Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/apIqFrC-oURMiXbKcisg1bIavA4.roa
File: apIqFrC-oURMiXbKcisg1bIavA4.roa (raw, json)
Hash identifier: B1cR7NBpHYPL2KQMtPm5V+0Woam1Ecx4RpxMty9s5KA=
Subject key identifier: 6A:92:2A:16:B0:BE:A1:44:4C:89:76:CA:72:2B:20:D5:B2:1A:BC:0E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A27FFF2269C55EDC2B4BA790B19162E19
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/apIqFrC-oURMiXbKcisg1bIavA4.roa
Signing time: Thu 24 Aug 2023 14:43:19 +0000
ROA not before: Thu 24 Aug 2023 14:43:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:27:ff:f2:26:9c:55:ed:c2:b4:ba:79:0b:19:16:2e:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 24 14:43:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a922a16b0bea1444c8976ca722b20d5b21abc0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:70:a2:3b:9a:c3:0f:56:b5:cf:7b:b0:34:47:
7a:57:32:c9:24:df:8f:72:c0:ae:d9:90:c4:7d:80:
01:d8:c3:f0:f8:02:e6:05:1c:40:8e:cf:72:12:cd:
17:34:72:68:42:5e:15:da:be:ad:e4:0d:36:b3:47:
31:24:af:92:65:1e:7a:46:00:bd:d3:8c:83:28:70:
5d:d8:1d:53:d5:d2:10:e4:92:ae:89:c0:bb:48:3c:
c3:7f:33:fd:41:65:26:54:de:80:f4:c7:4f:e2:77:
8c:73:dc:e9:eb:74:dd:88:cf:ab:8f:41:76:78:4e:
64:4c:54:25:65:5a:ff:4a:63:c1:66:2a:aa:a3:85:
9e:e8:9f:eb:5c:85:07:40:ff:f6:ad:7c:15:c7:2b:
e2:2f:6c:4a:fb:fe:3e:6d:54:1e:70:ff:d2:3b:7f:
0a:48:92:7d:55:ff:8c:4a:0a:cf:cd:fe:47:80:d5:
8f:26:bb:a8:33:26:e2:46:e5:46:ae:74:8e:df:25:
f0:32:4c:32:8f:a1:f1:f5:4c:98:1d:1c:be:0c:c8:
52:74:19:93:83:eb:ea:a7:ba:1e:90:96:37:b5:bd:
7d:74:5b:b3:af:4c:81:34:88:4e:f8:6b:2f:e3:f0:
be:3d:63:b5:8e:0d:80:cb:73:ec:e5:93:13:4c:e7:
34:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:92:2A:16:B0:BE:A1:44:4C:89:76:CA:72:2B:20:D5:B2:1A:BC:0E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/apIqFrC-oURMiXbKcisg1bIavA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:a5:3c:6e:54:01:98:04:10:ac:cb:b2:e1:55:78:1d:8f:1e:
2c:5a:f7:e6:05:68:a2:95:56:ac:ab:dd:99:94:90:94:74:00:
66:ae:7b:35:af:6b:51:f9:44:e6:86:2d:3c:51:80:7f:dc:33:
26:57:56:17:c4:b9:80:3b:87:f1:04:aa:44:d5:c3:76:86:52:
31:e8:4e:2b:44:34:bf:74:60:cb:7f:e3:c1:2e:e4:e6:d1:f7:
1d:35:cd:78:40:a7:71:74:15:88:94:ce:1a:7e:4b:fa:0b:ce:
d6:db:85:a7:fd:d2:6d:9c:a0:76:c1:01:54:d2:ac:fe:aa:d5:
e9:d7:8c:78:d1:01:9a:bd:29:ba:c3:7a:86:46:ce:14:a4:95:
d8:c7:3c:2e:09:d8:cc:11:27:d0:96:66:62:0f:09:5d:f2:99:
36:91:53:01:33:62:ea:e0:e0:a4:a8:35:9f:1f:e2:0d:75:50:
26:95:9c:85:f4:4f:6a:ea:46:6f:31:ba:75:65:ee:c7:75:2d:
f0:46:66:25:1d:01:1a:cb:6a:3c:f7:b6:59:9e:fd:13:94:0e:
35:9e:b3:51:b0:08:e3:d0:a3:ae:e8:64:01:61:3a:2f:68:25:
93:68:e9:98:49:5f:f5:23:79:b3:68:c4:df:ff:ef:d3:98:d5:
2e:41:2a:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYon//ImnFXtwrS6eQsZFi4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI0MTQ0MzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTkyMmExNmIwYmVhMTQ0NGM4OTc2Y2E3MjJiMjBkNWIyMWFiYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXCiO5rDD1a1z3uwNEd6VzLJJN+P
csCu2ZDEfYAB2MPw+ALmBRxAjs9yEs0XNHJoQl4V2r6t5A02s0cxJK+SZR56RgC9
04yDKHBd2B1T1dIQ5JKuicC7SDzDfzP9QWUmVN6A9MdP4neMc9zp63TdiM+rj0F2
eE5kTFQlZVr/SmPBZiqqo4We6J/rXIUHQP/2rXwVxyviL2xK+/4+bVQecP/SO38K
SJJ9Vf+MSgrPzf5HgNWPJruoMybiRuVGrnSO3yXwMkwyj6Hx9UyYHRy+DMhSdBmT
g+vqp7oekJY3tb19dFuzr0yBNIhO+Gsv4/C+PWO1jg2Ay3Ps5ZMTTOc02wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGqSKhawvqFETIl2ynIrINWyGrwOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYXBJcUZyQy1vVVJNaVhiS2Npc2cxYklhdkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFilPG5UAZgEEKzLsuFV
eB2PHixa9+YFaKKVVqyr3ZmUkJR0AGauezWva1H5ROaGLTxRgH/cMyZXVhfEuYA7
h/EEqkTVw3aGUjHoTitENL90YMt/48Eu5ObR9x01zXhAp3F0FYiUzhp+S/oLztbb
haf90m2coHbBAVTSrP6q1enXjHjRAZq9KbrDeoZGzhSkldjHPC4J2MwRJ9CWZmIP
CV3ymTaRUwEzYurg4KSoNZ8f4g11UCaVnIX0T2rqRm8xunVl7sd1LfBGZiUdARrL
ajz3tlme/ROUDjWes1GwCOPQo67oZAFhOi9oJZNo6ZhJX/UjebNoxN//79OY1S5B
KkU=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:56:22 2025 by rpki-client