Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_rk-dk1YFvF-RXaNXk9kvu1AJB0.roa
File: _rk-dk1YFvF-RXaNXk9kvu1AJB0.roa (raw, json)
Hash identifier: 25lqxAoaLqE9+CIQTFaLABAe/b9KjB8Mx8hyJpdAXRg=
Subject key identifier: FE:B9:3E:76:4D:58:16:F1:7E:45:76:8D:5E:4F:64:BE:ED:40:24:1D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 829867EC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_rk-dk1YFvF-RXaNXk9kvu1AJB0.roa
Signing time: Mon 09 May 2022 20:11:45 +0000
ROA not before: Mon 09 May 2022 20:11:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2191026156 (0x829867ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 9 20:11:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=feb93e764d5816f17e45768d5e4f64beed40241d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d0:a1:e0:99:99:c0:46:66:d8:1b:90:2a:ec:
8c:55:41:7c:91:42:d5:9f:55:1b:d2:18:63:77:c6:
33:81:b4:be:a8:a2:08:9a:51:a2:9c:7f:d5:f5:29:
85:4d:bc:84:0d:2e:2b:26:97:f2:18:cb:af:f3:61:
8f:bd:76:e0:95:6b:b8:c4:a1:f8:db:78:79:46:7c:
00:e6:f5:17:db:b6:82:a7:a0:cd:68:ea:83:c2:93:
83:08:9b:bc:c7:67:74:aa:c3:91:75:fa:5a:4b:26:
62:96:d6:6c:71:a0:75:5a:35:da:da:fc:51:ba:d5:
b0:c9:69:3a:1d:8b:c8:ac:3b:a7:03:23:4e:ff:c5:
d2:5b:27:26:59:f2:28:4f:f8:a9:a7:7d:e6:e8:86:
59:4c:a7:ae:74:c3:6b:50:25:c9:27:86:dd:6f:7c:
b7:ff:9f:8b:94:1b:78:73:81:1c:08:ca:6b:86:65:
1e:74:4d:64:13:2b:39:1b:d7:93:ea:6f:4e:1d:dc:
61:38:b2:15:fe:55:7a:9a:39:d0:52:af:b0:5d:f7:
5b:5e:73:0e:b1:69:b8:58:e4:c2:62:7c:ca:72:40:
73:43:d9:59:b2:e2:f3:ca:1a:2a:9a:2f:56:73:c5:
ea:da:12:ef:47:59:6f:70:8d:4c:0b:00:93:d8:79:
8b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B9:3E:76:4D:58:16:F1:7E:45:76:8D:5E:4F:64:BE:ED:40:24:1D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/_rk-dk1YFvF-RXaNXk9kvu1AJB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:2f:f0:84:c0:57:7e:d7:7c:8e:c4:6c:73:ca:df:25:98:85:
3d:1f:dc:bc:92:f4:9a:a8:7c:91:d6:ca:8f:ae:b5:1c:0b:31:
e0:34:73:46:cc:f7:18:8b:fe:5e:e5:2d:82:2f:30:11:93:e8:
48:1f:ce:7d:97:53:4f:8c:53:1a:a2:b9:a6:d1:69:fb:eb:3b:
a2:00:49:d2:fb:aa:37:4d:f3:90:7a:ba:88:bc:c1:a7:67:d2:
4c:67:e3:73:d3:af:59:91:3b:15:09:88:94:f8:5d:27:1f:57:
ec:af:49:b0:11:a6:ec:3c:34:ab:b4:60:c6:cb:f6:0a:59:e5:
f2:c0:76:9d:79:fa:ef:1c:aa:a2:9a:02:83:12:2a:10:dc:f3:
29:22:af:34:09:9b:5a:f4:15:a9:f4:fd:8b:3a:dd:b3:c6:84:
ea:79:c8:eb:88:50:04:b4:de:2b:60:61:16:c1:50:22:56:4a:
c0:87:5f:ef:87:6b:73:df:1d:45:da:3c:0d:c4:ea:85:79:a9:
58:4c:bc:80:1a:5e:90:d0:63:54:88:6b:98:60:eb:49:a8:c2:
56:66:ea:f3:16:d4:af:82:e6:05:81:81:91:e6:d4:ef:f4:9b:
3e:a2:95:5f:f6:0f:43:3c:e1:c0:db:17:b0:ef:e3:5e:3d:45:
c5:d2:7c:14
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIKYZ+wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MDkyMDExNDVaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGZlYjkzZTc2NGQ1
ODE2ZjE3ZTQ1NzY4ZDVlNGY2NGJlZWQ0MDI0MWQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDW0KHgmZnARmbYG5Aq7IxVQXyRQtWfVRvSGGN3xjOBtL6o
ogiaUaKcf9X1KYVNvIQNLisml/IYy6/zYY+9duCVa7jEofjbeHlGfADm9RfbtoKn
oM1o6oPCk4MIm7zHZ3Sqw5F1+lpLJmKW1mxxoHVaNdra/FG61bDJaTodi8isO6cD
I07/xdJbJyZZ8ihP+KmnfebohllMp650w2tQJcknht1vfLf/n4uUG3hzgRwIymuG
ZR50TWQTKzkb15Pqb04d3GE4shX+VXqaOdBSr7Bd91tecw6xabhY5MJifMpyQHND
2Vmy4vPKGiqaL1ZzxeraEu9HWW9wjUwLAJPYeYvnAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQU/rk+dk1YFvF+RXaNXk9kvu1AJB0wHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9fcmstZGsxWUZ2Ri1SWGFOWGs5a3Z1MUFKQjAucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEADS/whMBXftd8jsRsc8rfJZiFPR/cvJL0mqh8
kdbKj661HAsx4DRzRsz3GIv+XuUtgi8wEZPoSB/OfZdTT4xTGqK5ptFp++s7ogBJ
0vuqN03zkHq6iLzBp2fSTGfjc9OvWZE7FQmIlPhdJx9X7K9JsBGm7Dw0q7Rgxsv2
Clnl8sB2nXn67xyqopoCgxIqENzzKSKvNAmbWvQVqfT9izrds8aE6nnI64hQBLTe
K2BhFsFQIlZKwIdf74drc98dRdo8DcTqhXmpWEy8gBpekNBjVIhrmGDrSajCVmbq
8xbUr4LmBYGBkebU7/SbPqKVX/YPQzzhwNsXsO/jXj1FxdJ8FA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 19:49:17 2025 by rpki-client