Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SIiTgp1g2yRO67Rc-Psnia35rUQ.roa
File: SIiTgp1g2yRO67Rc-Psnia35rUQ.roa (raw, json)
Hash identifier: m83usph3fa/xUxQNvDAg+myJSFQfDesEJy+x9o1J2RU=
Subject key identifier: 48:88:93:82:9D:60:DB:24:4E:EB:B4:5C:F8:FB:27:89:AD:F9:AD:44
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8E54BC72
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SIiTgp1g2yRO67Rc-Psnia35rUQ.roa
Signing time: Mon 20 Jun 2022 07:09:44 +0000
ROA not before: Mon 20 Jun 2022 07:09:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:56ba:5b78/128 maxlen: 128
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
2001:67c:64:ffff:0:181:477e:58d8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2387917938 (0x8e54bc72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 20 07:09:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=488893829d60db244eebb45cf8fb2789adf9ad44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:98:83:1e:f1:c1:9f:c7:61:a5:4e:10:6e:1d:
ae:2b:32:e3:9e:11:ab:90:3d:8e:58:d3:35:c5:70:
5e:a1:05:6f:b6:48:d1:1c:3d:e5:96:94:47:e5:51:
a2:eb:db:38:d0:1d:42:ef:57:85:25:1b:54:7d:97:
bf:c5:86:09:01:0c:be:a7:20:63:d5:42:67:af:c6:
79:ce:be:2f:04:4e:82:00:fb:d5:37:cc:ae:3c:34:
10:03:c0:80:d1:42:e3:62:6e:e8:7c:13:d7:4a:ae:
24:bd:af:9a:e1:11:82:6d:bb:fe:77:2b:0c:0d:cb:
1d:cf:7e:cc:18:de:0b:ce:b4:8b:14:e9:39:d4:a5:
9d:73:35:bd:aa:81:95:5f:a2:5d:38:c2:53:f6:ea:
c8:c2:d2:5c:92:5f:1c:ac:22:22:6b:b7:c2:94:79:
15:2d:7c:15:b7:98:30:d5:41:5c:fb:70:eb:74:97:
6d:b8:ca:78:20:04:6f:c6:ca:09:10:49:47:1b:58:
5d:31:6a:27:97:40:58:31:49:b8:3a:60:f6:09:a1:
f4:c0:4f:3b:94:39:36:09:15:14:57:95:2d:f9:6d:
3e:81:fc:5c:e4:6f:ec:e9:26:2a:82:86:4c:8e:7a:
e0:53:0a:80:36:2d:a8:11:fc:58:9f:e0:55:7d:cf:
d9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:88:93:82:9D:60:DB:24:4E:EB:B4:5C:F8:FB:27:89:AD:F9:AD:44
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SIiTgp1g2yRO67Rc-Psnia35rUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:c0:8c:56:52:15:29:1d:59:e5:34:c9:8b:b4:0e:f4:ab:c5:
54:d0:ed:c2:6e:29:d7:cf:68:38:5e:63:98:74:a1:58:28:c0:
78:e1:65:6d:55:84:b6:69:d4:ec:28:a2:6d:77:75:f3:ea:56:
02:e0:ce:ed:0c:90:2b:cb:d6:e3:04:b6:16:2b:6d:61:e0:09:
6e:6b:ee:a5:28:90:b4:b0:81:a7:31:a7:5b:d7:b4:c0:28:93:
ca:d6:6e:a3:a0:d5:ad:fb:54:89:1d:42:8b:bf:47:67:8c:6d:
10:24:7d:29:46:5b:a3:b9:89:8c:32:bf:1e:50:d9:f8:4b:40:
49:8a:96:35:f6:3e:27:44:7b:15:bd:e7:db:40:78:dc:fa:5e:
4f:3c:e4:9f:4d:91:a1:2c:32:03:3f:db:a3:5f:11:15:54:ec:
bc:06:2c:4c:69:ea:aa:b1:2a:41:56:24:e2:73:47:25:10:fc:
85:0a:b1:76:d4:51:ef:65:23:b9:31:4d:07:26:64:80:6d:a2:
a4:8e:be:e1:e0:68:21:bb:d6:9c:f8:ab:2b:e0:9f:bd:ef:a8:
d0:42:54:08:6c:2f:6e:f4:0d:eb:5e:94:7a:05:87:5e:49:47:
12:a2:81:78:c2:cc:70:94:98:bb:96:f5:2b:fe:5b:46:e3:b7:
b4:45:07:1e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAI5UvHIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MjAwNzA5NDRaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQ4ODg5MzgyOWQ2
MGRiMjQ0ZWViYjQ1Y2Y4ZmIyNzg5YWRmOWFkNDQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClmIMe8cGfx2GlThBuHa4rMuOeEauQPY5Y0zXFcF6hBW+2
SNEcPeWWlEflUaLr2zjQHULvV4UlG1R9l7/FhgkBDL6nIGPVQmevxnnOvi8EToIA
+9U3zK48NBADwIDRQuNibuh8E9dKriS9r5rhEYJtu/53KwwNyx3PfswY3gvOtIsU
6TnUpZ1zNb2qgZVfol04wlP26sjC0lySXxysIiJrt8KUeRUtfBW3mDDVQVz7cOt0
l224ynggBG/GygkQSUcbWF0xaieXQFgxSbg6YPYJofTATzuUOTYJFRRXlS35bT6B
/Fzkb+zpJiqChkyOeuBTCoA2LagR/Fif4FV9z9mJAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUSIiTgp1g2yRO67Rc+Psnia35rUQwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9TSWlUZ3AxZzJ5Uk82N1JjLVBzbmlhMzVyVVEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAFMCMVlIVKR1Z5TTJi7QO9KvFVNDtwm4p189o
OF5jmHShWCjAeOFlbVWEtmnU7CiibXd18+pWAuDO7QyQK8vW4wS2FittYeAJbmvu
pSiQtLCBpzGnW9e0wCiTytZuo6DVrftUiR1Ci79HZ4xtECR9KUZbo7mJjDK/HlDZ
+EtASYqWNfY+J0R7Fb3n20B43PpeTzzkn02RoSwyAz/bo18RFVTsvAYsTGnqqrEq
QVYk4nNHJRD8hQqxdtRR72UjuTFNByZkgG2ipI6+4eBoIbvWnPirK+Cfve+o0EJU
CGwvbvQN616UegWHXklHEqKBeMLMcJSYu5b1K/5bRuO3tEUHHg==
-----END CERTIFICATE-----
Generated at Thu May 1 23:00:36 2025 by rpki-client