Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Zo_d3-Xn3Lc3NKRYpY9UuhJuUn0.roa
File: Zo_d3-Xn3Lc3NKRYpY9UuhJuUn0.roa (raw, json)
Hash identifier: lLUnOrXJvlTzRUpcJhvFsIotfuWhGcwKOAssLe280Kw=
Subject key identifier: 66:8F:DD:DF:E5:E7:DC:B7:37:34:A4:58:A5:8F:54:BA:12:6E:52:7D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 7759121D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Zo_d3-Xn3Lc3NKRYpY9UuhJuUn0.roa
Signing time: Thu 31 Mar 2022 23:09:56 +0000
ROA not before: Thu 31 Mar 2022 23:09:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2002326045 (0x7759121d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 31 23:09:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=668fdddfe5e7dcb73734a458a58f54ba126e527d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d2:43:37:4f:54:4b:67:d9:a8:d3:60:0f:a0:
c9:f9:8c:52:d4:b6:c2:e1:32:d7:d8:8e:5f:d1:b3:
76:f2:e3:a7:2f:7f:7d:08:c4:07:e2:4d:57:ea:4d:
f0:c5:f5:9d:00:9c:27:c3:07:97:06:4e:d8:a3:48:
b0:9b:03:be:36:53:5e:96:23:8a:53:4d:07:b1:b8:
69:54:b4:8b:3b:93:bd:22:52:77:d1:70:39:32:09:
2c:1b:ea:69:5a:76:5a:31:27:ff:2c:83:b7:ba:b5:
d0:db:de:a6:40:af:71:9d:8c:e8:ae:57:fc:7e:8c:
7c:a8:1c:e5:e1:de:ee:ff:a6:a4:0b:49:4c:55:82:
3f:a1:a2:b9:98:98:f0:e3:81:be:a6:a5:33:bb:1d:
c6:88:8e:4c:57:b9:b5:92:b7:dd:18:d1:54:dc:f8:
3f:c6:ac:5a:1c:57:22:b1:5a:9f:39:9d:96:c8:83:
e8:47:ea:92:60:3a:c1:f8:87:13:37:4b:c4:df:e4:
cb:9f:3c:bb:5e:6a:69:fc:86:ad:83:f1:38:33:cf:
07:c1:74:de:d9:19:10:96:33:d8:f0:df:2e:e1:c7:
55:5c:94:44:a8:58:ca:aa:18:d6:78:b3:ef:4b:a1:
67:74:30:db:c5:cc:af:c2:63:09:a4:69:e4:36:e3:
62:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:8F:DD:DF:E5:E7:DC:B7:37:34:A4:58:A5:8F:54:BA:12:6E:52:7D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Zo_d3-Xn3Lc3NKRYpY9UuhJuUn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:36:bd:42:89:90:64:e7:20:26:12:3d:bd:a6:9c:b9:b2:6a:
40:03:ae:40:59:ed:d5:b7:07:5b:4a:80:6d:e4:b5:a7:d0:4d:
00:a8:47:02:74:d7:55:8e:1c:a7:92:69:d7:d3:c2:a1:0b:64:
97:ef:ae:87:b0:70:18:a3:41:f9:49:3d:50:67:d5:d1:e4:62:
e8:fc:6f:1c:e9:05:5e:7b:54:e6:26:0a:f5:f8:d8:51:e5:ee:
b6:40:ab:50:bc:a0:b9:ea:7f:e8:23:cd:0a:86:03:c3:4a:d6:
3b:53:24:d7:5d:a5:37:ae:f6:a3:05:08:1c:7e:ce:6b:df:0a:
25:18:ad:af:ad:41:5e:ad:e9:be:41:6a:c4:93:13:2e:b6:83:
f0:f1:aa:aa:40:9d:66:46:7a:27:09:66:c1:8b:6f:09:a0:fb:
10:b6:2f:d3:15:f9:ef:fd:95:79:ec:83:be:cc:87:3e:b4:34:
a1:0a:ff:2f:20:b2:80:ec:79:66:78:8e:5f:89:13:81:4f:3a:
33:67:ff:3a:9f:c1:16:38:6c:09:e4:54:01:e3:4c:6d:49:bd:
a4:c5:0a:6c:95:69:d9:0b:21:67:9e:67:df:d0:10:7d:85:ac:
a1:a5:9c:eb:43:ba:93:7d:ea:cb:f0:8f:0f:06:e3:fb:72:ca:
16:69:50:28
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEd1kSHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMz
MTIzMDk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjY4ZmRkZGZlNWU3
ZGNiNzM3MzRhNDU4YTU4ZjU0YmExMjZlNTI3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3SQzdPVEtn2ajTYA+gyfmMUtS2wuEy19iOX9GzdvLjpy9/
fQjEB+JNV+pN8MX1nQCcJ8MHlwZO2KNIsJsDvjZTXpYjilNNB7G4aVS0izuTvSJS
d9FwOTIJLBvqaVp2WjEn/yyDt7q10NvepkCvcZ2M6K5X/H6MfKgc5eHe7v+mpAtJ
TFWCP6GiuZiY8OOBvqalM7sdxoiOTFe5tZK33RjRVNz4P8asWhxXIrFanzmdlsiD
6EfqkmA6wfiHEzdLxN/ky588u15qafyGrYPxODPPB8F03tkZEJYz2PDfLuHHVVyU
RKhYyqoY1niz70uhZ3Qw28XMr8JjCaRp5DbjYu0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRmj93f5efctzc0pFilj1S6Em5SfTAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L1pvX2QzLVhuM0xjM05LUllwWTlVdWhKdVVuMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBhNr1CiZBk5yAmEj29ppy5smpAA65AWe3Vtwdb
SoBt5LWn0E0AqEcCdNdVjhynkmnX08KhC2SX766HsHAYo0H5ST1QZ9XR5GLo/G8c
6QVee1TmJgr1+NhR5e62QKtQvKC56n/oI80KhgPDStY7UyTXXaU3rvajBQgcfs5r
3wolGK2vrUFerem+QWrEkxMutoPw8aqqQJ1mRnonCWbBi28JoPsQti/TFfnv/ZV5
7IO+zIc+tDShCv8vILKA7HlmeI5fiROBTzozZ/86n8EWOGwJ5FQB40xtSb2kxQps
lWnZCyFnnmff0BB9hayhpZzrQ7qTferL8I8PBuP7csoWaVAo
-----END CERTIFICATE-----
Generated at Thu May 1 23:31:37 2025 by rpki-client