Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aq1LXUjxbugsvTpCctvvdPOQQfQ.roa
File: aq1LXUjxbugsvTpCctvvdPOQQfQ.roa (raw, json)
Hash identifier: LsO3wxOILu5mv/2jTpXkDeCrplMaFrVoYekGQcllNPQ=
Subject key identifier: 6A:AD:4B:5D:48:F1:6E:E8:2C:BD:3A:42:72:DB:EF:74:F3:90:41:F4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018995BCD36C6A3663E579FE073049BF580B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aq1LXUjxbugsvTpCctvvdPOQQfQ.roa
Signing time: Thu 27 Jul 2023 05:05:27 +0000
ROA not before: Thu 27 Jul 2023 05:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:95bc:2482/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:95:bc:d3:6c:6a:36:63:e5:79:fe:07:30:49:bf:58:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 27 05:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aad4b5d48f16ee82cbd3a4272dbef74f39041f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3c:e2:ac:2d:ac:8f:6b:ca:52:06:c2:4c:df:
7b:4b:8e:e7:93:df:d6:91:c6:07:99:0a:b1:ee:c8:
76:34:b9:72:64:5c:63:42:e1:72:41:9b:36:fc:be:
79:15:39:e4:80:33:4a:b9:54:8d:5d:9b:e4:99:cd:
82:97:30:ec:a9:3a:ef:36:96:ec:76:78:04:fc:6e:
8f:30:b0:c4:b5:aa:00:0d:97:ba:eb:07:bb:de:06:
89:98:bc:66:8a:16:d3:b6:bd:82:54:88:6a:ce:21:
f4:34:74:a7:3f:3c:77:b9:49:fa:3c:83:dd:35:d5:
d8:33:ad:4d:04:d7:37:52:a3:7d:cf:b8:7e:4a:2d:
99:ae:ff:14:37:6f:3f:2d:2b:62:58:51:30:47:11:
12:7f:f4:3c:64:22:ac:32:88:d6:ed:9d:4f:81:c0:
69:ac:18:93:fd:41:97:34:8b:2e:18:db:b1:43:05:
67:bc:33:8d:9b:bd:3f:e0:fd:bd:02:6d:37:77:ca:
0e:53:d6:f7:4c:8d:56:69:0c:69:7a:3c:58:30:7c:
0f:62:ce:5d:cf:c2:3c:f1:fc:8f:21:40:0e:75:71:
29:2a:2a:35:56:97:d0:6d:ca:68:37:1c:ea:c8:a6:
6e:0d:e6:05:b3:01:6a:27:b3:28:5c:c8:14:06:7b:
df:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:AD:4B:5D:48:F1:6E:E8:2C:BD:3A:42:72:DB:EF:74:F3:90:41:F4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aq1LXUjxbugsvTpCctvvdPOQQfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:90:48:88:76:2a:94:80:83:ac:04:c8:b9:67:69:3f:6a:5f:
5c:c1:b1:24:c1:df:17:79:94:ae:b3:72:3d:6b:9f:d0:15:e0:
a3:2a:4e:d7:7d:be:e1:04:6f:85:1e:fe:52:ed:58:f0:82:64:
e1:91:ca:b8:bf:4e:32:90:68:47:68:b7:10:4a:00:e7:f1:ec:
b4:00:8e:18:3e:0f:7e:59:8f:31:7f:d4:db:e0:2c:c1:66:25:
0c:47:47:70:e7:a0:0b:87:2b:1f:1c:ba:f1:35:fe:08:54:35:
3a:5e:71:25:d0:b4:13:6f:7f:f3:93:fd:ba:4b:53:24:c1:7c:
c4:0a:99:4c:dd:97:26:1c:be:e2:79:2a:a6:2d:8d:b4:66:79:
35:ed:e3:a9:a5:06:06:57:76:76:74:c2:08:af:da:3c:81:4d:
17:d7:e7:db:67:a5:c1:87:61:46:1c:1b:0f:d3:aa:22:d4:7a:
ae:3d:84:2d:f8:dd:49:4b:c8:22:c1:ee:14:6e:6a:13:a8:c4:
0c:91:cf:9c:23:a0:b0:68:7e:e5:5a:9b:d3:88:bf:d9:c8:69:
0d:31:12:61:63:bc:f4:b6:7a:b5:8a:3a:c7:0e:37:dc:c9:fa:
f7:f4:b8:a6:c0:e7:58:61:20:5b:f0:2f:6f:3e:6f:20:44:02:
9b:23:28:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmVvNNsajZj5Xn+BzBJv1gLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI3MDUwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWFkNGI1ZDQ4ZjE2ZWU4MmNiZDNhNDI3MmRiZWY3NGYzOTA0MWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjzirC2sj2vKUgbCTN97S47nk9/W
kcYHmQqx7sh2NLlyZFxjQuFyQZs2/L55FTnkgDNKuVSNXZvkmc2ClzDsqTrvNpbs
dngE/G6PMLDEtaoADZe66we73gaJmLxmihbTtr2CVIhqziH0NHSnPzx3uUn6PIPd
NdXYM61NBNc3UqN9z7h+Si2Zrv8UN28/LStiWFEwRxESf/Q8ZCKsMojW7Z1PgcBp
rBiT/UGXNIsuGNuxQwVnvDONm70/4P29Am03d8oOU9b3TI1WaQxpejxYMHwPYs5d
z8I88fyPIUAOdXEpKio1VpfQbcpoNxzqyKZuDeYFswFqJ7MoXMgUBnvfCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGqtS11I8W7oLL06QnLb73TzkEH0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYXExTFhVanhidWdzdlRwQ2N0dnZkUE9RUWZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIqQSIh2KpSAg6wEyLln
aT9qX1zBsSTB3xd5lK6zcj1rn9AV4KMqTtd9vuEEb4Ue/lLtWPCCZOGRyri/TjKQ
aEdotxBKAOfx7LQAjhg+D35ZjzF/1NvgLMFmJQxHR3DnoAuHKx8cuvE1/ghUNTpe
cSXQtBNvf/OT/bpLUyTBfMQKmUzdlyYcvuJ5KqYtjbRmeTXt46mlBgZXdnZ0wgiv
2jyBTRfX59tnpcGHYUYcGw/TqiLUeq49hC343UlLyCLB7hRuahOoxAyRz5wjoLBo
fuVam9OIv9nIaQ0xEmFjvPS2erWKOscON9zJ+vf0uKbA51hhIFvwL28+byBEApsj
KDw=
-----END CERTIFICATE-----
Generated at Sat May 3 10:40:45 2025 by rpki-client