Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZKI2BIQjtj0x2qVODzk8Tyjc1ZM.roa
File: ZKI2BIQjtj0x2qVODzk8Tyjc1ZM.roa (raw, json)
Hash identifier: 8BuRPkvFeBQ8HE2oV5CCBfWC0i2J4CHylVSioOWWLoU=
Subject key identifier: 64:A2:36:04:84:23:B6:3D:31:DA:A5:4E:0F:39:3C:4F:28:DC:D5:93
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6F2BC9BF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZKI2BIQjtj0x2qVODzk8Tyjc1ZM.roa
Signing time: Thu 03 Mar 2022 01:08:17 +0000
ROA not before: Thu 03 Mar 2022 01:08:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1865140671 (0x6f2bc9bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 3 01:08:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64a236048423b63d31daa54e0f393c4f28dcd593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ca:c9:89:cd:24:da:d8:39:e3:f8:85:92:01:
f4:7c:5c:e3:18:45:6e:ed:6b:35:1e:ef:1a:33:96:
a6:ae:7a:31:f2:8c:07:22:e4:77:69:71:3e:1b:f5:
f5:a8:ee:14:b2:c7:ff:8e:ff:6a:37:3f:01:ab:6f:
53:0c:bc:50:7e:c5:90:84:21:c8:d8:c1:b1:47:69:
cb:af:1e:2a:ed:b5:24:cf:9a:53:0d:a9:a0:14:01:
cd:db:cb:06:16:e9:af:e4:e9:5e:23:56:3f:90:bc:
3e:45:a7:22:95:1e:75:aa:5a:5a:8d:12:d4:27:35:
0f:82:56:68:2b:71:41:fd:92:b8:0b:df:4c:ee:7b:
1d:13:a1:0f:db:87:ee:b1:98:23:be:63:d2:51:d9:
43:08:37:fd:b0:7e:a7:1a:35:f9:c5:16:68:6d:a8:
bf:c7:1c:4c:97:c1:9d:52:3c:3c:84:96:13:59:ca:
80:8a:04:67:ed:75:89:ad:b7:4a:f2:5d:ad:8a:c3:
ae:b2:e4:d4:59:3b:e0:b0:a4:d6:95:4d:2e:92:39:
11:0e:e0:4a:5b:94:88:bd:c7:84:b0:eb:3a:45:47:
b2:06:d3:1d:54:d2:a9:0b:33:00:9e:f0:d8:cf:99:
5c:9b:b1:f9:06:84:18:83:8e:8d:cf:ca:76:44:8c:
ea:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A2:36:04:84:23:B6:3D:31:DA:A5:4E:0F:39:3C:4F:28:DC:D5:93
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ZKI2BIQjtj0x2qVODzk8Tyjc1ZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:72:85:f6:ee:dd:a9:05:cc:66:06:0f:bf:8a:e8:6c:0b:b1:
9d:68:2c:5a:be:36:85:3f:4a:e1:bd:49:7f:1a:49:97:0d:29:
60:13:24:43:bb:fb:26:90:f9:95:71:98:96:a2:10:26:8f:c7:
aa:cd:ca:7b:14:2d:10:5b:3a:77:2b:3f:22:22:72:e6:80:2a:
0b:59:65:59:11:6c:ca:6d:33:5f:24:6f:53:57:8d:13:7c:3d:
58:66:4c:b2:70:f8:bc:ac:3b:7f:93:81:db:e6:e0:ab:f3:94:
50:20:e9:36:65:49:b2:b6:04:8a:a3:37:d3:2b:bb:1e:08:e5:
ff:67:c8:44:83:01:c6:89:62:25:b3:b4:0f:aa:c8:f8:63:be:
b6:c8:c0:35:fb:fe:af:73:a8:2d:bf:4c:1d:49:d6:4c:22:5e:
81:c7:7b:fc:3a:2b:6c:19:42:93:7f:ca:4e:92:af:4f:12:09:
6e:23:d0:61:9b:18:22:9c:6e:2a:c0:2d:35:a6:f8:00:c0:73:
27:16:69:9c:a0:03:98:f2:a2:dc:aa:f9:16:4c:59:7c:d7:1b:
c6:99:cf:57:71:7e:b8:fa:b1:d2:e2:b7:bc:1c:01:f5:a8:01:
de:90:c8:da:90:97:ca:cd:78:4d:f9:b8:3a:db:e8:ae:e5:c9:
4b:72:db:b4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEbyvJvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMw
MzAxMDgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjRhMjM2MDQ4NDIz
YjYzZDMxZGFhNTRlMGYzOTNjNGYyOGRjZDU5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbKyYnNJNrYOeP4hZIB9Hxc4xhFbu1rNR7vGjOWpq56MfKM
ByLkd2lxPhv19ajuFLLH/47/ajc/AatvUwy8UH7FkIQhyNjBsUdpy68eKu21JM+a
Uw2poBQBzdvLBhbpr+TpXiNWP5C8PkWnIpUedapaWo0S1Cc1D4JWaCtxQf2SuAvf
TO57HROhD9uH7rGYI75j0lHZQwg3/bB+pxo1+cUWaG2ov8ccTJfBnVI8PISWE1nK
gIoEZ+11ia23SvJdrYrDrrLk1Fk74LCk1pVNLpI5EQ7gSluUiL3HhLDrOkVHsgbT
HVTSqQszAJ7w2M+ZXJux+QaEGIOOjc/KdkSM6jMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRkojYEhCO2PTHapU4POTxPKNzVkzAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L1pLSTJCSVFqdGoweDJxVk9Eems4VHlqYzFaTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQCicoX27t2pBcxmBg+/iuhsC7GdaCxavjaFP0rh
vUl/GkmXDSlgEyRDu/smkPmVcZiWohAmj8eqzcp7FC0QWzp3Kz8iInLmgCoLWWVZ
EWzKbTNfJG9TV40TfD1YZkyycPi8rDt/k4Hb5uCr85RQIOk2ZUmytgSKozfTK7se
COX/Z8hEgwHGiWIls7QPqsj4Y762yMA1+/6vc6gtv0wdSdZMIl6Bx3v8OitsGUKT
f8pOkq9PEgluI9BhmxginG4qwC01pvgAwHMnFmmcoAOY8qLcqvkWTFl81xvGmc9X
cX64+rHS4re8HAH1qAHekMjakJfKzXhN+bg62+iu5clLctu0
-----END CERTIFICATE-----
Generated at Fri May 2 12:39:20 2025 by rpki-client