Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cJsX-NeQmqK4LJV8Zx8EF2wyDto.roa
File: cJsX-NeQmqK4LJV8Zx8EF2wyDto.roa (raw, json)
Hash identifier: hpA/OGHK23MVEZnvAvRenQIwsVnKeqCHpt1BMUZQo0g=
Subject key identifier: 70:9B:17:F8:D7:90:9A:A2:B8:2C:95:7C:67:1F:04:17:6C:32:0E:DA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185D2BF19006D194289B8DE3B8EEEF33478
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cJsX-NeQmqK4LJV8Zx8EF2wyDto.roa
Signing time: Sat 21 Jan 2023 05:13:37 +0000
ROA not before: Sat 21 Jan 2023 05:13:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d2:bf:19:00:6d:19:42:89:b8:de:3b:8e:ee:f3:34:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 21 05:13:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=709b17f8d7909aa2b82c957c671f04176c320eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:5e:84:cf:7a:64:c9:f5:4a:42:4b:d9:52:3a:
1e:bc:04:d4:c7:ab:b4:45:ed:54:84:0d:9d:51:5e:
53:fe:fa:ba:aa:d5:fa:37:4f:c3:dd:a1:eb:84:ce:
86:4d:cb:d9:95:ca:3e:93:5a:58:aa:f5:7b:aa:2f:
5c:cf:36:cf:fc:0b:3b:ad:a0:79:88:0d:3b:45:1b:
e2:05:09:92:ec:25:f5:e4:1b:6a:c5:0d:de:48:d6:
7a:71:e6:14:94:d4:06:e6:e0:d1:f0:db:a3:9c:6d:
04:01:20:90:fa:97:eb:19:0e:d6:9c:ca:aa:09:c4:
0c:ab:d0:6f:22:d0:b9:ab:f3:17:6a:1a:ac:c2:8b:
99:e4:2c:d8:a5:c0:7b:e2:c6:86:58:c5:bc:61:14:
35:67:1d:e1:c8:4e:48:65:5c:f7:c6:57:d8:1f:e1:
72:8f:eb:21:2e:87:92:07:1f:ef:a6:ce:6e:7e:a3:
9f:75:2c:98:ca:d5:b5:f1:b9:4e:bb:b4:9b:6f:52:
39:84:38:39:49:65:ba:d3:b6:18:ab:9c:1c:cb:e5:
d5:34:59:68:da:c5:e8:34:eb:2a:2c:44:e0:51:b4:
27:3c:f0:3f:41:e6:ac:87:57:eb:eb:a0:33:d9:64:
83:7e:66:32:a5:ae:ad:b5:ff:f2:f8:0f:a0:a5:f9:
68:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:9B:17:F8:D7:90:9A:A2:B8:2C:95:7C:67:1F:04:17:6C:32:0E:DA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cJsX-NeQmqK4LJV8Zx8EF2wyDto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
81:b1:be:45:4f:04:4d:1d:e7:29:ac:f2:e5:6c:6f:b3:eb:a3:
6a:a4:79:64:0d:ab:07:69:64:48:79:ab:8f:52:c8:91:2b:de:
0d:60:1b:87:50:87:2f:67:17:98:27:94:3d:c1:42:79:44:9b:
0f:8b:4f:45:c1:6b:1b:c8:dd:20:6a:50:2c:a0:66:9b:ba:a6:
7f:88:22:92:0e:d1:c7:1d:cc:e1:28:b5:7c:d3:4e:41:0c:7c:
42:b5:e2:24:74:f4:1e:21:58:a9:b5:4b:be:bb:af:5a:9a:af:
2a:ca:ee:1a:e4:7a:d6:f4:58:91:25:f8:f0:d7:70:c0:f1:ea:
71:9b:4c:b8:ee:13:64:b3:9a:dc:58:0a:d1:bd:e9:5b:4f:49:
a6:a2:56:38:67:35:f8:4e:76:18:ee:fb:c7:36:08:7d:78:b1:
eb:0f:09:37:71:a5:7b:c5:ea:2a:75:7e:65:c6:cc:b4:74:62:
01:59:ce:1d:e2:d4:93:88:64:39:c9:85:f2:33:ef:56:0f:7e:
a0:4e:8c:61:20:70:b0:05:40:27:d9:c6:24:ea:30:29:a0:9b:
fb:d9:6e:1f:8e:5b:57:d2:60:46:df:8f:8a:c1:a7:c5:61:b5:
73:f0:08:87:ab:ab:3c:58:53:2d:62:cb:f8:99:9b:b4:38:3d:
f1:48:09:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXSvxkAbRlCibjeO47u8zR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIxMDUxMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDliMTdmOGQ3OTA5YWEyYjgyYzk1N2M2NzFmMDQxNzZjMzIwZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjF6Ez3pkyfVKQkvZUjoevATUx6u0
Re1UhA2dUV5T/vq6qtX6N0/D3aHrhM6GTcvZlco+k1pYqvV7qi9czzbP/As7raB5
iA07RRviBQmS7CX15BtqxQ3eSNZ6ceYUlNQG5uDR8NujnG0EASCQ+pfrGQ7WnMqq
CcQMq9BvItC5q/MXahqswouZ5CzYpcB74saGWMW8YRQ1Zx3hyE5IZVz3xlfYH+Fy
j+shLoeSBx/vps5ufqOfdSyYytW18blOu7Sbb1I5hDg5SWW607YYq5wcy+XVNFlo
2sXoNOsqLETgUbQnPPA/Qeash1fr66Az2WSDfmYypa6ttf/y+A+gpfloGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHCbF/jXkJqiuCyVfGcfBBdsMg7aMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvY0pzWC1OZVFtcUs0TEpWOFp4OEVGMnd5RHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIGxvkVPBE0d5yms8uVs
b7Pro2qkeWQNqwdpZEh5q49SyJEr3g1gG4dQhy9nF5gnlD3BQnlEmw+LT0XBaxvI
3SBqUCygZpu6pn+IIpIO0ccdzOEotXzTTkEMfEK14iR09B4hWKm1S767r1qaryrK
7hrketb0WJEl+PDXcMDx6nGbTLjuE2SzmtxYCtG96VtPSaaiVjhnNfhOdhju+8c2
CH14sesPCTdxpXvF6ip1fmXGzLR0YgFZzh3i1JOIZDnJhfIz71YPfqBOjGEgcLAF
QCfZxiTqMCmgm/vZbh+OW1fSYEbfj4rBp8VhtXPwCIerqzxYUy1iy/iZm7Q4PfFI
CdQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:25:14 2025 by rpki-client