Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/af9xO5mOcTKHhtW8VU-HvpdDu1g.roa
File: af9xO5mOcTKHhtW8VU-HvpdDu1g.roa (raw, json)
Hash identifier: svY/RKCUrh5nVa585Zws/R0YObZDqgu3khnEDatzzOo=
Subject key identifier: 69:FF:71:3B:99:8E:71:32:87:86:D5:BC:55:4F:87:BE:97:43:BB:58
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185F1A1C2260B7E2AF44B5A1D67256962CE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/af9xO5mOcTKHhtW8VU-HvpdDu1g.roa
Signing time: Fri 27 Jan 2023 05:09:48 +0000
ROA not before: Fri 27 Jan 2023 05:09:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f1:a1:c2:26:0b:7e:2a:f4:4b:5a:1d:67:25:69:62:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 27 05:09:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69ff713b998e71328786d5bc554f87be9743bb58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:db:68:b6:d7:19:6b:d7:a8:82:3f:92:6e:51:
0f:45:f5:f4:45:d7:c9:64:05:d5:b5:d8:fc:0c:d8:
0a:e1:65:03:20:b2:16:6f:56:c4:4c:c1:74:e5:39:
d4:d5:40:3b:2e:a7:29:03:93:7e:b4:1d:d4:06:c1:
75:48:fa:22:ea:c9:0d:42:f7:4c:c6:24:45:2b:d0:
13:8d:6a:4b:b0:f3:18:a7:3b:db:af:f4:ca:2e:47:
86:c8:02:6c:24:05:64:c6:60:99:88:4d:8e:d9:e3:
43:4e:78:85:5f:f1:bc:68:01:7a:9d:00:9f:cd:8a:
fa:44:0a:5d:96:c6:39:1c:46:af:26:5e:37:04:2f:
2b:45:25:a9:eb:80:1e:45:ec:ed:64:60:f6:ff:a5:
4f:8f:37:52:73:a6:b2:c0:27:6a:ef:db:c4:7c:a0:
a4:71:52:42:14:97:53:2d:ba:fe:5c:06:0f:14:7e:
68:bd:16:92:c6:8a:f7:b7:4b:56:05:84:5e:ad:51:
aa:30:72:79:df:d3:6d:22:0e:3a:ab:d2:92:47:68:
54:32:d3:35:e0:33:77:a6:08:4b:86:7c:1b:3c:65:
5f:91:d2:ae:84:d9:94:95:02:cf:04:b1:2f:7a:00:
91:3a:39:cd:53:55:03:ec:e1:de:b1:48:ff:a1:6a:
10:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FF:71:3B:99:8E:71:32:87:86:D5:BC:55:4F:87:BE:97:43:BB:58
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/af9xO5mOcTKHhtW8VU-HvpdDu1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:53:21:4a:98:7a:cd:50:12:b5:00:58:b1:11:d7:97:de:c9:
40:57:44:d7:23:7b:81:6a:93:27:9e:85:6e:9c:08:01:6c:6b:
ad:3f:30:81:02:31:d9:02:dc:70:e4:68:e1:bc:9c:16:71:50:
3c:d9:c1:54:89:9b:59:9e:53:4f:30:b7:22:7f:bc:c3:8a:7d:
05:01:49:3e:6d:28:0a:1a:6f:71:3f:3f:45:14:23:78:23:e3:
82:82:fb:9b:50:96:c7:c8:dd:4c:77:77:b8:e0:8c:94:fd:45:
46:09:b2:41:f0:1a:a5:ff:81:29:98:82:79:6e:92:51:85:71:
99:79:1c:f9:23:3d:25:2e:a6:85:51:3b:2d:34:25:3e:fd:a4:
c6:b4:7f:d0:d9:cd:04:d8:6a:af:b9:61:7d:38:a4:b8:6f:5c:
c5:b1:97:cf:79:45:c3:70:56:8d:6b:b8:57:ee:f6:6d:f8:40:
3e:97:1d:09:f2:8f:5f:00:92:f1:f8:70:86:54:17:c7:3e:fc:
ca:a0:82:82:68:e5:a9:ea:31:7c:35:4f:e1:4d:bd:81:e9:da:
e9:5e:df:ba:28:05:69:74:17:fc:42:4e:99:02:4c:22:7e:4f:
6f:82:7d:20:2e:23:a6:8a:6f:cf:e2:f6:0f:dd:2a:0e:f6:1e:
d7:d1:21:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXxocImC34q9EtaHWclaWLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI3MDUwOTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWZmNzEzYjk5OGU3MTMyODc4NmQ1YmM1NTRmODdiZTk3NDNiYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnttottcZa9eogj+SblEPRfX0RdfJ
ZAXVtdj8DNgK4WUDILIWb1bETMF05TnU1UA7LqcpA5N+tB3UBsF1SPoi6skNQvdM
xiRFK9ATjWpLsPMYpzvbr/TKLkeGyAJsJAVkxmCZiE2O2eNDTniFX/G8aAF6nQCf
zYr6RApdlsY5HEavJl43BC8rRSWp64AeReztZGD2/6VPjzdSc6aywCdq79vEfKCk
cVJCFJdTLbr+XAYPFH5ovRaSxor3t0tWBYRerVGqMHJ539NtIg46q9KSR2hUMtM1
4DN3pghLhnwbPGVfkdKuhNmUlQLPBLEvegCROjnNU1UD7OHesUj/oWoQMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGn/cTuZjnEyh4bVvFVPh76XQ7tYMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYWY5eE81bU9jVEtIaHRXOFZVLUh2cGREdTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE9TIUqYes1QErUAWLER
15feyUBXRNcje4FqkyeehW6cCAFsa60/MIECMdkC3HDkaOG8nBZxUDzZwVSJm1me
U08wtyJ/vMOKfQUBST5tKAoab3E/P0UUI3gj44KC+5tQlsfI3Ux3d7jgjJT9RUYJ
skHwGqX/gSmYgnluklGFcZl5HPkjPSUupoVROy00JT79pMa0f9DZzQTYaq+5YX04
pLhvXMWxl895RcNwVo1ruFfu9m34QD6XHQnyj18AkvH4cIZUF8c+/MqggoJo5anq
MXw1T+FNvYHp2ule37ooBWl0F/xCTpkCTCJ+T2+CfSAuI6aKb8/i9g/dKg72HtfR
Iao=
-----END CERTIFICATE-----
Generated at Thu May 1 17:59:44 2025 by rpki-client