Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aMnHpJwapT5PAW2spnexyUGx8ac.roa
File: aMnHpJwapT5PAW2spnexyUGx8ac.roa (raw, json)
Hash identifier: 3iJvMA4YK4V+kXUH8tJ43fCxDX2NxchiYXRqoaU86io=
Subject key identifier: 68:C9:C7:A4:9C:1A:A5:3E:4F:01:6D:AC:A6:77:B1:C9:41:B1:F1:A7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3C83682EA57E60B7EF1BF3CF57BA3AC3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aMnHpJwapT5PAW2spnexyUGx8ac.roa
Signing time: Mon 28 Aug 2023 14:19:19 +0000
ROA not before: Mon 28 Aug 2023 14:19:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:83:68:2e:a5:7e:60:b7:ef:1b:f3:cf:57:ba:3a:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 14:19:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68c9c7a49c1aa53e4f016daca677b1c941b1f1a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4a:86:6b:52:35:4d:89:b8:44:2e:de:40:19:
52:71:07:5e:95:91:9b:f7:fb:ca:d9:a2:1f:51:65:
83:a2:9a:45:47:f8:44:c1:a6:85:13:67:a6:9c:d5:
78:f3:81:17:17:22:f7:11:f5:0c:20:2f:03:9e:93:
f7:ba:c6:fa:24:e5:13:d3:ae:5c:ee:bf:ac:e3:8c:
3a:10:db:40:96:98:52:1a:bd:f0:8c:14:66:bb:f3:
b8:05:a0:ab:40:b8:c6:d1:97:f4:1c:2f:52:22:56:
af:5f:18:3b:06:70:4e:12:8a:c2:ab:f5:7e:63:74:
67:5f:cd:a9:c1:96:bd:cf:15:16:2e:30:29:8f:84:
e4:9e:a6:da:05:e6:1e:d0:1b:82:f8:bf:ad:ed:37:
97:d1:da:f6:a8:34:81:42:46:51:30:56:5e:71:e9:
c2:28:6f:59:23:31:9f:8c:f9:08:0b:06:2f:f6:76:
5a:cb:14:73:60:2e:65:c6:95:a0:5a:ec:fa:77:51:
25:81:a9:da:f1:d2:e5:92:76:de:12:67:03:6b:73:
32:1d:f3:a6:85:43:bc:2b:91:b1:2d:e3:56:b5:7c:
80:34:e6:1b:ed:49:da:65:06:cf:78:18:c6:1c:9c:
0d:ab:40:40:93:3e:62:71:70:cd:7a:e3:bf:65:8c:
d3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C9:C7:A4:9C:1A:A5:3E:4F:01:6D:AC:A6:77:B1:C9:41:B1:F1:A7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aMnHpJwapT5PAW2spnexyUGx8ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
aa:c4:2f:2a:ba:a6:ed:67:35:7b:41:c8:ee:12:a3:7b:ce:ad:
fb:bf:c9:82:a1:57:78:c9:62:95:9e:f7:74:59:24:b3:4d:75:
0f:bd:b7:05:a8:b8:b9:e7:6e:46:66:f9:78:40:06:7b:ad:e7:
88:99:27:40:07:8f:09:4e:92:7e:9d:b2:c3:e0:bf:d7:8e:78:
7c:b8:8d:c7:f7:33:cb:36:a2:e1:de:ea:03:1d:e8:28:68:67:
5b:48:8f:2d:cd:03:e8:46:c0:3a:12:e5:08:85:c8:8f:bc:3c:
6f:d6:0c:5d:19:7c:95:38:e8:63:e0:09:8d:2d:fd:3e:94:77:
05:55:e6:ef:d7:eb:86:67:09:82:45:0e:81:46:5d:3c:20:3b:
83:8b:0d:a5:53:ab:2f:98:6a:60:18:fc:93:8c:c5:13:4c:c4:
c1:2f:05:53:d1:a4:ad:8a:42:26:d5:42:b8:23:73:0f:1c:82:
7b:38:18:85:3b:8c:91:2f:8d:7d:32:54:36:49:0d:3e:30:51:
f1:f5:84:e5:3b:33:5f:0d:09:41:0e:0c:ba:c7:b7:61:b3:21:
28:3f:be:3c:fe:a5:17:46:0e:94:ec:b2:95:8e:c0:4a:32:17:
ad:9f:19:c3:f5:9e:80:bb:bc:0d:9a:40:57:4e:9c:02:e7:cc:
1a:a9:0c:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo8g2gupX5gt+8b889XujrDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI4MTQxOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGM5YzdhNDljMWFhNTNlNGYwMTZkYWNhNjc3YjFjOTQxYjFmMWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0qGa1I1TYm4RC7eQBlScQdelZGb
9/vK2aIfUWWDoppFR/hEwaaFE2emnNV484EXFyL3EfUMIC8DnpP3usb6JOUT065c
7r+s44w6ENtAlphSGr3wjBRmu/O4BaCrQLjG0Zf0HC9SIlavXxg7BnBOEorCq/V+
Y3RnX82pwZa9zxUWLjApj4TknqbaBeYe0BuC+L+t7TeX0dr2qDSBQkZRMFZecenC
KG9ZIzGfjPkICwYv9nZayxRzYC5lxpWgWuz6d1Elgana8dLlknbeEmcDa3MyHfOm
hUO8K5GxLeNWtXyANOYb7UnaZQbPeBjGHJwNq0BAkz5icXDNeuO/ZYzTfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGjJx6ScGqU+TwFtrKZ3sclBsfGnMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYU1uSHBKd2FwVDVQQVcyc3BuZXh5VUd4OGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKrELyq6pu1nNXtByO4S
o3vOrfu/yYKhV3jJYpWe93RZJLNNdQ+9twWouLnnbkZm+XhABnut54iZJ0AHjwlO
kn6dssPgv9eOeHy4jcf3M8s2ouHe6gMd6ChoZ1tIjy3NA+hGwDoS5QiFyI+8PG/W
DF0ZfJU46GPgCY0t/T6UdwVV5u/X64ZnCYJFDoFGXTwgO4OLDaVTqy+YamAY/JOM
xRNMxMEvBVPRpK2KQibVQrgjcw8cgns4GIU7jJEvjX0yVDZJDT4wUfH1hOU7M18N
CUEODLrHt2GzISg/vjz+pRdGDpTsspWOwEoyF62fGcP1noC7vA2aQFdOnALnzBqp
DL4=
-----END CERTIFICATE-----
Generated at Fri May 2 21:35:54 2025 by rpki-client