Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S6qISadQhr-EdeF6q4_gXKA6ar8.roa
File: S6qISadQhr-EdeF6q4_gXKA6ar8.roa (raw, json)
Hash identifier: 8tbiGvreWEcfHGFqSTto1TNz+JCAP2wOT3vtQiFeXuM=
Subject key identifier: 4B:AA:88:49:A7:50:86:BF:84:75:E1:7A:AB:8F:E0:5C:A0:3A:6A:BF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01853203C56A0A7A56D495E8D0CC41C89410
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S6qISadQhr-EdeF6q4_gXKA6ar8.roa
Signing time: Wed 21 Dec 2022 00:09:46 +0000
ROA not before: Wed 21 Dec 2022 00:09:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:32:03:c5:6a:0a:7a:56:d4:95:e8:d0:cc:41:c8:94:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 21 00:09:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4baa8849a75086bf8475e17aab8fe05ca03a6abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:12:6f:08:20:00:e5:9b:53:31:e1:81:30:49:
a2:4b:0a:ad:91:42:b9:62:8d:1d:a8:b4:65:f7:44:
2c:64:fa:72:42:30:04:48:8e:78:6c:b7:30:b2:31:
1c:99:7b:ef:7e:72:02:d3:76:8f:06:9a:cd:25:e6:
93:86:44:a0:ff:f6:7d:6a:b9:69:ef:49:32:fe:fd:
f4:f8:8d:9a:84:d8:1e:2f:04:46:3d:02:4c:d7:3e:
93:19:fb:36:5c:19:6d:e8:fb:b0:45:f8:3e:86:19:
06:54:af:13:bc:89:ba:38:5b:ca:45:2c:a6:3e:c6:
1e:b7:5f:23:6c:19:03:cf:af:01:b1:17:20:54:68:
45:4b:ff:51:6f:ae:11:ff:96:c7:14:83:e2:1a:32:
ee:1b:2b:e1:2b:89:01:57:dc:f9:84:6d:68:a7:1f:
fe:4d:10:81:61:c5:11:2c:5b:34:0b:db:24:a1:d9:
49:51:93:ec:f4:3d:11:c9:c8:0e:78:ef:f2:6d:cf:
75:23:e7:b5:8c:67:9a:de:d5:c2:af:3f:08:38:02:
fd:21:22:64:a1:35:c8:ec:49:4f:5d:dd:dc:27:1c:
0f:c8:13:27:da:aa:6e:de:a2:fd:4a:ea:06:29:f9:
b4:78:e2:56:03:49:4b:1d:6b:e2:29:1d:06:b0:ef:
81:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:AA:88:49:A7:50:86:BF:84:75:E1:7A:AB:8F:E0:5C:A0:3A:6A:BF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/S6qISadQhr-EdeF6q4_gXKA6ar8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:48:39:de:24:73:62:2a:ba:6f:52:6c:ef:5b:94:74:07:b6:
1b:e9:d9:cd:11:2c:b1:6d:b8:75:13:45:34:04:c6:5f:7a:5a:
b6:0f:c0:e0:6b:02:e2:a9:86:e7:d3:f4:f6:8e:68:c8:96:69:
02:3d:37:cb:6b:d1:f1:7a:eb:b5:67:1c:09:89:8f:74:a1:dc:
49:e2:90:3e:fb:e8:27:61:f8:f8:07:77:66:27:90:d9:0a:60:
e3:7a:72:be:e1:2f:30:d9:c7:e5:64:6e:5f:59:77:37:f8:08:
55:10:59:03:fb:a1:9d:77:5e:18:11:9a:aa:95:e9:0a:a5:0e:
f0:ae:96:88:8b:37:24:f0:07:b4:20:61:f6:d4:9e:d5:69:b4:
56:41:ed:f5:6e:f0:d3:15:04:e1:67:61:98:84:af:76:1c:ec:
8b:b7:95:8c:9c:d1:5a:3a:2e:10:09:1e:8b:6b:91:5a:5b:47:
e6:db:64:92:af:07:ec:fb:95:e6:96:f0:7c:9b:1a:8a:2b:cc:
ab:fe:9c:b5:1e:f7:ed:48:94:5f:01:b4:04:78:cc:55:18:a9:
3a:10:22:30:5e:ec:b8:68:4e:b0:6f:d1:e4:83:59:39:56:39:
df:be:16:4d:00:7c:e6:70:49:3c:f0:81:40:38:25:fe:f7:78:
56:57:4d:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUyA8VqCnpW1JXo0MxByJQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjIxMDAwOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmFhODg0OWE3NTA4NmJmODQ3NWUxN2FhYjhmZTA1Y2EwM2E2YWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xJvCCAA5ZtTMeGBMEmiSwqtkUK5
Yo0dqLRl90QsZPpyQjAESI54bLcwsjEcmXvvfnIC03aPBprNJeaThkSg//Z9arlp
70ky/v30+I2ahNgeLwRGPQJM1z6TGfs2XBlt6PuwRfg+hhkGVK8TvIm6OFvKRSym
PsYet18jbBkDz68BsRcgVGhFS/9Rb64R/5bHFIPiGjLuGyvhK4kBV9z5hG1opx/+
TRCBYcURLFs0C9skodlJUZPs9D0RycgOeO/ybc91I+e1jGea3tXCrz8IOAL9ISJk
oTXI7ElPXd3cJxwPyBMn2qpu3qL9SuoGKfm0eOJWA0lLHWviKR0GsO+BZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEuqiEmnUIa/hHXhequP4FygOmq/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUzZxSVNhZFFoci1FZGVGNnE0X2dYS0E2YXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGhIOd4kc2Iqum9SbO9b
lHQHthvp2c0RLLFtuHUTRTQExl96WrYPwOBrAuKphufT9PaOaMiWaQI9N8tr0fF6
67VnHAmJj3Sh3EnikD776Cdh+PgHd2YnkNkKYON6cr7hLzDZx+Vkbl9Zdzf4CFUQ
WQP7oZ13XhgRmqqV6QqlDvCuloiLNyTwB7QgYfbUntVptFZB7fVu8NMVBOFnYZiE
r3Yc7Iu3lYyc0Vo6LhAJHotrkVpbR+bbZJKvB+z7leaW8HybGoorzKv+nLUe9+1I
lF8BtAR4zFUYqToQIjBe7LhoTrBv0eSDWTlWOd++Fk0AfOZwSTzwgUA4Jf73eFZX
Tc8=
-----END CERTIFICATE-----
Generated at Fri May 2 13:13:11 2025 by rpki-client