Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RzZ2UNQLkwPUI6SI1gzwXbNlNIw.roa
File: RzZ2UNQLkwPUI6SI1gzwXbNlNIw.roa (raw, json)
Hash identifier: 0VbMMn13TjGzMMgEF5eTA565ApVIzlQjt651aXGiiqY=
Subject key identifier: 47:36:76:50:D4:0B:93:03:D4:23:A4:88:D6:0C:F0:5D:B3:65:34:8C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8B41461A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RzZ2UNQLkwPUI6SI1gzwXbNlNIw.roa
Signing time: Thu 09 Jun 2022 10:09:05 +0000
ROA not before: Thu 09 Jun 2022 10:09:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
2001:67c:64:ffff:0:181:477e:58d8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2336310810 (0x8b41461a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 9 10:09:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47367650d40b9303d423a488d60cf05db365348c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:24:91:fe:fe:fa:d1:40:9c:10:d0:56:19:7f:
d1:09:4f:47:6f:76:62:27:29:c4:69:10:88:61:39:
c5:85:d1:e0:59:a1:dc:f5:7a:62:25:b2:de:8d:e1:
6b:25:6c:11:3f:30:4b:76:44:f3:73:34:18:11:79:
c4:be:28:89:4b:f2:6b:9e:55:e2:58:ec:3b:ed:6d:
53:c0:c1:83:77:69:d4:00:18:a6:37:0c:18:25:f9:
0f:51:6a:ce:76:68:c3:73:8e:aa:4f:9a:04:ef:d2:
af:fc:0b:11:be:9b:25:df:59:3f:ae:cb:14:56:2d:
d1:b3:39:0a:84:57:7f:cf:cf:d5:d2:00:b2:03:04:
55:b8:77:37:f3:95:1c:24:b7:ac:20:2b:28:df:c5:
39:8a:f4:b4:05:fe:1b:1e:b4:3c:2d:4d:ee:3a:10:
fa:de:2d:ff:2d:2e:ec:b7:06:1a:96:f4:bc:fb:c1:
ff:a4:5f:99:36:39:e9:b7:82:67:31:d5:e0:e8:46:
d4:e6:34:2d:79:53:de:a9:b5:30:ac:d7:07:9d:63:
7f:9c:0c:dd:2e:36:94:a6:73:fa:bb:98:b9:8b:b2:
83:a0:97:23:49:44:27:01:b9:db:51:56:7b:c0:67:
ed:c9:a3:55:ef:3c:73:7e:d6:f4:1a:a7:d9:5f:2a:
fa:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:36:76:50:D4:0B:93:03:D4:23:A4:88:D6:0C:F0:5D:B3:65:34:8C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/RzZ2UNQLkwPUI6SI1gzwXbNlNIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
92:64:37:6c:b0:dc:66:b8:91:e7:19:65:4b:c7:b8:c5:39:e6:
8a:dc:c2:04:ca:0a:a1:c2:c2:42:f4:bb:45:66:0b:2b:0d:ca:
f0:d3:48:c3:3e:f6:6e:49:b9:32:88:b1:8b:e3:58:7a:17:44:
d1:e6:44:d7:39:f3:b5:27:f4:a2:81:f6:05:42:8e:7a:51:9d:
ad:56:b8:ee:15:00:69:c5:be:f8:df:20:4e:da:82:c4:61:ea:
1f:60:a3:78:43:fb:bd:ee:20:41:3e:53:73:4c:9a:fb:63:8c:
ea:57:04:ea:e4:25:e8:31:5a:d1:4b:48:32:fd:a3:95:10:4e:
e5:12:6f:44:19:e5:34:df:1e:df:a6:d2:85:f1:63:4d:3d:6d:
55:02:7e:a1:c2:56:15:ce:a8:b4:e1:1c:23:61:9d:50:a3:95:
3d:78:55:cb:96:c2:af:bd:7c:de:dd:06:19:f6:e9:50:69:29:
85:aa:fe:5d:d5:f6:19:49:ab:75:b8:e1:60:38:88:b5:34:08:
d7:35:7b:d8:03:68:b7:1a:ec:99:0d:c3:7e:ea:b6:2c:14:bd:
ac:14:df:9d:72:6d:d0:31:91:27:1e:4f:58:85:8b:25:1d:97:
44:bb:2c:e8:d3:d1:a6:3d:c7:e3:37:bb:62:fa:a0:21:45:7e:
df:19:ae:37
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAItBRhowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MDkxMDA5MDVaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQ3MzY3NjUwZDQw
YjkzMDNkNDIzYTQ4OGQ2MGNmMDVkYjM2NTM0OGMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChJJH+/vrRQJwQ0FYZf9EJT0dvdmInKcRpEIhhOcWF0eBZ
odz1emIlst6N4WslbBE/MEt2RPNzNBgRecS+KIlL8mueVeJY7DvtbVPAwYN3adQA
GKY3DBgl+Q9Ras52aMNzjqpPmgTv0q/8CxG+myXfWT+uyxRWLdGzOQqEV3/Pz9XS
ALIDBFW4dzfzlRwkt6wgKyjfxTmK9LQF/hsetDwtTe46EPreLf8tLuy3BhqW9Lz7
wf+kX5k2Oem3gmcx1eDoRtTmNC15U96ptTCs1wedY3+cDN0uNpSmc/q7mLmLsoOg
lyNJRCcBudtRVnvAZ+3Jo1XvPHN+1vQap9lfKvolAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQURzZ2UNQLkwPUI6SI1gzwXbNlNIwwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9SeloyVU5RTGt3UFVJNlNJMWd6d1hiTmxOSXcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAkmQ3bLDcZriR5xllS8e4xTnmitzCBMoKocLC
QvS7RWYLKw3K8NNIwz72bkm5Moixi+NYehdE0eZE1znztSf0ooH2BUKOelGdrVa4
7hUAacW++N8gTtqCxGHqH2CjeEP7ve4gQT5Tc0ya+2OM6lcE6uQl6DFa0UtIMv2j
lRBO5RJvRBnlNN8e36bShfFjTT1tVQJ+ocJWFc6otOEcI2GdUKOVPXhVy5bCr718
3t0GGfbpUGkphar+XdX2GUmrdbjhYDiItTQI1zV72ANotxrsmQ3Dfuq2LBS9rBTf
nXJt0DGRJx5PWIWLJR2XRLss6NPRpj3H4ze7YvqgIUV+3xmuNw==
-----END CERTIFICATE-----
Generated at Thu May 1 18:16:01 2025 by rpki-client