Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RjyXuHvJJv2LOd9CI7ejGjifO2E.roa
File: RjyXuHvJJv2LOd9CI7ejGjifO2E.roa (raw, json)
Hash identifier: QEyYPqfpCz87hsyp3XggOPFFs1j5owQOPRcfiQZDMSU=
Subject key identifier: 46:3C:97:B8:7B:C9:26:FD:8B:39:DF:42:23:B7:A3:1A:38:9F:3B:61
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185C121A659F00B85F32FFF7D58C91FF29A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RjyXuHvJJv2LOd9CI7ejGjifO2E.roa
Signing time: Tue 17 Jan 2023 19:08:05 +0000
ROA not before: Tue 17 Jan 2023 19:08:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:c11e:6f0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c1:21:a6:59:f0:0b:85:f3:2f:ff:7d:58:c9:1f:f2:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 17 19:08:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=463c97b87bc926fd8b39df4223b7a31a389f3b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6c:40:40:f0:ee:47:14:67:81:a0:47:d4:02:
28:55:e0:8a:77:76:9b:0a:47:6a:42:68:93:35:c6:
da:43:bf:f4:49:86:2b:72:88:72:4d:d3:f6:64:db:
4c:4f:69:75:77:b6:5f:d0:25:bc:c4:2d:f3:e9:55:
23:88:b4:07:5d:85:8b:08:46:bd:b1:d1:53:6a:8b:
2e:08:cd:53:22:01:54:0b:25:c0:4f:f4:be:13:05:
60:dc:78:e9:43:4b:9c:fc:d3:72:e1:d2:dc:e3:8e:
a5:00:a0:67:31:e1:e8:60:4e:80:01:6d:0e:be:bc:
01:1d:0c:a8:5e:34:16:57:c0:e1:cf:c2:0a:b1:c1:
09:23:72:38:0e:c5:7e:8b:0a:25:5b:28:3a:80:39:
2e:18:80:8f:f4:51:cb:05:5f:4d:02:ec:e0:45:f6:
93:f9:c4:a6:58:47:ce:e9:ae:42:b7:33:a4:6c:cd:
43:84:02:7d:d5:ed:a8:d3:58:fb:45:cd:f2:a2:8f:
4b:29:b3:7d:03:9a:37:b4:d6:95:ef:f4:e7:e6:f6:
a0:72:90:96:de:61:69:eb:c1:e7:7b:63:d7:d4:77:
c8:ac:55:3d:bf:df:5f:01:24:96:5a:6c:e8:40:85:
10:cd:a4:1c:58:18:84:8b:ac:4a:85:b0:00:0e:bb:
0a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:3C:97:B8:7B:C9:26:FD:8B:39:DF:42:23:B7:A3:1A:38:9F:3B:61
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RjyXuHvJJv2LOd9CI7ejGjifO2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b4:b1:4b:16:f4:b0:ab:c7:a8:70:96:c3:6d:f0:c8:b0:0d:19:
dd:48:92:f3:e3:99:88:a2:8f:8f:6f:c7:4e:db:0a:67:1c:08:
86:3e:ae:aa:39:f7:0c:ee:b7:74:e1:f5:eb:d4:c6:89:b2:57:
80:c2:cb:4d:68:64:24:31:f2:c3:53:3b:51:4e:07:45:89:f9:
95:95:47:db:be:1e:c0:69:07:70:52:b2:fa:a1:dc:30:0b:32:
b6:1b:23:3f:b2:1b:e2:d4:1e:b5:c8:e8:48:26:61:7c:64:70:
87:1f:63:ee:0e:11:d5:7c:47:fe:6f:74:9a:1f:b2:71:f0:59:
f3:00:c5:e3:c9:b7:0c:b2:5a:ae:b7:99:53:7f:55:25:39:10:
f8:68:ba:54:48:5b:e4:68:11:5f:61:21:90:01:70:b5:bf:1a:
a8:d4:2f:10:42:e5:d3:ad:41:b6:28:fa:60:49:86:3e:2a:0a:
69:c3:e8:19:09:c0:53:49:44:73:8e:1b:19:b9:10:56:e1:43:
3a:a7:47:77:98:fc:f8:a1:00:53:50:06:b9:7f:78:eb:91:4c:
bf:3e:d7:a5:b3:f3:c5:b5:d6:71:08:04:61:82:f9:ce:3a:45:
24:84:38:1e:a1:ed:ed:aa:82:27:3a:b7:a8:6b:64:74:19:62:
70:ae:e0:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXBIaZZ8AuF8y//fVjJH/KaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTE3MTkwODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjNjOTdiODdiYzkyNmZkOGIzOWRmNDIyM2I3YTMxYTM4OWYzYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WxAQPDuRxRngaBH1AIoVeCKd3ab
CkdqQmiTNcbaQ7/0SYYrcohyTdP2ZNtMT2l1d7Zf0CW8xC3z6VUjiLQHXYWLCEa9
sdFTaosuCM1TIgFUCyXAT/S+EwVg3HjpQ0uc/NNy4dLc446lAKBnMeHoYE6AAW0O
vrwBHQyoXjQWV8Dhz8IKscEJI3I4DsV+iwolWyg6gDkuGICP9FHLBV9NAuzgRfaT
+cSmWEfO6a5CtzOkbM1DhAJ91e2o01j7Rc3yoo9LKbN9A5o3tNaV7/Tn5vagcpCW
3mFp68Hne2PX1HfIrFU9v99fASSWWmzoQIUQzaQcWBiEi6xKhbAADrsKswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEY8l7h7ySb9iznfQiO3oxo4nzthMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUmp5WHVIdkpKdjJMT2Q5Q0k3ZWpHamlmTzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALSxSxb0sKvHqHCWw23w
yLANGd1IkvPjmYiij49vx07bCmccCIY+rqo59wzut3Th9evUxomyV4DCy01oZCQx
8sNTO1FOB0WJ+ZWVR9u+HsBpB3BSsvqh3DALMrYbIz+yG+LUHrXI6EgmYXxkcIcf
Y+4OEdV8R/5vdJofsnHwWfMAxePJtwyyWq63mVN/VSU5EPhoulRIW+RoEV9hIZAB
cLW/GqjULxBC5dOtQbYo+mBJhj4qCmnD6BkJwFNJRHOOGxm5EFbhQzqnR3eY/Pih
AFNQBrl/eOuRTL8+16Wz88W11nEIBGGC+c46RSSEOB6h7e2qgic6t6hrZHQZYnCu
4OU=
-----END CERTIFICATE-----
Generated at Fri May 2 20:12:40 2025 by rpki-client