Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aT_841qLqPeJTq95pgkBhugqtj8.roa
File: aT_841qLqPeJTq95pgkBhugqtj8.roa (raw, json)
Hash identifier: Nn+rrWpwi7yAUCBag5bcaafOimNnCE10aaAQCn85LXU=
Subject key identifier: 69:3F:FC:E3:5A:8B:A8:F7:89:4E:AF:79:A6:09:01:86:E8:2A:B6:3F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018568836E64C6532D5A5FF5687400BD4AA6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aT_841qLqPeJTq95pgkBhugqtj8.roa
Signing time: Sat 31 Dec 2022 14:08:41 +0000
ROA not before: Sat 31 Dec 2022 14:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:68:83:6e:64:c6:53:2d:5a:5f:f5:68:74:00:bd:4a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 31 14:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=693ffce35a8ba8f7894eaf79a6090186e82ab63f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3b:02:1c:77:a8:ea:54:16:87:03:0a:33:bb:
81:61:e8:94:8d:bc:8c:1c:85:34:78:7a:44:3b:94:
90:9d:24:9b:54:df:5f:10:7b:52:52:a8:0a:31:68:
40:41:e8:77:2e:29:46:92:4b:0d:0b:82:21:a9:76:
26:33:4f:bd:c2:cc:4d:19:4a:81:e9:22:46:6d:b9:
d8:75:a4:c1:1a:8b:34:1b:7c:8e:d7:fd:5e:12:c6:
c4:e8:e6:dd:17:02:4e:7b:38:a3:c0:ac:a0:32:a5:
f2:73:75:98:9d:a2:75:47:00:9a:14:0c:cc:f3:44:
d9:53:f8:3e:ad:eb:95:2a:ad:83:23:3a:9e:5e:68:
73:77:3e:86:91:08:dc:ac:93:80:f2:6e:4c:18:f2:
75:be:01:8e:d1:42:1f:ac:a9:0c:75:e1:15:f2:8a:
73:b4:17:33:7f:1d:45:7e:55:03:e4:76:ee:08:76:
01:19:29:48:3b:47:41:28:c8:49:ce:71:ec:b1:f2:
a5:66:3a:52:70:84:50:62:ce:3b:48:fe:98:cf:fd:
6b:7c:ad:f1:2d:e1:bd:37:84:bd:cf:23:f1:f2:0f:
01:fa:a5:fd:b2:66:4c:ee:ef:9d:cc:77:67:1d:f1:
cd:e5:92:93:71:e1:0c:93:82:89:be:f8:e6:a6:cc:
3c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3F:FC:E3:5A:8B:A8:F7:89:4E:AF:79:A6:09:01:86:E8:2A:B6:3F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aT_841qLqPeJTq95pgkBhugqtj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:71:bd:bd:8d:21:b0:11:bf:9c:39:5b:ca:e0:36:29:2f:65:
78:b2:de:9d:52:01:bc:44:a0:a2:e0:f2:c6:86:cd:01:5a:30:
89:95:4f:b8:b6:89:ae:66:10:02:1d:0b:53:8a:89:54:a3:42:
9f:b2:57:07:e9:2c:58:a1:39:96:89:0b:c7:65:e6:64:aa:c2:
fa:dd:f0:73:92:06:fa:c9:a0:54:a4:98:f2:96:09:d5:42:fc:
5c:46:1e:11:6d:e8:5b:ba:ac:c2:67:bc:d5:db:74:b5:b1:a5:
ca:61:cb:c2:bb:41:ff:2e:ed:89:6b:66:5b:39:1c:c8:52:ad:
50:d9:75:7d:fc:84:de:3e:e7:cd:43:5f:98:10:2c:93:07:2f:
3a:58:21:55:bf:b3:e1:0e:89:8e:e4:2a:58:df:e8:44:94:4c:
d5:78:5a:a5:ba:e7:f9:13:4f:ee:b6:06:e4:2c:97:e8:78:1c:
0e:ab:21:f4:de:f6:e3:50:45:97:58:a8:5a:d6:7b:94:9c:f8:
33:d7:1d:8c:4a:99:81:62:c9:4b:68:43:3a:e9:9a:e7:b5:ce:
5d:22:cf:d0:00:88:6f:d9:34:70:96:53:d6:d2:2c:ac:bf:75:
68:09:a9:f3:d3:35:e5:44:1f:7f:26:bc:85:47:7b:9b:b5:7a:
b7:05:e6:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVog25kxlMtWl/1aHQAvUqmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMxMTQwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTNmZmNlMzVhOGJhOGY3ODk0ZWFmNzlhNjA5MDE4NmU4MmFiNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDsCHHeo6lQWhwMKM7uBYeiUjbyM
HIU0eHpEO5SQnSSbVN9fEHtSUqgKMWhAQeh3LilGkksNC4IhqXYmM0+9wsxNGUqB
6SJGbbnYdaTBGos0G3yO1/1eEsbE6ObdFwJOezijwKygMqXyc3WYnaJ1RwCaFAzM
80TZU/g+reuVKq2DIzqeXmhzdz6GkQjcrJOA8m5MGPJ1vgGO0UIfrKkMdeEV8opz
tBczfx1FflUD5HbuCHYBGSlIO0dBKMhJznHssfKlZjpScIRQYs47SP6Yz/1rfK3x
LeG9N4S9zyPx8g8B+qX9smZM7u+dzHdnHfHN5ZKTceEMk4KJvvjmpsw8WwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGk//ONai6j3iU6veaYJAYboKrY/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYVRfODQxcUxxUGVKVHE5NXBna0JodWdxdGo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKtxvb2NIbARv5w5W8rg
NikvZXiy3p1SAbxEoKLg8saGzQFaMImVT7i2ia5mEAIdC1OKiVSjQp+yVwfpLFih
OZaJC8dl5mSqwvrd8HOSBvrJoFSkmPKWCdVC/FxGHhFt6Fu6rMJnvNXbdLWxpcph
y8K7Qf8u7YlrZls5HMhSrVDZdX38hN4+581DX5gQLJMHLzpYIVW/s+EOiY7kKljf
6ESUTNV4WqW65/kTT+62BuQsl+h4HA6rIfTe9uNQRZdYqFrWe5Sc+DPXHYxKmYFi
yUtoQzrpmue1zl0iz9AAiG/ZNHCWU9bSLKy/dWgJqfPTNeVEH38mvIVHe5u1ercF
5mo=
-----END CERTIFICATE-----
Generated at Fri May 2 09:11:59 2025 by rpki-client