9e:22:70:b1:c1:10:e1:bf:7d:bf:c6:
5a:b5:0e:3a:66:d6:4f:25:19:5b:ef:ea:bf:b2:d0:b5:26:7d:
fb:83:4f:6e:62:8b:74:18:e3:75:3c:e6:8d:91:9c:71:ab:bf:
d6:1f:44:94:90:73:dd:2d:45:f4:5b:c0:f2:f7:41:2b:46:12:
8b:c9:25:3a:c9:e2:c9:13:4f:c7:ae:32:95:5e:d4:ab:c3:ce:
90:d3:71:eb:d9:f4:e7:3b:53:fb:08:aa:21:52:3d:81:a2:4e:
3a:5b:3b:08:94:0f:48:57:a4:de:13:2f:5a:dd:66:b7:d5:c2:
ee:e1:b1:8b:7e:56:5e:83:e8:48:be:c0:3d:0d:a2:25:9b:9f:
02:14:f8:57:e9:5c:9f:a3:c6:48:7d:fa:3a:c1:ea:f8:8d:59:
14:71:d5:fa:7f:89:cb:70:09:b4:c4:6f:a4:45:8a:b0:52:83:
22:1b:5e:43
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrhzbZeKsB1lQo3t+H0cS9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAxMDQxMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDlhMjI5OGQ5OWUzZmMxNzFlYmVmZDg0ZDExZTg5YTVhZDA2MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlV81SEW3glyXc6oXnkbKCwO9xaE
W9hQCQxaT9hGQVGCmNJELJZu5xsUw1oT4zDeJLUfU2xMU62sP4VowVDD6coO8Czn
jLQJiCHgor1qvCgysUFpD++fXUEaMWK72j2QB07hPaHHp79CVS1vwlbs/lAoVrC4
1n6ZZTpB4x3hk6jJvsak4O7HeYIugBBhxV1rwYnq7f3DoT7TwBUubeYEjmxcVtw0
GhOqLmrbV3tKb8L4u183zcUSpcAzpFpSveJr7c59TKNystms9eF9ZpM6JMd2WYFD
BejzP/tBKH+t8QiAyF6lR5hVsfmvyl6qajXISaGqZYLmfllkqne5dZUh0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFESaIpjZnj/Bcevv2E0R6Jpa0GHUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUkpvaW1ObWVQOEZ4Ni1fWVRSSG9tbHJRWWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD8hSpVwmZA3hbBiQVbe
6BcDABUROIM8xjOoPH17cC0KOuSl8n3UuGlARbmxWZpmJmyWPAgBMKYTfl0wbHhC
EP9e1qQQ7rz6rzBn2E0lWUmeInCxwRDhv32/xlq1Djpm1k8lGVvv6r+y0LUmffuD
T25ii3QY43U85o2RnHGrv9YfRJSQc90tRfRbwPL3QStGEovJJTrJ4skTT8euMpVe
1KvDzpDTcevZ9Oc7U/sIqiFSPYGiTjpbOwiUD0hXpN4TL1rdZrfVwu7hsYt+Vl6D
6Ei+wD0NoiWbnwIU+FfpXJ+jxkh9+jrB6viNWRRx1fp/ictwCbTEb6RFirBSgyIb
XkM=
-----END CERTIFICATE-----
Generated at Thu May 1 16:07:42 2025 by rpki-client